Title | Research and Implementation of Mobile Application Security Detection Combining Static and Dynamic |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Zhou, Ziqiang, Sun, Changhua, Lu, Jiazhong, Lv, Fengmao |
Conference Name | 2018 10th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA) |
Keywords | automated platform for security detection of mobile application system, capture mobile application traffic, client security detection, client-server systems, composability, Dynamic Networks and Security, Engines, Fingerprint recognition, fuzzy testing method, Internet, Metrics, mobile application client, mobile application security detection, mobile application traffic, mobile applications, mobile computing, mobile intelligent terminals trend, Packaging, pubcrawl, Resiliency, security, security detection combining static and dynamic, security detection of mobile application, security of data, server security detection, Servers |
Abstract | With the popularity of the Internet and mobile intelligent terminals, the number of mobile applications is exploding. Mobile intelligent terminals trend to be the mainstream way of people's work and daily life online in place of PC terminals. Mobile application system brings some security problems inevitably while it provides convenience for people, and becomes a main target of hackers. Therefore, it is imminent to strengthen the security detection of mobile applications. This paper divides mobile application security detection into client security detection and server security detection. We propose a combining static and dynamic security detection method to detect client-side. We provide a method to get network information of server by capturing and analyzing mobile application traffic, and propose a fuzzy testing method based on HTTP protocol to detect server-side security vulnerabilities. Finally, on the basis of this, an automated platform for security detection of mobile application system is developed. Experiments show that the platform can detect the vulnerabilities of mobile application client and server effectively, and realize the automation of mobile application security detection. It can also reduce the cost of mobile security detection and enhance the security of mobile applications. |
DOI | 10.1109/ICMTMA.2018.00065 |
Citation Key | zhou_research_2018 |