Vulnerabilities Classification for Safe Development on Android

Ricardo Luis D. M. Ferreira 1 * , Anderson F. P. dos Santos 1, Ricardo Choren 1

Journal of Information Systems Engineering & Management, Volume 1, Issue 3, pp. 187-190.

https://doi.org/10.20897/lectito.201634

OPEN ACCESS   2820 Views   1161 Downloads

Download Full Text (PDF) Cite this article

Abstract

The global sales market is currently led by devices with the Android operating system. In 2015, more than 1 billion smartphones were sold, of which 81.5% were operated by the Android platform. In 2017, it is estimated that 267.78 billion applications will be downloaded from Google Play. According to Qian, 90% of applications are vulnerable, despite the recommendations of rules and standards for the safe software development. This study presents a classification of vulnerabilities, indicating the vulnerability, the safety aspect defined by the Brazilian Association of Technical Standards (Associação Brasileira de Normas Técnicas - ABNT) norm NBR ISO/IEC 27002 which will be violated, which lines of code generate the vulnerability and what should be done to avoid it, and the threat agent used by each of them. This classification allows the identification of possible points of vulnerability, allowing the developer to correct the identified gaps

Keywords

Android, Mobile Applications, Security, Vulnerability, Vulnerability Classification, Bad-Practices

Citation

Ferreira, R. L. D. M., dos Santos, A. F. P., and Choren, R. (2016). Vulnerabilities Classification for Safe Development on Android. Journal of Information Systems Engineering & Management, 1(3), pp. 187-190. https://doi.org/10.20897/lectito.201634

Submit a Manuscript