Tiny Android Security Tutorial

Sajid Rahman
Last updated on Aug 26, 2021 1 min read Courses

[Secure Android App Development] Free MOOC (now retired) offered by University of Southampton

Another Great Resource:MobiSec

Github Repo: BuggyTheApp

1.8 Terminology

1.9 Threat and risk modelling

1.10 Unacceptable loss and residual risk

1.12 Security Controls

2.12 Attacking BuggyTheApp

2.13 SQL injection

2.14 Fortify SCA to scan for vulnerabilities

2.15 Fixing SQL vulnerability

2.16 Input Validation

3.2 Security by Design

3.3 Principle of Least Privilege

3.5 Android Application Sandbox

3.6 A quick refresher of application components under Android

3.7 Public or private components

3.8 Overview of Permissions

3.9 Creating Permissions

3.10 Using Permissions

3.13 Introduction to Interprocess Communication

3.15 Asynchronus IPC in Android

3.16 Synchronus IPC in Android

3.17 Securing Activities

3.18 Securing Services

3.19 Securing Content Providers

3.21 Securing Broadcast receivers

4.4 Data Storage Options

4.5 Internal & External Storage

4.7 File and disk encryption

4.8 Android KeyStore

4.9 Cryptographic Keys

4.10 Securely sharing data via Content Providers

4.12 Hashing Data

4.13 The Key Principles

4.14 Authenticating the user to a remote server

4.15 Authenticating remote servers and encrypting connections

4.16 WebView Input Validation.

Android Security Secure Development Course MOOC
Sajid Rahman
Sajid Rahman
Research Data Scientist

My research interests include security & privacy threat modeling, deep learning, and human-centered computing.