ArmorDroid: A Rule-Set Customizable Plugin for Secure Android Application Development

Cong-Binh Le; Cong-Binh Le; Bao-Thi Nguyen-Le; Bao-Thi Nguyen-Le; Phuoc-Loc Truong; Phuoc-Loc Truong; Minh-Triet Tran; Minh-Triet Tran; Anh-Duy Tran

doi:10.5220/0012049500003555

ArmorDroid: A Rule-Set Customizable Plugin for Secure Android Application Development

Cong-Binh Le, Cong-Binh Le, Bao-Thi Nguyen-Le, Bao-Thi Nguyen-Le, Phuoc-Loc Truong, Phuoc-Loc Truong, Minh-Triet Tran, Minh-Triet Tran, Anh-Duy Tran

2023

Abstract

Although Android is a popular mobile operating system, its app ecosystem could be safer. The lack of awareness and concern for security issues in apps is one of the main reasons for this. Given the current situation, developers have yet to receive sufficient security knowledge. Therefore, we have researched and proposed a tool to support security coding. Based on the idea of DevSecOps, developers are placed at the center to optimize the solution to this problem by integrating security programming into the earlier stage in the software development process. This paper presents two main research contributions: compilation and categorization of security issues in Android application development and developing ArmorDroid, a plugin for Android Studio to support secure coding. This plugin, which can be used for Java, Kotlin, and XML files, can instantly scan and detect vulnerable code and suggest quick fixes for developers during the development phase. This plugin helps developers improve their security code and trains them to write secure code by providing security coding standards in Android applications. Furthermore, developers can customize our rule set to suit their situation and share it with different developers. Our work also presents the results of a pilot study on the effectiveness of the ArmorDroid plugin.

Download

Paper Citation

in Harvard Style

Le C., Nguyen-Le B., Truong P., Tran M. and Tran A. (2023). ArmorDroid: A Rule-Set Customizable Plugin for Secure Android Application Development. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 634-641. DOI: 10.5220/0012049500003555

in Bibtex Style

@conference{secrypt23,
author={Cong-Binh Le and Bao-Thi Nguyen-Le and Phuoc-Loc Truong and Minh-Triet Tran and Anh-Duy Tran},
title={ArmorDroid: A Rule-Set Customizable Plugin for Secure Android Application Development},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={634-641},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012049500003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - ArmorDroid: A Rule-Set Customizable Plugin for Secure Android Application Development
SN - 978-989-758-666-8
AU - Le C.
AU - Nguyen-Le B.
AU - Truong P.
AU - Tran M.
AU - Tran A.
PY - 2023
SP - 634
EP - 641
DO - 10.5220/0012049500003555
PB - SciTePress