Home // SECURWARE 2022, The Sixteenth International Conference on Emerging Security Information, Systems and Technologies // View article
IDE Plugins for Secure Android Applications Development: Analysis and Classification Study
Authors:
Mohammed El Amin Tebib
Mariem Graa
Oum-El-Kheir Aktouf
Pascal André
Keywords: Android; Secure Coding; Classification Framework; IDE Plugins
Abstract:
In order to increase the security of Android applications, much effort is realised to assist developers in building secure code that is robust against security attacks. In fact, more attention is given to secure the development life-cycle, from requirement analysis to design, coding to test, and every step of the development process. Many security Integrated Development Environment (IDE) plug-ins have been proposed to assist developers in building secure applications. However, as far as we know, there is no study reviewing the existing tools and their effectiveness in detecting known vulnerabilities. The objective of this paper is to close this gap. We developed a classification framework of the current existing security IDE plug-ins in the context of Android application development. This classification framework allows to highlight salient features about 14 selected tools such as: (i) the analysis-based approach, (ii) the vulnerabilities checks coverage, and (iii) the development stage on which these tools could be employed. Obtained results allowed to establish an overview of secure Android applications development. Limits such as: tools unavailability, benchmarks incompleteness, and the need of dynamic analysis approaches are among the significant findings of this study. We believe this work provides useful information for future research on IDE plug-ins for detecting Android related vulnerabilities.
Pages: 48 to 53
Copyright: Copyright (c) IARIA, 2022
Publication date: October 16, 2022
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-68558-007-0
Location: Lisbon, Portugal
Dates: from October 16, 2022 to October 20, 2022