MOBIL ILOVALARNING ZAIFLIGINI ANIQLASH USUL VA VOSITALARINING TAHLILI
Article Sidebar
Main Article Content
Abstract
Mobil ilovalar zamonaviy dunyoda keng tarqalgan bo‘lib, ular foydalanuvchilarga ko‘plab qulayliklar yaratadi. Biroq, mobil ilovalardagi zaifliklar kiberxavfsizlik tahdidlarini keltirib chiqarishi mumkin. Ushbu maqolada mobil ilovalar zaifliklarining turlari, ularni aniqlash usullari va foydalaniladigan vositalar haqida umumiy ma'lumot beriladi. Shuningdek, zaifliklarni aniqlash usullari – statik tahlil, dinamik tahlil va penetratsion test – haqida batafsil ma'lumot beriladi. Mobil ilovalar zaifliklarini aniqlashda keng qo‘llaniladigan vositalar, jumladan OWASP ZAP, MobSF, Burp Suite va Qark haqida ham so‘z yuritiladi. Ushbu ishda mobil operatsion tizim ilovalarining zaifliklarini aniqlash usul va vositalari hamda ularning tahlili keltirilgan.
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
References
OWASP Mobile Security Testing Guide (MSTG). OWASP Foundation. OWASP MSTG.
Murphy, J., & Beyer, A. (2018). "Android Security Internals: An In-Depth Guide to Android’s Security Architecture." No Starch Press.
Enck, W., Ongtang, M., & McDaniel, P. (2009). "On lightweight mobile phone application certification." Proceedings of the 16th ACM conference on Computer and communications security.
Grace, M. C., Zhou, Y., Wang, Z., & Jiang, X. (2012). "Systematic detection of capability leaks in stock Android smartphones." Proceedings of the 19th Network and Distributed System Security Symposium.
MobSF (Mobile Security Framework). MobSF.
Burp Suite. PortSwigger. Burp Suite.
OWASP. (2023). "OWASP Mobile Top Ten." OWASP Mobile Top Ten CWE (Common Weakness Enumeration). "CWE List." CWE List.
Veracode. (2023). "State of Software Security (SoSS) Report." Veracode SoSS Report.
Google Android Security. "Android Security & Privacy Year in Review." Google Android Security.