Automated security testing of Android applications for secure mobile development
Mobile computing is on the rise. More and more users rely on mobile applications and mobile devices to execute the most basic tasks of their lives while depositing their most private and critical data on them. Mobile application stores act as the trust anchors that sit between applications developed by third parties and the user’s mobile devices. Therefore, app stores should provide the means to ensure that the apps installed by the users follow high security and quality standards, minimising the user’s data exposure risks. A critical path towards that security and quality standards is to early test and detect mobile application vulnerabilities resulting from incorrect development practices and to provide developers feedback about the problems found and some additional information on how to correct them. This paper presents a system, developed to help Android app stores (in this case, on the Aptoide app store) timely detect vulnerabilities on submitted apps and provide appropriate feedback to developers. The provide feedback makes developers aware of the secure development processes while improving the quality and security of their apps before they are made available to end-users and installed on their devices.
Wed 28 OctDisplayed time zone: Lisbon change
11:20 - 12:20 | |||
11:20 20mFull-paper | Automated security testing of Android applications for secure mobile development InSTA Francisco Palma ISTAR - Information Sciences and Technologies and Architecture Research Center, Nuno Realista ISTAR - Information Sciences and Technologies and Architecture Research Center, Carlos Serrão ISTAR - Information Sciences and Technologies and Architecture Research Center, Luís Nunes ISTAR - Information Sciences and Technologies and Architecture Research Center, João Oliveira ISTAR - Information Sciences and Technologies and Architecture Research Center, Ana Almeida ISTAR - Information Sciences and Technologies and Architecture Research Center Link to publication DOI | ||
11:40 20mFull-paper | Selenium based Testing Systems for Analytical Data Generation of Website User Behavior InSTA Takamasa Tanaka Recruit Sumai Company Ltd, Tokyo, Hidekazu Niibori Recruit Sumai Company Ltd, Tokyo, Li Shiyingxue Recruit Sumai Company Ltd, Tokyo, Shimpei Nomura Recruit Sumai Company Ltd, Tokyo, Tadayoshi Nakao Nomura Research Institute, Ltd. Tokyo, Kazuhiko Tsuda University of Tsukuba Tokyo Link to publication DOI | ||
12:00 20mFull-paper | Identifying Software Test Architect Skills and Knowledge InSTA Jon D. Hagar Grand Software Testing, LLC, Hot Sulphur Springs, CO, Laura Hagar Grand Software Testing, LLC, Hot Sulphur Springs, CO Link to publication DOI |