Publication: Android Forensic and Security Assessment for Hospital and Stock-and-Trade Applications in Thailand
Issued Date
2018-09-06
Resource Type
Other identifier(s)
2-s2.0-85057720979
Rights
Mahidol University
Rights Holder(s)
SCOPUS
Bibliographic Citation
Proceeding of 2018 15th International Joint Conference on Computer Science and Software Engineering, JCSSE 2018. (2018)
Suggested Citation
Noppanat Phumkaew, Vasaka Visoottiviseth Android Forensic and Security Assessment for Hospital and Stock-and-Trade Applications in Thailand. Proceeding of 2018 15th International Joint Conference on Computer Science and Software Engineering, JCSSE 2018. (2018). doi:10.1109/JCSSE.2018.8457347 Retrieved from: https://repository.li.mahidol.ac.th/handle/20.500.14594/45572
Research Projects
Organizational Units
Authors
Journal Issue
Thesis
Title
Android Forensic and Security Assessment for Hospital and Stock-and-Trade Applications in Thailand
Author(s)
Other Contributor(s)
Abstract
© 2018 IEEE. Many hospitals and stock-and-trade mobile applications are developed in Thailand to fulfill business requirements. These applications normally handle user's sensitive data, such as the identification, financial data, and health records. Thus, the objective of this research is to investigate whether these applications can expose the sensitive data over thecommunication channel and whether the sensitive data can be retrieved from the lost or stolen mobile phones. We conduct the forensic investigation and security assessment toward these mobile applications by considering the OWASP Mobile Security Top Ten Risks 2016. In our experiment, Android forensics was conducted over three hospital applications in Thailandand five stock-and-trade applications. The analysis techniques include both static analysis and dynamic analysis.From our results, we found that each application has its own vulnerability reflecting to OWASP's risk, thus the user must use them with caution. Moreover, the Android application developers must take security awareness into their account.