The American government has issued a warning about the potential security threat of Android.
http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf
Android, released in 2011, had several security vulnerabilities that were fixed in later versions of the software.
The report says Android accounts for 79 percent of mobile malware, while Apple’s iOS accounts for 0.7 percent
toll fraud:The document lays out some of the common security threats in earlier versions of Android, including a vulnerability in text messaging, where malicious software can steal money by making secret charges to a user’s phone bill
tools
DidFail analyzes potentially tainted flows between apps and, within a single app, between multiple components.
FlowDroid:analyzes flows of tainted information. FlowDroid focuses on information that flows in a single component of an app
SCAle: suite of tools for testing code for compliance with CERT secure coding rules. This tool was designed specifically to grow our Mobile SCALe tool set that checks against our new Android-focused secure coding rules and guidelines. https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=111509535
:
Coding tools for analysing android
http://www.jssec.org/dl/android_securecoding_en.pdf
analyse overview
http://blog.sei.cmu.edu/post.cfm/secure-coding-tools-analyzing-android-apps-118
Analyse payment app on IOS
http://cases.azoft.com/mobile-application-security-testing/
http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf
Android, released in 2011, had several security vulnerabilities that were fixed in later versions of the software.
The report says Android accounts for 79 percent of mobile malware, while Apple’s iOS accounts for 0.7 percent
toll fraud:The document lays out some of the common security threats in earlier versions of Android, including a vulnerability in text messaging, where malicious software can steal money by making secret charges to a user’s phone bill
tools
DidFail analyzes potentially tainted flows between apps and, within a single app, between multiple components.
FlowDroid:analyzes flows of tainted information. FlowDroid focuses on information that flows in a single component of an app
SCAle: suite of tools for testing code for compliance with CERT secure coding rules. This tool was designed specifically to grow our Mobile SCALe tool set that checks against our new Android-focused secure coding rules and guidelines. https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=111509535
:
Coding tools for analysing android
http://www.jssec.org/dl/android_securecoding_en.pdf
analyse overview
http://blog.sei.cmu.edu/post.cfm/secure-coding-tools-analyzing-android-apps-118
Analyse payment app on IOS
http://cases.azoft.com/mobile-application-security-testing/