Limited access: U-M users only
Access by request
Access via HathiTrust
Access via FulcrumSmartphone App Security: Vulnerabilities and Implementations
| dc.contributor.author | Zhang, Linxi | |
| dc.contributor.advisor | Ma, Di | |
| dc.date.accessioned | 2018-05-07T20:39:36Z | |
| dc.date.available | NO_RESTRICTION | en_US |
| dc.date.available | 2018-05-07T20:39:36Z | |
| dc.date.issued | 2018-04-29 | |
| dc.date.submitted | 2018-04-09 | |
| dc.identifier.uri | https://hdl.handle.net/2027.42/143522 | |
| dc.description.abstract | Due to the high occupancy volume of smartphones in mode society, more and more developers join the smartphone app market and develop various mobile applications that could benefit out life in many ways. However, smartphone apps are often blamed for insecurities due to smartphone technologies as well as inexperienced app developers. In this thesis work, we study smartphone app security vulnerabilities due to either improper implementations or improper use of smartphone technologies. More specifically, we study potential security vulnerabilities in three categories of apps: apps which use the secure socket layer(SSL) protocol for secure communication, apps which use the WebView technology, and apps which are HTML5-based. For each category of apps, we analyze the underlying technologies to show the cause of vulnerabilities, and develop instruction materials for each of the three validation attacks we have implemented and turn them into security teaching labs. These security teaching labs aim to help students to understand the theoretical attack concepts in and accurate and understandable way and cultivate the hacking mindset. | en_US |
| dc.language.iso | en_US | en_US |
| dc.subject | Android | en_US |
| dc.subject | App security | en_US |
| dc.subject | MITM | en_US |
| dc.subject | SSL | en_US |
| dc.subject | Web view | en_US |
| dc.subject | HTML5-based mobile application | en_US |
| dc.subject | Code injection | en_US |
| dc.subject.other | Computer science | en_US |
| dc.title | Smartphone App Security: Vulnerabilities and Implementations | en_US |
| dc.type | Thesis | en_US |
| dc.description.thesisdegreename | Master of Science (MS) | en_US |
| dc.description.thesisdegreediscipline | Computer and Information Science, College of Engineering & Computer Science | en_US |
| dc.description.thesisdegreegrantor | University of Michigan-Dearborn | en_US |
| dc.contributor.committeemember | Guo, Jinhua | |
| dc.contributor.committeemember | Wang, Shengquan | |
| dc.identifier.uniqname | 10672799 | en_US |
| dc.description.bitstreamurl | https://deepblue.lib.umich.edu/bitstream/2027.42/143522/1/Linxi-thesis-submission.pdf | |
| dc.identifier.orcid | 0000-0002-6233-5266 | en_US |
| dc.description.filedescription | Description of Linxi-thesis-submission.pdf : Thesis | |
| dc.identifier.name-orcid | Zhang, Linxi; 0000-0002-6233-5266 | en_US |
| dc.owningcollname | Dissertations and Theses (Ph.D. and Master's) |
Files in this item
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.