Int. J. of Intelligent Enterprise   »   2017 Vol.4, No.1/2

 

 

You can view the full text of this article for Free access using the link below.

 

 

Title: Security model on mobile banking application: attack simulation and countermeasures

 

Authors: Yacouba Kouraogo; Karim Zkik; Noreddine El Janati El Idrissi; Ghizlane Orhanou

 

Addresses:
Laboratory of Mathematics, Computer Sciences and Applications, Faculty of Sciences, Mohammed V University, Rabat, Morocco
Laboratory of Mathematics, Computer Sciences and Applications, Faculty of Sciences, Mohammed V University, Rabat, Morocco
Laboratory of Mathematics, Computer Sciences and Applications, Faculty of Sciences, Mohammed V University, Rabat, Morocco
Laboratory of Mathematics, Computer Sciences and Applications, Faculty of Sciences, Mohammed V University, Rabat, Morocco

 

Abstract: Nowadays, we use mobile devices in all activities such as communication, play, surf on the internet, shop online and banking transactions. But the applications used do not always comply with the security requirements on mobile environment and this can cause vulnerabilities allowing attackers to take control of the phone and to steal some users' private data. That is why, it is important to take a look at the security of mobile applications especially of financial institutions. In this paper, we will present some security issues of android applications. We will also make a reverse engineering of an Android banking application, then a static analysis of its code to detect its weaknesses. After that, we will insert a malicious code that will help us not only to take control of the smartphone but also to make a DDOS attack on a simulated bank server. Finally, we will propose some countermeasures.

 

Keywords: mobile malware; reverse engineering; static analysis; DDOS attack.

 

DOI: 10.1504/IJIE.2017.10008161

 

Int. J. of Intelligent Enterprise, 2017 Vol.4, No.1/2, pp.155 - 167

 

Submission date: 12 Dec 2016
Date of acceptance: 10 May 2017
Available online: 29 Sep 2017

 

 

Editors Full text accessFree access Free accessComment on this article