12 Hits in 1.6 sec

cHybriDroid: A Machine Learning-Based Hybrid Technique for Securing the Edge Computing

Afifa Maryam, Usman Ahmed, Muhammad Aleem, Jerry Chun-Wei Lin, Muhammad Arshad Islam, Muhammad Azhar Iqbal, Gautam Srivastava
2020 Security and Communication Networks  
In this study, we propose a novel hybrid approach to detect android malware, wherein static features in conjunction with dynamic features of smart phone applications are employed.  ...  Smart phones are an integral component of the mobile edge computing (MEC) framework. Securing the data stored on mobile devices is very crucial for ensuring the smooth operations of cloud services.  ...  To address these research questions, we propose a hybrid machine learning-based malware detection framework called HybriDroid for Android platform.  ... 
doi:10.1155/2020/8861639 fatcat:kotjbzysynda5d4zt2xickh7jm

On the Static Analysis of Hybrid Mobile Apps [chapter]

Achim D. Brucker, Michael Herzberg
2016 Lecture Notes in Computer Science  
Apache Cordova is a popular framework for developing multi-platform apps. Cordova combines HTML5 and JavaScript with native application code.  ...  In this paper, we present a novel approach for statically analysing the foreign language calls. We evaluate our approach by analysing the top Cordova apps from Google Play.  ...  Both are tools supporting the Android life-cycle model and are able to build call graphs for native Android apps as well as perform a static data-flow analysis for finding security vulnerabilities as well  ... 
doi:10.1007/978-3-319-30806-7_5 fatcat:2ontveila5g6zlzkuq353d6hqy

Exploiting ML algorithms for Efficient Detection and Prevention of JavaScript-XSS Attacks in Android Based Hybrid Applications [article]

Usama Khalid, Muhammad Abdullah, Kashif Inayat
2020 arXiv   pre-print
The dataset and the sample hybrid applications have been developed using the android studio. Then the widely used toolkit, RapidMiner, has been used for empirical analysis.  ...  This research proposes a framework for detection and prevention of XSS attacks in hybrid applications using state-of-the-art machine learning (ML) algorithms.  ...  HybriDroid, a static analysis framework, investigates semantics especially for the interoperation mechanism of Android Java and JavaScript.  ... 
arXiv:2006.07350v2 fatcat:hbmdjcroyzetrihcncqckb4b4m

Spartan Jester: End-to-End Information Flow Control for Hybrid Android Applications

Julian Sexton, Andrey Chudnov, David A. Naumann
2017 2017 IEEE Security and Privacy Workshops (SPW)  
We argue for a combination of static and dynamic analysis for assurance of endto-end confidentiality in hybrid apps.  ...  We show how information flows in hybrid Android applications can be secured through use of SPARTA, a static analyzer for Android/Java, and JEST, a dynamic monitor for JavaScript, connected by a compatibility  ...  ACKNOWLEDGMENT The authors would like to thank Felipe Fonseca for developing an early version of the org-mode app.  ... 
doi:10.1109/spw.2017.15 dblp:conf/sp/SextonCN17 fatcat:fitfuzw3n5bydmkrjmr66ajag4

Mobile App Privacy in Software Engineering Research: A Systematic Mapping Study [article]

Fahimeh Ebrahimi, Miroslav Tushev, Anas Mahmoud
2019 arXiv   pre-print
Mobile applications (apps) have become deeply personal, constantly demanding access to privacy-sensitive information in exchange for more personalized user experiences.  ...  Finally, our survey exposes several gaps in existing research and suggests areas for improvement.  ...  [63] presented HybriDroid, a static analysis framework for Android hybrid apps, or apps supporting multiple mobile platforms.  ... 
arXiv:1910.03622v1 fatcat:tbs4ogqqcjhyhdgylmdymttozu

A Lightweight Multi-Source Fast Android Malware Detection Model

Tao Peng, Bochao Hu, Junping Liu, Junjie Huang, Zili Zhang, Ruhan He, Xinrong Hu
2022 Applied Sciences  
to build base models for ensemble learning.  ...  Therefore, this paper proposes MSFDroid, a lightweight multi-source fast Android malware detection model, which uses information from the internal files of the Android application package in several dimensions  ...  Static Analysis Static analysis is widely used for Android malware detection.  ... 
doi:10.3390/app12115394 fatcat:mswfi3youzenxmn22567y2kh7a

