Secure Mobile Application Development with Data Leak Analysis Plugin

Start Date

23-10-2020 3:00 PM

End Date

23-10-2020 3:30 PM

Location

Zoom Session 2 (SunTrust Track)

Abstract

As the mobile devices and applications are being widely adopted and used, Mobile security, or more specifically mobile device security, has become increasingly important. Attacks through mobile apps have caused major data leak due to application vulnerabilities continue to occur. This kind of data leaks can be addressed and fixed in the application development process. Many developers may not be well aware of the vulnerabilities when developing mobile applications and may lack the technical support for detecting data leak analysis within the development environment. In this report, we discuss the need and development of a plugin tool for Android Studio for preventing data leak. We developed a hands-on labware where the plugin can be applied for detection of data leak through SQL injection. We also shared our ongoing experience of the labware integrated in a Summer 2020 course. The preliminary student feedback is collected and reported in this document.

This document is currently not available here.

Share

COinS
 
Oct 23rd, 3:00 PM Oct 23rd, 3:30 PM

Secure Mobile Application Development with Data Leak Analysis Plugin

Zoom Session 2 (SunTrust Track)

As the mobile devices and applications are being widely adopted and used, Mobile security, or more specifically mobile device security, has become increasingly important. Attacks through mobile apps have caused major data leak due to application vulnerabilities continue to occur. This kind of data leaks can be addressed and fixed in the application development process. Many developers may not be well aware of the vulnerabilities when developing mobile applications and may lack the technical support for detecting data leak analysis within the development environment. In this report, we discuss the need and development of a plugin tool for Android Studio for preventing data leak. We developed a hands-on labware where the plugin can be applied for detection of data leak through SQL injection. We also shared our ongoing experience of the labware integrated in a Summer 2020 course. The preliminary student feedback is collected and reported in this document.