Return to search

Functional and Security Testing of a Mobile Client-Server Application / Funktionell och säkerhetstestning av en mobilapplikation bestående av en klient- och serversida

Today’s massive usage of smartphones has put a high demand on all application developers in the matter of security. For us to be able to keep using all existing and new applications, a process that removes significant security vulnerabilities is essential. To remove these vulnerabilities, the applications have to be tested. In this thesis, we identify six methods for functional and security testing of client-server applications running Android and Python Flask. Regarding functional testing, we implement Espresso testing and RESTful API testing. In regards to the security testing of the system, we do not only implement fuzz testing, sniffing, reverse engineering and SQL injection testing on a system developed by a student group in a parallel project, but also discover a significant security vulnerability that directly affects the integrity and reliability of this system. Out of the six identified testing techniques, reverse engineering exposed the vulnerability. In conjunction with this, we verified that the system’s functionality works as it is supposed to.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-148710
Date January 2018
CreatorsHolmberg, Daniel, Nyberg, Victor
PublisherLinköpings universitet, Institutionen för datavetenskap, Linköpings universitet, Institutionen för datavetenskap
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0024 seconds