Filters








2,682 Hits in 4.8 sec

From Zygote to Morula: Fortifying Weakened ASLR on Android

Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, Wenke Lee
2014 2014 IEEE Symposium on Security and Privacy  
In this paper, we analyze the Zygote process creation model, an Android operating system design for speeding up application launches.  ...  There have been many research efforts to secure Android applications and the high-level system mechanisms.  ...  ACKNOWLEDGMENTS The authors would like to thank the anonymous reviewers for their valuable comments. We thank William Enck for the thoughtful feedback that guided the final version of this paper.  ... 
doi:10.1109/sp.2014.34 dblp:conf/sp/LeeLWKL14 fatcat:marfpzjz6zdpzjlcpsfmuedjqi

Blender: Self-randomizing Address Space Layout for Android Apps [chapter]

Mingshen Sun, John C. S. Lui, Yajin Zhou
2016 Lecture Notes in Computer Science  
BLENDER requires no changes to the Android framework nor the underlying Linux kernel, thus is a non-invasive and easy-to-deploy solution.  ...  Specifically, for an app using our system, BLENDER randomly rearranges loaded libraries and Android runtime executable code in the app's process, achieving much higher memory entropy compared with the  ...  location will break the resolved dependencies, and crash the app.  ... 
doi:10.1007/978-3-319-45719-2_21 fatcat:o374qakcejgkdoi6s6pzwdvp2i

Monitoring and Controlling Tap Water Flow at Homes Using Android Mobile Application

Kuganesan Kumar
2017 American Journal of Software Engineering and Applications  
This paper presents the development of an online mobile application (app) that monitors and controls the water flow through taps whenever there is an unusual reading of the water usage at home.  ...  The primary goal of this system is to enable a user in monitoring and controlling the water flow at home via an online mobile application's (app) graphical user interface (GUI).  ...  Development and Testing The Water Flow Monitoring and Controlling System is an interactive android-based mobile application.  ... 
doi:10.11648/j.ajsea.20170606.11 fatcat:cslsei64x5b5tnp5c5koo4s76m

A COMPARATIVE STUDY: JAVA VS KOTLIN PROGRAMMING IN ANDROID APPLICATION DEVELOPMENT

Subham Bose
2018 International Journal of Advanced Research in Computer Science  
The purpose of this paper is to compare and conclude between Java and Kotlin in android application. We have taken different fields and compared it with Java and Android.  ...  This paper attempts to study the various features of both Java and Kotlinand in the end concludes which programming language fits the developers.  ...  not break the flow of the code unlike in JAVA.  ... 
doi:10.26483/ijarcs.v9i3.5978 fatcat:u6prkto36na2zgip6vxjmnlb2i

Debugging Android [chapter]

Iggy Krajci, Darren Cummings
2013 Android on x86  
We will also touch on the setup and configuration of application and system software debug environments targeting Android and Intel architectures in the early part of the chapter.  ...  -Andy Grove, semiconductor manufacturing pioneer The processes for identifying runtime issues and possible problematic code in an Android OS-targeted application or in the Android system software stack  ...  Figure 8 - 8 .Figure 8 - 9 . 8889 Starting an Android Virtual Device Virtual Device Launch Options13. After a few moments, the emulator will launch and show you the screen inFigure 8-10.  ... 
doi:10.1007/978-1-4302-6131-5_8 fatcat:33scl3k36rhprlpdinq2ei6zs4

Analyzing inter-application communication in Android

Erika Chin, Adrienne Porter Felt, Kate Greenwood, David Wagner
2011 Proceedings of the 9th international conference on Mobile systems, applications, and services - MobiSys '11  
ComDroid can be used by developers to analyze their own applications before release, by application reviewers to analyze applications in the Android Market, and by end users.  ...  In addition to an open API, the Android operating system also provides a rich inter-application message passing system.  ...  Any opinions, findings, conclusions, or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the National Science Foundation.  ... 
doi:10.1145/1999995.2000018 dblp:conf/mobisys/ChinFGW11 fatcat:eildcftygra2lidwpeol7vhxr4

SSPFA: effective stack smashing protection for Android OS

Héctor Marco-Gisbert, Ismael Ripoll-Ripoll
2019 International Journal of Information Security  
In this paper, we detail why the stack smashing protector (SSP), one of the most effective techniques to mitigate stack buffer overflow attacks, fails to protect the Android operating system and thus causes  ...  We propose SSPFA, the first effective and practical SSP for Android devices. SSPFA provides security against stack buffer overflows without changing the underlying architecture.  ...  of the flow control of the native Android applications.  ... 
doi:10.1007/s10207-018-00425-8 fatcat:ykfbservyrgp7knlqyzgubsw7e

