{"title":"Android Forensic and Security Assessment for Hospital and Stock-and-Trade Applications in Thailand","authors":"Noppanat Phumkaew, V. Visoottiviseth","doi":"10.1109/JCSSE.2018.8457347","DOIUrl":null,"url":null,"abstract":"Many hospitals and stock-and-trade mobile applications are developed in Thailand to fulfill business requirements. These applications normally handle user’s sensitive data, such as the identification, financial data, and health records. Thus, the objective of this research is to investigate whether these applications can expose the sensitive data over thecommunication channel and whether the sensitive data can be retrieved from the lost or stolen mobile phones. We conduct the forensic investigation and security assessment toward these mobile applications by considering the OWASP Mobile Security Top Ten Risks 2016. In our experiment, Android forensics was conducted over three hospital applications in Thailandand five stock-and-trade applications. The analysis techniques include both static analysis and dynamic analysis.From our results, we found that each application has its own vulnerability reflecting to OWASP’s risk, thus the user must use them with caution. Moreover, the Android application developers must take security awareness into their account.","PeriodicalId":338973,"journal":{"name":"2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/JCSSE.2018.8457347","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Many hospitals and stock-and-trade mobile applications are developed in Thailand to fulfill business requirements. These applications normally handle user’s sensitive data, such as the identification, financial data, and health records. Thus, the objective of this research is to investigate whether these applications can expose the sensitive data over thecommunication channel and whether the sensitive data can be retrieved from the lost or stolen mobile phones. We conduct the forensic investigation and security assessment toward these mobile applications by considering the OWASP Mobile Security Top Ten Risks 2016. In our experiment, Android forensics was conducted over three hospital applications in Thailandand five stock-and-trade applications. The analysis techniques include both static analysis and dynamic analysis.From our results, we found that each application has its own vulnerability reflecting to OWASP’s risk, thus the user must use them with caution. Moreover, the Android application developers must take security awareness into their account.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
