Developing a framework for enhancing security testing of android applications
1 Department of Computer Science, School of Computer and Engineering Sciences, Faculty of Science, Business and Enterprise, University of Chester, Chester, Cheshire, UK*.
2 Department of Decision Science, Faculty of Economics and Decision Sciences, Western Illinois University, Macomb, IL, USA.
3 Department of Computer Science, School of Computer and Engineering Sciences, Faculty of Science, Business and Enterprise, University of Chester, Chester, Cheshire, UK.
4 Department of Computer Science, College of Business and Computing, Southeast Missouri State University, MO, United States. Deep Learning/Artificial Intelligence Engineer.
5 Department of Computer Science and Digital Technologies, School of Architecture, Computing and Engineering, University of East London, London, London, UK.
Research Article
World Journal of Advanced Research and Reviews, 2024, 23(02), 2585–2598
Publication history:
Received on 17 July 2024; revised on 25 August 2024; accepted on 28 August 2024
Abstract:
Mobile applications have advanced a lot and now offer several features that help make our lives easier. Android is currently the most popular mobile operating system, and it is susceptible to exploitation attempts by malicious entities. This has led to an increased focus on the security of Android applications.
This dissertation proposed the development of a framework which provides a systematic approach to testing the security of Android applications. This framework was developed based on a comprehensive review of existing security testing methodologies and tools.
In achieving the study objectives, a test application was run on an emulator, Burp Suite was used as a proxy tool to capture HTTP and HTTPS traffic for analysis, reverse engineering was carried out, static and dynamic analysis were executed, network traffic was captured and analysed with tcpdump and Wireshark, intent sniffing was carried out, fuzz testing was discussed, and a proof-of-concept tool (automation script) was developed.
This work covers various aspects of Android applications’ security testing, and the proposed framework provides developers with a practical and effective approach to testing the security of their Android applications, thereby improving the overall security of the Android application ecosystem.
Keywords:
Penetration Testing; Cybersecurity; Framework; Security Testing; Android Application; Cyber-attack
Full text article in PDF:
Copyright information:
Copyright © 2024 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0