Print Email Facebook Twitter Vulnerability Detection on Mobile Applications Using State Machine Inference Title Vulnerability Detection on Mobile Applications Using State Machine Inference Author van der Lee, Wesley (Student TU Delft) Verwer, S.E. (TU Delft Cyber Security) Date 2018 Abstract Although the importance of mobile applications grows every day, recent vulnerability reports argue the application's deficiency to meet modern security standards. Testing strategies alleviate the problem by identifying security violations in software implementations. This paper proposes a novel testing methodology that applies state machine learning of mobile Android applications in combination with algorithms that discover attack paths in the learned state machine. The presence of an attack path evidences the existence of a vulnerability in the mobile application. We apply our methods to real-life apps and show that the novel methodology is capable of identifying vulnerabilities. Subject mobile application securitymodel inferenceState machine learningvulnerability detection To reference this document use: http://resolver.tudelft.nl/uuid:1d8e42cd-9823-4f08-8e75-55db33019d69 DOI https://doi.org/10.1109/EuroSPW.2018.00008 Publisher IEEE, Los Alamitos, CA ISBN 978-1-5386-5445-3 Source Proceedings - 3rd IEEE European Symposium on Security and Privacy Workshops, EUROS&PW 2018 Event 3rd IEEE European Symposium on Security and Privacy Workshops, 2018-04-24 → 2018-04-26, London, United Kingdom Bibliographical note Accepted author manuscript Part of collection Institutional Repository Document type conference paper Rights © 2018 Wesley van der Lee, S.E. Verwer Files PDF Vulnerability_Detection_o ... erence.pdf 1.24 MB Close viewer /islandora/object/uuid:1d8e42cd-9823-4f08-8e75-55db33019d69/datastream/OBJ/view