An Automatic Security Testing approach of Android Applications

Resondry Zafimiharisoa, Stassia; Salva, Sébastien; Laurençot, Patrice

Home // ICSEA 2012, The Seventh International Conference on Software Engineering Advances // View article

An Automatic Security Testing approach of Android Applications

Authors:
Stassia Resondry Zafimiharisoa
Sébastien Salva
Patrice Laurençot

Keywords: security testing, Android applications, model-based testing.

Abstract:
In this paper, we propose a security testing approach which aims to check whether Android applications are not vulnerable to malicious intents. An intent is an IPC (Inter-Process Communication) mechanism which is used to compose Android components together to form a whole application. From Manifest files, which provide information about Android applications, and based on the vulnerabilities expressed within test patterns, we automatically generate JUnit test cases that can detect intent-based vulnerabilities. Using formal methods, executable security tests are then automatically generated from any Android applications.

Pages: 643 to 646

Copyright: Copyright (c) IARIA, 2012

Publication date: November 18, 2012

Published in: conference

ISSN: 2308-4235

ISBN: 978-1-61208-230-1

Location: Lisbon, Portugal

Dates: from November 18, 2012 to November 23, 2012