Change search
ReferencesLink to record
Permanent link

Direct link
An Application Security Assessment of Popular Free Android Applications
Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, Department of Computer and Information Science.
2013 (English)MasteroppgaveStudent thesis
Abstract [en]

The number of applications for the Android platform found on Google Play is now over 1 million and there are over 1.5 billion downloads each month . With a low cost of entry the Android platform attracts developers many of which do not have the necessary competence or experience to develop secure applications. We assess 20 Android applications using a custom testing methodology based on the OWASP Mobile Project and look for common vulnerabilities. We decompile applications using Dare and review the source code manually as well as using static and dynamic analysis to look for vulnerabilities. We also evaluate existing vulnerability classifications and argue which ones are most fitting to apply to Android vulnerabilities for educational and research purposes. We then categorize our findings according to OWASP Mobile Top 10 and present mitigation strategies for each category as a whole. Finally, we argue the implications of the vulnerabilities to end-users.

Place, publisher, year, edition, pages
Institutt for datateknikk og informasjonsvitenskap , 2013. , 76 p.
URN: urn:nbn:no:ntnu:diva-23820Local ID: ntnudaim:8958OAI: diva2:688112
Available from: 2014-01-15 Created: 2014-01-15 Last updated: 2014-01-15Bibliographically approved

Open Access in DiVA

fulltext(960 kB)304 downloads
File information
File name FULLTEXT01.pdfFile size 960 kBChecksum SHA-512
Type fulltextMimetype application/pdf
cover(184 kB)6 downloads
File information
File name COVER01.pdfFile size 184 kBChecksum SHA-512
Type coverMimetype application/pdf

By organisation
Department of Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 304 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 1579 hits
ReferencesLink to record
Permanent link

Direct link