Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Using Malware Analysis to Tailor SQUARE for Mobile Platforms

  • Abstract

    As the number of mobile-device software applications has grown, so has the amount of malware targeting them. More than 650,000 pieces of malware now target the Android platform. As mobile malware becomes more sophisticated and begins to approach threat levels seen on PC platforms, software development security practices for mobile applications will need to adopt the security practices for PC applications to reduce consumers’ exposure to financial and privacy breaches on mobile platforms. This technical note explores the development of security requirements for the K-9 Mail application, an open source email client for the Android operating system. The project’s case study (1) used the Security Quality Requirements Engineering (SQUARE) methodology to develop K-9 Mail’s security requirements and (2) used malware analysis to identify new security requirements in a proposed extension to the SQUARE process. This second task analyzed the impacts of DroidCleaner, a piece of Android malware, on the security goals of the K-9 Mail application. Based on the findings, new requirements are created to ensure that similar malware cannot compromise the privacy and confidentiality of email contents.

  • Download

Cite This Report

SEI

Alice, Gregory; & Mead, Nancy. Using Malware Analysis to Tailor SQUARE for Mobile Platforms . CMU/SEI-2014-TN-018. Software Engineering Institute, Carnegie Mellon University. 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=425994

IEEE

Alice. Gregory, and Mead. Nancy, "Using Malware Analysis to Tailor SQUARE for Mobile Platforms ," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2014-TN-018, 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=425994

APA

Alice, Gregory., & Mead, Nancy. (2014). Using Malware Analysis to Tailor SQUARE for Mobile Platforms (CMU/SEI-2014-TN-018). Retrieved September 29, 2016, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=425994

CHI

Gregory Alice, & Nancy Mead. Using Malware Analysis to Tailor SQUARE for Mobile Platforms (CMU/SEI-2014-TN-018). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=425994

MLA

Alice, Gregory., & Mead, Nancy. 2014. Using Malware Analysis to Tailor SQUARE for Mobile Platforms (Technical Report CMU/SEI-2014-TN-018). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=425994

BibTex

@techreport{AliceUsingMalware2014,
title={Using Malware Analysis to Tailor SQUARE for Mobile Platforms },
author={Gregory Alice and Nancy Mead},
year={2014},
number={CMU/SEI-2014-TN-018},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=425994} }