Kaydedildi:
| Yazar: | |
|---|---|
| Materyal Türü: | Recurso digital |
| Dil: | |
| Baskı/Yayın Bilgisi: |
Zenodo
2025
|
| Konular: | |
| Online Erişim: | https://doi.org/10.5281/zenodo.17213110 |
| Etiketler: |
Etiketle
Etiket eklenmemiş, İlk siz ekleyin!
|
İçindekiler:
- <h2><strong><em><span>Abstract</span></em></strong></h2> <p><em><span>The growing reliance on smartphone applications for personal, financial, and business operations, ensuring mobile app security has become a critical concern. This paper explores the comprehensive techniques used to evaluate and enhance the security of smartphone applications. Evaluation methods such as Static and Dynamic Application Security Testing (SAST and DAST), mobile penetration testing, reverse engineering, and API security assessments are essential for identifying vulnerabilities in both code and runtime behavior. Additionally, tools for dependency scanning and behavioral analysis aid in detecting security flaws in third-party libraries and runtime activities. To enhance security, developers must implement secure coding practices, strong authentication mechanisms, encryption for data at rest and in transit, runtime protection, and code obfuscation. Furthermore, best practices such as minimizing permissions, integrating secure third-party SDKs, certificate pinning, and secure logging are vital. Adherence to established standards like OWASP MASVS and the OWASP Mobile Testing Guide ensures a structured and comprehensive approach to mobile app security. Together, these techniques form a robust framework for building secure, resilient smartphone applications in an increasingly threat-prone digital landscape.</span></em></p>