Visible to the public MobSF: Mobile Health Care Android Applications Through The Lens of Open Source Static Analysis

TitleMobSF: Mobile Health Care Android Applications Through The Lens of Open Source Static Analysis
Publication TypeConference Paper
Year of Publication2020
AuthorsLaMalva, Grace, Schmeelk, Suzanna
Conference Name2020 IEEE MIT Undergraduate Research Technology Conference (URTC)
KeywordsAndroid applications, composability, cybersecurity, Data security, Human Behavior, Medical services, Mobile handsets, organizational aspects, pubcrawl, Regulation, Resiliency, Secure Software Development, Software, static analysis, static code analysis
AbstractData security has become an increasing concern with rampant data security regulation changes and the rampant deployment of technology. The necessity to lock down user data has never been greater. This research contributes to the secure software development of Android applications by identifying data processing concerns following the guidelines put forth by the Open Web Application Security Project "(OWASP) Mobile Top 10." We found that 43.62% of the applications contained at least one security violation. We will be using an open source tool static analysis tool, MobSF, to review the security of 200 health related Android applications. The security of healthcare related applications should be given special attention, as they store and process highly sensitive information such as blood pressures, pulse rate, body photos, mental-state, OBGYN status, and sleep patterns. Partial automation techniques were utilized. This paper also suggests possible security remediations for the identified security concerns.
DOI10.1109/URTC51696.2020.9668870
Citation Keylamalva_mobsf_2020