Security testing of the communication among Android applications

Author

Avancini, Andrea ; Ceccato, Mariano

Author_Institution

Fondazione Bruno Kessler, Trento, Italy

fYear

2013

fDate

18-19 May 2013

Firstpage

57

Lastpage

63

Abstract

An important reason behind the popularity of smartphones and tablets is the huge amount of available applications to download, to expand functionalities of the devices with brand new features. In fact, official stores provide a plethora of applications developed by third parties, for entertainment and business, most of which for free. However, confidential data (e.g., phone contacts, global GPS position, banking data and emails) could be disclosed by vulnerable applications. Sensitive applications should carefully validate exchanged data to avoid security problems. In this paper, we propose a novel testing approach to test communication among applications on mobile devices. We present a test case generation strategy and a testing adequacy criterion for Android applications. Our approach has been assessed on three widely used Android applications.

Keywords

mobile computing; operating systems (computers); program testing; security of data; Android application; confidential data; security testing; smart phone; tablet computer; test case generation strategy; testing adequacy criterion; Androids; Humanoid robots; Mobile communication; Prototypes; Security; Smart phones; Testing; Mobile applications; Security testing; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Automation of Software Test (AST), 2013 8th International Workshop on

Conference_Location

San Francisco, CA

Type

conf

DOI

10.1109/IWAST.2013.6595792

Filename

6595792