Security Analysis of Android Applications for Hotel and Flight Booking Applications

Abstract

The tourism industry's exponential growth has currently led to an increase in hotel and flight bookings, especially through mobile applications. There are various tools and platforms to build a mobile application, and each mobile function may need specific permissions to access certain features of a mobile device, and that would make devices and applications vulnerable. In this work, we aim to conduct a security analysis of many Android applications for hotel and airline bookings. Using an open-source tool, the security-related features of 20 Android apps are extracted from the domains and divided into six groups, including security mechanisms, shared Android components, dangerous privilege calls, and three code-related groups. Those applications were then clustered according to their features, and we found that hotel applications had Android security features, such as the RSA algorithm and detecting jailbreak. Furthermore, third-party apps were more likely to share Android components with other apps on the same device. Future research could focus on analyzing Android apps for hotel or airline booking exclusively and expanding the dataset size to identify and analyze patterns effectively.