A Platform to analyze android application components for vulnerabilities

Date
2021
Authors
Muchoki, Macharia Benson
Journal Title
Journal ISSN
Volume Title
Publisher
Strathmore University
Abstract
Past research has shown that developers ·make mistakes in writing Android application configuration files, resulting to multiple vulnerabilities in these applications. More often, these vulnerabilities go unnoticed and the affected applications are installed in many end user’s devices. One typical security vulnerability is related to misconfiguration of Android application components. Source code obfuscation is increasingly becoming popular and was found in this study to be limiting the accuracy of most Android applications auditing tools. This study was aimed at designing, developing, and testing a platform called MobiSec. MobiSec employs a hybrid analysis technique that examines both static and dynamic features to aid Android application developers and security analysts in identifying vulnerable Android application components. The MobiSec platform was designed, developed, and tested employing the agile methodology for fast delivery. Functional, compatibility and performance tests were carried out by analysing popular Android mobile applications from Google Play Store. Performance and validation testing results showed that the MobiSec platform could be used reliably with 95% accuracy to identify vulnerable Android application components.
Description
Submitted in partial fulfilment of the requirements for the Degree of Master of Science in Information Systems Security
Keywords
Citation
URI
http://hdl.handle.net/11071/13269
Collections
MSc.ISS Theses and Dissertations (2021)