Countering Mobile Application Threats Through a Structured Threat Modelling Approach
摘要
The development of secure mobile applications is a crucial and complex task. This research focuses on threat modelling techniques to enhance mobile application security. A technique is proposed to analyse mobile application vulnerabilities, categorised by mobile application architectural layers, and classify vulnerabilities using STRIDE and DREAD. By identifying and scrutinising vulnerabilities, the research proposes a practical and comprehensive four-step threat modelling approach to mitigating mobile application security risks and ensuring the robustness of mobile applications. The approach contributes to clarifying the steps to be taken to secure mobile applications.