A Suggested Model for Mobile Application Penetration Test Framework


Ozgur B., DOĞRU İ. A. , Uctu G., ALKAN M.

14th International Conference on Information Security and Cryptology, ISCTURKEY 2021, Ankara, Turkey, 2 - 03 December 2021, pp.18-21 identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1109/iscturkey53027.2021.9654417
  • City: Ankara
  • Country: Turkey
  • Page Numbers: pp.18-21
  • Keywords: Dynamic Analysis, Hybrid Analysis, Mobile Security, Security, Static Analysis
  • Gazi University Affiliated: Yes

Abstract

© 2021 IEEE.Along with technological developments in the mobile environment, mobile devices are used in many areas like banking, social media and communication. The common characteristic of applications in these fields is that they contain personal or financial information of users. These types of applications are developed for Android or IOS operating systems and have become the target of attackers. To detect weakness, security analysts, perform mobile penetration tests using security analysis tools. These analysis tools have advantages and disadvantages to each other. Some tools can prioritize static or dynamic analysis, others not including these types of tests. Within the scope of the current model, we are aim to gather security analysis tools under the penetration testing framework, also contributing analysis results by data fusion algorithm. With the suggested model, security analysts will be able to use these types of analysis tools in addition to using the advantage of fusion algorithms fed by analysis tools outputs.