Retrofitting concurrency for Android applications through refactoring

Yu Lin, Cosmin Radoi, Danny Dig
2014 Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014  
Second, 46% of the usages are manually refactored. However, the refactored code contains concurrency bugs (such as data races) and performance bugs (concurrent code still executes sequentially).  ...  Despite the fact that Android supports writing concurrent code via AsyncTask, we know little about how developers use AsyncTask to improve responsiveness.  ...  A naive implementation is to move all the statements after the selected code into onPostExecute. However, this may break the control flow of the main thread.  ... 
doi:10.1145/2635868.2635903 dblp:conf/sigsoft/LinRD14 fatcat:4d5bfgizjfcoremfu3wvnrowom

PolyScope: Multi-Policy Access Control Analysis to Triage Android Systems [article]

Yu-Tsung Lee, William Enck, Haining Chen, Hayawardh Vijayakumar, Ninghui Li, Daimeng Wang, Zhiyun Qian, Giuseppe Petracca, Trent Jaeger
2020 arXiv   pre-print
Android utilizes a combination of mandatory (e.g., SEAndroid) and discretionary (e.g., UNIX permissions) access control, both to protect the Android platform from Android/OEM services and to protect Android  ...  to launch attacks, which we call permission expansion, and (2) system configurations may limit the ways adversaries may use their permissions to launch attacks, motivating computation of attack operations  ...  Table 4 breaks down how many attack operations of each type are possible given the configurations that may block such operations.  ... 
arXiv:2008.03593v1 fatcat:cqiptjlohzbt5mmbtnprl6jdce

These aren't the droids you're looking for

Peter Hornyack, Seungyeop Han, Jaeyeon Jung, Stuart Schechter, David Wetherall
2011 Proceedings of the 18th ACM conference on Computer and communications security - CCS '11  
We evaluate our privacy controls on 50 applications from the Android Market, selected from those that were both popular and permission-hungry.  ...  We retrofit the Android operating system to implement these two controls for use with unmodified applications.  ...  , Robert Reeder, Anmol Sheth, the anonymous reviewers, and our shepherd, Ninghui Li for providing valuable feedback.  ... 
doi:10.1145/2046707.2046780 fatcat:zvxmwgs2anct5gjfixbku53jry

Breaking Ad-hoc Runtime Integrity Protection Mechanisms in Android Financial Apps

Taehun Kim, Hyeonmin Ha, Seoyoon Choi, Jaeyeon Jung, Byung-Gon Chun
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
Our investigation found that existing tools fail to analyze these Android apps effectively because of their highly obfuscated code and complex, non-traditional control flows.  ...  To generate the call graph, we identify the causality between the system APIs (Android APIs and system calls) used to check device rooting and app integrity, and those used to stop an app's execution.  ...  Acknowledgment We thank our shepherd Yubin Xia and the anonymous reviewers for their feedback on this work.  ... 
doi:10.1145/3052973.3053018 dblp:conf/ccs/KimHCJC17 fatcat:agrzclusjfeqfgy5fwzb7i3cwe

Code Randomization: Haven't We Solved This Problem Yet?

Stephen Crane, Andrei Homescu, Per Larsen
2016 2016 IEEE Cybersecurity Development (SecDev)  
On Android, pagerando fully adheres to the default SELinux policies.  ...  To support our claims of practicality, we demonstrate that our technique can be integrated into and protect all shared libraries shipped with stock Android 6.0.  ...  Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Defense Advanced Research Projects Agency,  ... 
doi:10.1109/secdev.2016.036 dblp:conf/secdev/CraneHL16 fatcat:5ohuioyhkfe3lmp2kyb5srsgdi

Cross-Platform Analysis of Indirect File Leaks in Android and iOS Applications [article]

Daoyuan Wu, Rocky K. C. Chang
2017 arXiv   pre-print
Unlike the previous attacks, we demonstrate that these IFLs can affect both Android and iOS.  ...  We finally compare the impacts of four different types of IFL attacks on Android and iOS, and propose several mitigation methods.  ...  ITS/073/12) from the Innovation Technology Fund in Hong Kong. Additional materials.  ... 
arXiv:1511.00104v2 fatcat:rfqxdbuzqjbnpntl6txyjdo5pq

FineDroid: Enforcing Permissions with System-Wide Application Execution Context [chapter]

Yuan Zhang, Min Yang, Guofei Gu, Hao Chen
2015 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
To protect sensitive resources from unauthorized use, modern mobile systems, such as Android and iOS, design a permission-based access control model.  ...  We build a prototype system on Android, named FineDroid, to track such context during the application execution.  ...  the interaction flow among applications and system services.  ... 
doi:10.1007/978-3-319-28865-9_1 fatcat:27k3zfwalba4tehul6kn6dqfgi

DroidPill

Chaoting Xuan, Gong Chen, Erich Stuntebeck
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
the Android Application Framework.  ...  Conceptually, an App Confusion Attack hijacks the launching process of each benign app, and forces it to run in a virtual execution context controlled by hackers, instead of the native one provided by  ...  However, inclusive app virtualization breaks the UI Integrity requirement for the majority of Android devices.  ... 
doi:10.1145/3052973.3052986 dblp:conf/ccs/XuanCS17 fatcat:j7c4c2dlcjegtidfxl4l4lwpim
« Previous Showing results 1 — 15 out of 2,682 results