Analysis of latest vulnerabilities in android

Umasankar,

doi:10.1109/icacci.2017.8126011

Cited by 6 publications

(2 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…OWASP TOP 10 Mobile Risks yang didalamnya terdapat 10 daftar kerawanan pada aplikasi mobile yang disusun oleh komunitas OWASP [7]. OWASP Mobile Top 10 2016 mengklasifikasikan risiko keamanan aplikasi seluler dan menawarkan solusi untuk mengurangi dampak dan kemungkinan eksploitasi [8]. Kerentanan yang sebelumnya ditemukan di aplikasi seluler dikumpulkan ke dalam database yang digunakan untuk mengidentifikasi kerentanan secara umum sehingga dapat dikelompokkan berdasarkan cara kerja serangan dan dampaknya.…”

Section: Pendahuluanunclassified

Security Assessment Aplikasi Mobile Pemerintahan dengan Acuan OWASP Top 10 Mobile Risks

Priambodo,

Hasbi,

Malacca

2022

JEPIN

View full text Add to dashboard Cite

Mobile E-Kinerja XYZ adalah aplikasi yang digunakan untuk pelaporan kegiatan PNS dan ASN Pemerintah Kabupaten XYZ. Aplikasi ini menunjang peraturan dari pemerintah pusat terkait Sistem Pemerintahan Berbasi Elektronik (SPBE). Security assessment yang dilakukan mencakup pengujian keamanan aplikasi dan juga mengidentifikasi kerentanan menggunakan MobSF dan MARA Framework dan analisis dinamis serta melakukan validasi mengacu pada OWASP Top Ten Mobile Risk 2016. Menilai kerentanan menggunakan Common Vulnerability Scoring System (CVSS) 3.1. Memberikan rekomendasi keamanan terhadap kerentanan yang ditemukan mengacu pada Common Weakness Enumeration (CWE) serta menjelaskan dampak dari kerentanan. Aplikasi ini mempunyai satu krentanan high (Insecure Data Storage), tiga kerentanan medium (Improper Platform Usage, Insufficient Cryptography, Reverse Engineering), satu kerentanan low (Extraneous Functionality).

show abstract

Section: Pendahuluanunclassified

Security Assessment Aplikasi Mobile Pemerintahan dengan Acuan OWASP Top 10 Mobile Risks

Priambodo,

Hasbi,

Malacca

2022

JEPIN

View full text Add to dashboard Cite

show abstract

“…In given propose methodology is also combination of static and dynamic analysis to help for application development there are different. It's used for all android application first given all application decompile after three steps are there to code analysis repackaging and rebuild application [5]. The methodology is for a combination of two methodologies static analysis and dynamic analysis.…”

Section: Related Workmentioning

confidence: 99%

A Novel Custom Intent BasedApproach to Improve Android Application Security for Intent Based Attacks

Maheshwari¹,

Nayak²,

Vaghela³

et al. 2019

IJRAT

View full text Add to dashboard Cite

Android is one of the most used Operating System these days. As we all know Android applications make one's life faster, smoother and more convenient in day to day activities. Android provides functionality using which an application can access components of another application and that functionality is known as IPC (Inter Process Communication). IPC uses mechanism for message passing which is known as Intent. We will examine application communication model to analyze the vulnerabilities using static and dynamic analysis. While performing such analysis we will find possible vulnerabilities of intent. As Intent is vulnerable for security and privacy we will implement concept of Intent Verification with custom intent using intent filter. This research helps to make intents more secure as we will use intent authentication mechanism.

show abstract