Static analysis of selected Android applications

posted in #Mobile & Cloud on the 17.08.2015

We analyzed how a set of selected applications is capable of overcoming real-world threats. Based on current attack vectors, we have derived concrete inspection criteria and applied them on our dataset. As a result, it was feasible to uncover deficiencies in 8 of 10 analyzed applications. The found issues significantly undermine the achievable security level and can lead to the exposure of secrets and the leak of sensitive data to unrelated parties.

Following responsible disclosure principles, a publication of particular deficiencies in the investigated applications is not considered.

Downloads

File Description File size
pdf Project Report Version 1.0 of 21.07.2015
 293 KB