Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Testing and Improving the Security of a Mobile Application
Linköping University, Department of Computer and Information Science.
Linköping University, Department of Computer and Information Science.
2019 (English)Independent thesis Basic level (degree of Bachelor), 10,5 credits / 16 HE creditsStudent thesisAlternative title
Testning och förbättring av säkerheten i en mobilapplikation (Swedish)
Abstract [en]

When making new software systems, security testing should always be included in the process. In this thesis, attacks were identified and performed against a system consisting of two servers and an Android application. A penetration test was also performed against parts of the system. If an attack was successful, this was considered a vulnerability. The attacks that were identified and performed were a NoSQL injection attack a man-in-the-middle attack and reverse engineering. Through the man-in-the-middle attack and reverse engineering, breaching security properties such as confidentiality and integrity was possible. The NoSQL injection attack was not successful in breaching neither. No results from these could be used to exploit the system further. Countermeasures were taken to secure against the discovered vulnerabilities, and new instances of the attacks were performed after this as well. The overall conclusion is that the system is now secure against our implementations of the attacks performed in this thesis.

Place, publisher, year, edition, pages
2019. , p. 42
Keywords [en]
security testing, android, mobile application, penetration testing, attack
National Category
Computer and Information Sciences Computer Sciences
Identifiers
URN: urn:nbn:se:liu:diva-157742ISRN: LIU-IDA/LITH-EX-G--19/029—SEOAI: oai:DiVA.org:liu-157742DiVA, id: diva2:1327757
Subject / course
Information Technology
Supervisors
Examiners
Available from: 2019-06-24 Created: 2019-06-19 Last updated: 2019-06-24Bibliographically approved

Open Access in DiVA

fulltext(2934 kB)63 downloads
File information
File name FULLTEXT01.pdfFile size 2934 kBChecksum SHA-512
f8f1d117d2f0063b1c7cc8bc264d98c6a261c3a42aaaacd8e4304458b5d55ae4c3cebf29bac0234ebe753e186c1de5203c47313a2c86fcb3facfe1307c47af2d
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Gyulai, SofiaHolmgren, William
By organisation
Department of Computer and Information Science
Computer and Information SciencesComputer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 63 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 84 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf