Litcius/Paper detail

Mobile Application Security Penetration Testing Based on OWASP

Aide Alanda, Deni Satria, Hanriyawan Adnan Mooduto, Bobby Kurniawan

2020IOP Conference Series Materials Science and Engineering31 citationsDOIOpen Access PDF

Abstract

Abstract Evolution of smartphones and smart devices affected one of the most used operating systems on smartphones and smart device is Android. Android growth with fast and affected the growth of applications used by that operating system. That application developed by many developers and can be downloadable on the play store. besides the benefits and features that operating systems are given and support from the application can affect security to users. The purpose of this research is to know vulnerability and technics that used to find a vulnerability in Android operating systems and Android applications. In addition, to give recommendations and prevention from the vulnerability. Technics and methods that used based on research from the OWASP Foundation consisting of 10 main vulnerability in Android application that is improper platform usage, insecure data storage, insecure communication, insecure authentication, insufficient cryptography, insecure authorization, client code quality, code tampering, reverse engineering, and extraneous functionality. The results from testing of five applications downloaded from Play Store. 4 application have vulnerability based on OWASP Mobile Top Ten documentation. The OWASP documentation can give an illustration of the vulnerability that most found in Android applications from the market.

Topics & Concepts

Android (operating system)Computer securityDocumentationComputer scienceVulnerability assessmentMobile deviceAuthorizationVulnerability (computing)Operating systemPsychological resiliencePsychologyPsychotherapistAdvanced Malware Detection TechniquesMobile and Web Applications