Centre for High Performance Computing 2024 National Conference

Countering mobile application threats with a structured threat modelling approach

2 Dec 2024, 12:15

20m

BICC.G-W - Wood Rooms (Boardwalk Convention Centre)

Talk Cybersecurity / ISSA ISSA

Speaker

Christoff Jacobs (University of Johannesburg)

Description

The development of secure mobile applications is a crucial and complex task. This research focuses on threat modelling techniques to enhance mobile application security. A technique is proposed to analyse mobile application vulnerabilities, categorised by mobile application architectural layers, and classify vulnerabilities using STRIDE and DREAD. By identifying and scrutinising vulnerabilities, the research proposes a practical and comprehensive four-step threat modelling approach to mitigating mobile ap-plication security risks and ensuring the robustness of mobile applications. The approach contributes to clarifying the steps to be taken to secure mobile applications.