top | item 22197867

Extending and analyzing storyboards to prevent vulnerabilities in Android apps

1 points| rvprasad | 6 years ago

SeMA is a design methodology focused on preventing the creation of vulnerabilities in Android apps. It is based on extended storyboards (aka navigation graphs in Android world) and iterative refinement of storyboards (as done in model driven development). The methodology relies on static analysis tools to detect and flag errors during the design phase of Android app development.

The pre-print providing details of SeMA methodology is available https://www.researchgate.net/publication/338884117_SeMA_Extending_and_Analyzing_Storyboards_to_Develop_Secure_Android_Apps. A proof-of-concept realization of SeMA in the form of tool support is available at https://bitbucket.org/secure-it-i/sema/src/master/. This tooling works with the navigation graphs in Android Studio, and it can help prevent the creation+detection of 49 known vulnerabilities documented in Ghera benchmarks (https://bitbucket.org/secure-it-i/android-app-vulnerability-benchmarks/src/master/).

We would love to hear feedback from users of the tool and methodology!

discuss

No comments yet.