A Large Scale Analysis of Android-Web Hybridization [article]

Abhishek Tiwari, Jyoti Prakash, Sascha Gross, Christian Hammer
2020 arXiv   pre-print
Many Android applications embed webpages via WebView components and execute JavaScript code within Android. Hybrid applications leverage dedicated APIs to load a resource and render it in a WebView.  ...  We analyze and categorize the parameters to hybridization APIs for 7,500 randomly selected and the 196 most popular applications from the Google Playstore as well as 1000 malware samples.  ...  [8] provide a framework for hybrid communication's type error discovery and taint analysis of information flows between Android and JavaScript.  ... 
arXiv:2008.01725v2 fatcat:6o2aldwcm5fh7o7o2ch6q7rwmu

Software engineering techniques for statically analyzing mobile apps: research trends, characteristics, and potential for industrial adoption

Marco Autili, Ivano Malavolta, Alexander Perucci, Gian Luca Scoccia, Roberto Verdecchia
2021 Journal of Internet Services and Applications  
static analysis of mobile apps.  ...  The results of this study give a solid foundation for assessing existing and future approaches for static analysis of mobile apps, especially in terms of their industrial adoptability.Researchers and practitioners  ...  We established the need for performing a review on static analysis of mobile app (Section 3), we identified the main research questions (Section 4.1), and we defined the protocol to be followed by the  ... 
doi:10.1186/s13174-021-00134-x fatcat:mlzjbkdi7fhezisn3tcv7wzlbi

Heaps don't lie: countering unsoundness with heap snapshots

Neville Grech, George Fourtounis, Adrian Francalanza, Yannis Smaragdakis
2017 Proceedings of the ACM on Programming Languages  
A HeapDL-enhanced static analysis of the DaCapo benchmarks computes 99.5% (median) of the call-graph edges of unseen dynamic executions (vs. 76.9% for the Tamiflex tool).  ...  We present techniques that substantially counteract the unsoundness of a static analysis, with virtually no intrusion to the analysis logic.  ...  The problem of static analysis unsoundness is particularly acute for Android frameworks, since they make heavy use of reflection.  ... 
doi:10.1145/3133892 dblp:journals/pacmpl/GrechFFS17 fatcat:gegimfe3szcg7dufvwnx3kity4

Automated Tests for Cross-Platform Mobile Apps in Multiple Configurations

Andre Augusto Menegassi, Andre Takeshi Endo
2019 IET Software  
Such apps are developed using popular frameworks for cross-platform app development such as Apache Cordova, Xamarin, and React Native.  ...  Cross-platform apps stand out by their ability to run in various operating systems (OSs), such as Android, iOS, and Windows.  ...  The authors are also grateful to the anonymous reviewers for their useful comments and suggestions. A.T.E. is partially financially supported by CNPq/Brazil (grant no. 420363/2018-1).  ... 
doi:10.1049/iet-sen.2018.5445 fatcat:krrspw4xhjf73o4hytg4ler2am

Privacy Assessment in Android Apps: A Systematic Mapping Study

Jose M. Del Alamo, Danny Guaman, Belen Balmori, Ana Diez
2021 Electronics  
Android apps are daily installed by billions of users worldwide, who grant access to an extensive set of sensitive personal data.  ...  gap, we have carried out a systematic mapping study to provide practitioners and researchers with an overview of the state-of-the-art technique, published between 2016 and 2020, to assess privacy in Android  ...  Ryu, Hybridroid: Static analysis framework for androhybrapplications, in: ASE 2016-Proc. 31st IEEE/ACM Int. Conf. Autom. Softw.  ... 
doi:10.3390/electronics10161999 fatcat:umsubxe6qjetnnem4hgaeh22ce

Proof-of-Concept of a Static Analysis Tool for Android Applications with the Goal of Detecting Potential Leaks of Private Data

Ismar Music, Thomas Grechenig
Real-world application analysis also shows that obfuscation is still a problem for static-analysis solutions.  ...  The thesis tries to identify places for improvement in the existing solutions and iterate on them. The goal is to develop an improved solution, which uses static code analysis.  ...  Forf uture work, more work needs to be invested into making ar eadilya vailable, open-source tool for hybrid (static &d ynamic) application analysis.  ... 
doi:10.34726/hss.2021.87344 fatcat:mbnm42idafehrlj7btxvzctkyi