Vulnerabilities Classification for Safe Development on Android
Ricardo Luis D. M. Ferreira 1 * , Anderson F. P. dos Santos 1, Ricardo Choren 1
More Detail
1 Instituto Militar de Engenharia, BRAZIL
* Corresponding Author

Abstract

The global sales market is currently led by devices with the Android operating system. In 2015, more than 1 billion smartphones were sold, of which 81.5% were operated by the Android platform. In 2017, it is estimated that 267.78 billion applications will be downloaded from Google Play. According to Qian, 90% of applications are vulnerable, despite the recommendations of rules and standards for the safe software development. This study presents a classification of vulnerabilities, indicating the vulnerability, the safety aspect defined by the Brazilian Association of Technical Standards (Associação Brasileira de Normas Técnicas - ABNT) norm NBR ISO/IEC 27002 which will be violated, which lines of code generate the vulnerability and what should be done to avoid it, and the threat agent used by each of them. This classification allows the identification of possible points of vulnerability, allowing the developer to correct the identified gaps

License

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Article Type: Research Article

https://doi.org/10.20897/lectito.201634

J INFORM SYSTEMS ENG, 2016 - Volume 1 Issue 3, pp. 187-190

Publication date: 19 Jun 2016

Article Views: 3325

Article Downloads: 1612

Open Access References How to cite this article