Title :
An Android Security Case Study with Bauhaus
Author :
Berger, Bernhard J. ; Bunke, Michaela ; Sohr, Karsten
Author_Institution :
Center for Comput. Technol. (TZI), Univ. Bremen, Bremen, Germany
Abstract :
Software security has made great progress, code analysis tools are widely-used in industry for detecting common implementation-level security bugs. However, given the fact that we must deal with legacy code we plead to employ the techniques long been developed in the research area of program comprehension for software security. In cooperation with a security expert, we carried out a case study with the mobile phone platform Android, and employed the reverse engineering tool-suite Bauhaus for this security assessment. During the investigation we found some inconsistencies in the implementation of the Android security concepts. Based on the lessons learned from the case study, we propose several research topics in the area of reverse engineering that would support a security analyst during security assessments.
Keywords :
mobile computing; program debugging; reverse engineering; security of data; Android security; Bauhaus; code analysis tool; implementation-level security bug; legacy code; mobile phone; program comprehension; reverse engineering tool; software security; Androids; Bluetooth; Documentation; Humanoid robots; Security; Smart phones; Software; Android; program comprehension; security assessment; software security;
Conference_Titel :
Reverse Engineering (WCRE), 2011 18th Working Conference on
Conference_Location :
Limerick
Print_ISBN :
978-1-4577-1948-6
DOI :
10.1109/WCRE.2011.29
