A Uma Técnica Prognóstica para Desenvolvimento Seguro de Aplicativo Android
Abstract
Searching for vulnerabilities in Android apps through approaches based on the app's dex bytecode has been applied to a lot of researches. This approach, called late detection, is applied to apps already released, and usually doesn't identify vulnerabilities before users have been exposed. This article presents a method based on static analysis with matching patterns for identifying these vulnerabilities beforehand, during the app development, avoiding users' exposure. The presented technique was evaluated by an experimental test proof applied to open-source applications, analyzed by appDroidAnalyzer, identifying dozens of apps affected by vulnerabilities in their source code.
The (A) Assignor declares that (s) text (s) concerned is (are) of his personal authorship, being responsible, therefore, for the originality of the (s) even (s) and gives the organizers, full rights to choice of publisher, publication means, means of reproduction, dissemination of media, drawing, shape, everything that is needed for that publication be effected.
PUBLISHER undertakes to ensure the editorial quality of the publication, ensuring that the concepts and the thought of (a) ASSIGNOR remain faithful to the original. This assignment will be valid throughout the period of legal protection WORK, may hold the PUBLISHER will be shown how many issues it deems appropriate.
All rights are reserved. Any reproduction, even if part of the publication should include the reference credit, according to the current copyright law of Brazil. Still, the article submission process, the author agrees to the terms of an exclusive statement, originality and agreement to the final version. It is justified in the field "; COMMENTS TO THE EDITOR" ;, when the participation of more than one author.
