Security model on mobile banking application: attack simulation and countermeasures
by Yacouba Kouraogo; Karim Zkik; Noreddine El Janati El Idrissi; Ghizlane Orhanou
International Journal of Intelligent Enterprise (IJIE), Vol. 4, No. 1/2, 2017

Abstract: Nowadays, we use mobile devices in all activities such as communication, play, surf on the internet, shop online and banking transactions. But the applications used do not always comply with the security requirements on mobile environment and this can cause vulnerabilities allowing attackers to take control of the phone and to steal some users' private data. That is why, it is important to take a look at the security of mobile applications especially of financial institutions. In this paper, we will present some security issues of android applications. We will also make a reverse engineering of an Android banking application, then a static analysis of its code to detect its weaknesses. After that, we will insert a malicious code that will help us not only to take control of the smartphone but also to make a DDOS attack on a simulated bank server. Finally, we will propose some countermeasures.

Online publication date: Wed, 04-Oct-2017

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

 
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Intelligent Enterprise (IJIE):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?


Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email subs@inderscience.com