| 000 | 02697nam a2200277 4500 | ||
|---|---|---|---|
| 020 | _qhardback | ||
| 040 |
_aUniversiti Teknologi Brunei _beng _cUTB |
||
| 084 |
_aUTB 120 REPORT, THESIS & DISSERTATION _aRTDS 280 |
||
| 100 | 1 |
_aNurul Intan Baizura Bte Hj Emran _eAuthor |
|
| 245 | 1 | 0 |
_aSecurity Testing of Applications Based on Threat Modelling / _cNurul Intan Baizura Bte Hj Emran |
| 260 |
_aBrunei Darussalam : _bUniversiti Teknologi Brunei , _c© 2019 . |
||
| 300 |
_ax, 249 Pages : _bcolor illustrations , photographs, charts ; _c30 cm. |
||
| 500 | _aReport submitted for the degree of Bsc in Computer Network and Security Universiti Teknologi Brunei. | ||
| 500 | _aAbstract Mobile devices have outnumbered PCs and laptops to become the prime medium for accessing content and services. Due to its ability to handle many useful and creative applications, enterprises are rapidly adopting innovative applications to transform their business capabilities as the mobile presence is critical for businesses to attract new customers. While Android, the most popular open-source mobile platform, has its own set of permissions to protect the device and resources, however, it does not provide a security framework to defend against any attack. Hence, it is imperative to make the applications more secure and reliable. In this project a threat modelling process will be conducted on local existing applications from Google Play Store with objectives to identify the possible threats and vulnerabilities with reference to OWASP top 10 security risks. These vulnerabilities are then to be rated according to its risk of exploitation, among several application for comparisons by using DREAD. Penetration testing were also carried out to test the security of the application by following the freely available mobile security testing guide by OWASP. Microsoft's STRIDE tools are the features used for threat modelling process and an open source tools such as Kali Linux, Burpsuite, MobSF and Drozer etc for implementing the penetration testing. | ||
| 504 | _aIncludes bibliography references. | ||
| 610 | 4 |
_vFInal Year Project _aUnievrsiti Teknologi Brunei |
|
| 650 | 4 |
_a Application software _xTesting. |
|
| 650 | 4 | _a Computer security. | |
| 650 | 4 | _aThreat modeling (Computer security) | |
| 710 |
_aUniversiti Teknologi Brunei _bSchool of Business Computer Network and Security |
||
| 942 |
_2lc _n0 _cRTDS |
||
| 998 |
_eReports, Thesis & Dissertation _s850421 : 0020237 c. 1_UTB _xUniversiti Teknologi Brunei |
||
| 998 |
_eCD- ROM _s850422 : CD no. RTDS CD 30 UTB _xUniversiti Teknologi Brunei |
||
| 999 |
_c23424 _d23424 |
||