The usage of dependency graphs to test the security of mobile software applications

Authors

  • Mykhailo Antonishyn Pukhov Institute for Modelling in Energy Engineering, Ukraine

Abstract

Testing the security of mobile software applications by OWASP guidelines was analyzed. Attention is drawn to three levels of requirements in OWASP MASVS and their implementation under the OWASP MSTG guidelines. This guide identifies the processes and methods of testing mobile software applications for vulnerability. This leads to the arbitrary usage of these tools when verifying the feasibility of security requirements for mobile software applications. Overcoming the constraints is suggested by using dependency graphs, given the relationship between the testing stages.

References

M. Antonishyn, and O. Misnik, “Analysis of testing approaches to Android mobile application vulnerabilities”, Selected Papers of the XIX International Scientific and Practical Conference “Information Technologies and Security”, Ukraine, vol. 2577, pp. 270-280, November 2019. [Online]. Available: http://ceur-ws.org/Vol-2577/paper22.pdf.

OWASP Mobile security testing guide (MSTG). [Online]. Available: https://github.com/OWASP/owasp-mstg/.

OWASP Mobile application security verification standard (MASVS). [Online]. Available: https://github.com/OWASP/owasp-masvs.

M. Antonishyn, “Android application security assessment,” UP2IT conference. [Online]. Available: https://www.slideshare.net/Mykhailo Antonishyn/android-pentesting-189736097.

J. Gross, J. Yellen, and M. Anderson, Graph Theory and Its Applications. Boca Raton, USA: CRC Press, 2019.

Published

2020-04-23

Issue

Section

RELIABILITY AND SAFETY ASSURANCE TECHNOLOGIES FOR COMPUTER AND INFORMATIONAL SYSTEMS