Secure Mobile Application Development with Data Leak Analysis Plugin
Disciplines
Risk Analysis
Abstract (300 words maximum)
As the mobile devices and applications are being widely adopted and used, Mobile security, or more specifically mobile device security, has become increasingly important. Attacks through mobile apps have caused major data leak due to application vulnerabilities continue to occur. This kind of data leaks can be addressed and fixed in the application development process. Many developers may not be well aware of the vulnerabilities when developing mobile applications and may lack the technical support for detecting data leak analysis within the development environment. In this report, we discuss the need and development of a plugin tool for Android Studio for preventing data leak. We developed a hands-on labware where the plugin can be applied for detection of data leak through SQL injection. We also shared our ongoing experience of the labware integrated in a Summer 2020 course. The preliminary student feedback is collected and reported in this document.
Academic department under which the project should be listed
CCSE - Information Technology
Primary Investigator (PI) Name
Dr. Hossain Shahriar
Secure Mobile Application Development with Data Leak Analysis Plugin
As the mobile devices and applications are being widely adopted and used, Mobile security, or more specifically mobile device security, has become increasingly important. Attacks through mobile apps have caused major data leak due to application vulnerabilities continue to occur. This kind of data leaks can be addressed and fixed in the application development process. Many developers may not be well aware of the vulnerabilities when developing mobile applications and may lack the technical support for detecting data leak analysis within the development environment. In this report, we discuss the need and development of a plugin tool for Android Studio for preventing data leak. We developed a hands-on labware where the plugin can be applied for detection of data leak through SQL injection. We also shared our ongoing experience of the labware integrated in a Summer 2020 course. The preliminary student feedback is collected and reported in this document.