Toward discovering and exploiting private server-side Web API

Toward discovering and exploiting private server-side Web API

Most of the interfaces for mobile application and server interaction use the Web API for communication,but the Web API introduced by these mobile applications may introduce new security issues.To facilitate the study of the security of Web API,a system for automatically discovering the server-side W...

Full description

Saved in:
Bibliographic Details
Main Authors: Jia CHEN, Shan-qing1 GUO
Format: Article
Language:English
Published: POSTS&TELECOM PRESS Co., LTD 2016-12-01
Series:网络与信息安全学报
Subjects:
Web API
Android App
static analysis
dynamic analysis
Online Access:http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2016.00134
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Most of the interfaces for mobile application and server interaction use the Web API for communication,but the Web API introduced by these mobile applications may introduce new security issues.To facilitate the study of the security of Web API,a system for automatically discovering the server-side Web API interface in APK files based on the conventional Android program testing framework was designed and implemented.This system can help to develop the research on private server-side Web API interface security.
ISSN:2096-109X

Similar Items