Filters








190 Hits in 4.6 sec

DroidRay

Min Zheng, Mingshen Sun, John C.S. Lui
2014 Proceedings of the 9th ACM symposium on Information, computer and communications security - ASIA CCS '14  
Android mobile devices are enjoying a lion's market share in smartphones and mobile devices. This also attracts malware writers to target the Android platform.  ...  Lastly, we investigate a realworld case of a pre-installed zero-day malware known as CEPlugnew, which involves 348,018 infected Android smartphones, and we show its degree and geographical penetration.  ...  However, their research only focused on the capability leak detection of pre-installed applications.  ... 
doi:10.1145/2590296.2590313 dblp:conf/ccs/ZhengSL14 fatcat:2lwwztwmrzb53ecbrhovb7f2ce

Vetting undesirable behaviors in android apps with permission use analysis

Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang
2013 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13  
Thus, recent years have witnessed the explosion of undesirable behaviors in Android apps. An important part in the defense is the accurate analysis of Android apps.  ...  In addition, we show how we can use VetDroid to analyze fine-grained causes of information leaks that TaintDroid cannot reveal.  ...  [35] empirically evaluated the re-delegated permission leaks in pre-installed apps of stock Android smartphones.  ... 
doi:10.1145/2508859.2516689 dblp:conf/ccs/ZhangYXYGNWZ13 fatcat:u4zuvak3cbaahojf7snbz724re

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, Stefan Mangard
2018 IEEE Communications Surveys and Tutorials  
Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices.  ...  Our proposed classification system allows to analyze side-channel attacks systematically, and facilitates the development of novel countermeasures.  ...  [101] exploited this information to detect Activity transitions within Android apps.  ... 
doi:10.1109/comst.2017.2779824 fatcat:4r5ceyc7pbdfxdmngtdncv4n5m

Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps

Yuan Zhang, Min Yang, Zhemin Yang, Guofei Gu, Peng Ning, Binyu Zang
2014 IEEE Transactions on Information Forensics and Security  
Thus, recent years have witnessed the explosion of undesirable behaviors in Android apps. An important part in the defense is the accurate analysis of Android apps.  ...  In addition, we show how we can use VetDroid to analyze fine-grained causes of information leaks that TaintDroid cannot reveal.  ...  [40] empirically evaluated the re-delegated permission leaks in pre-installed apps of stock Android smartphones.  ... 
doi:10.1109/tifs.2014.2347206 fatcat:2zulhpeba5fnzmakupvwzwlpzu

Software engineering techniques for statically analyzing mobile apps: research trends, characteristics, and potential for industrial adoption

Marco Autili, Ivano Malavolta, Alexander Perucci, Gian Luca Scoccia, Roberto Verdecchia
2021 Journal of Internet Services and Applications  
Over the years, literally hundreds of static analysis techniques have been proposed, ranging from structural and control-flow analysis to state-based analysis.In this paper, we present a systematic mapping  ...  study aimed at identifying, evaluating and classifying characteristics, trends and potential for industrial adoption of existing research in static analysis of mobile apps.  ...  Availability of data and materials The datasets analysed during the current study are available in the github repository, https://github.com/sesygroup/ mobile-static-analysis-replication-package.  ... 
doi:10.1186/s13174-021-00134-x fatcat:mlzjbkdi7fhezisn3tcv7wzlbi

ProfileDroid

Xuetao Wei, Lorenzo Gomez, Iulian Neamtiu, Michalis Faloutsos
2012 Proceedings of the 18th annual international conference on Mobile computing and networking - Mobicom '12  
The Android platform lacks tools for assessing and monitoring apps in a systematic way.  ...  We evaluate 27 free and paid Android apps and make several observations: (a) we identify discrepancies between the app specification and app execution, (b) free versions of apps could end up costing more  ...  This work was supported in part by National Science Foundation awards CNS-1064646, CNS-1143627, by a Google Research Award, by ARL CTA W911NF-09-2-0053, and by DARPA SMISC Program.  ... 
doi:10.1145/2348543.2348563 dblp:conf/mobicom/WeiGNF12 fatcat:c46tx5sb55ebfna4ehd7bw6ob4

Improving Smartphone Security and Reliability

IULIAN NEAMTIU, XUETAO WEI, MICHALIS FALOUTSOS, LORENZO GOMEZ, TANZIRUL AZIM, YONGJIAN HU, ZHIYONG SHAN
2017 Journal of Interconnection Networks (JOIN)  
To fill this gap, he have developed infrastructural tools that permit a wide range of software analyses for the Android smartphone platform.  ...  Next, we present several security applications of our infrastructure: a permission evolution study on the Android ecosystem; understanding and quantifying the risk posed by URL accesses in benign and malicious  ...  The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory  ... 
doi:10.1142/s0219265917400023 fatcat:yq7yda6d4ras7a75jr33mzm3la

Integrated Framework for Information Security in Mobile Banking Service Based on Smart Phone [chapter]

Yong-Nyuo Shin, Myung Geun Chun
2010 Communications in Computer and Information Science  
The purpose of this paper lies in recognizing the value of smartphones as well as the security threats that are exposed when smartphones are introduced, and provides countermeasures against those threats  ...  In providing smartphone services, it is of critical importance to take the proper security measures, because these services, while offering excellent mobility and convenience, can be easily exposed to  ...  In most cases, the scope of smartphone security incidents is limited to individuals, such as personal information leak, device disabling, and financial information loss.  ... 
doi:10.1007/978-3-642-17604-3_21 fatcat:3t4w6kspurfrlcbsaffjyun3dq

Enter Sandbox: Android Sandbox Comparison [article]

Sebastian Neuner, Victor van der Veen, Martina Lindorfer, Markus Huber, Georg Merzdovnik, Martin Mulazzani, Edgar Weippl
2014 arXiv   pre-print
In this paper, we give an overview of the state-of-the-art dynamic code analysis platforms for Android and evaluate their effectiveness with samples from known malware corpora as well as known Android  ...  In recent years, a vast number of static and dynamic code analysis platforms for analyzing Android applications and making decision regarding their maliciousness have been introduced in academia and in  ...  Moreover this work has been carried out within the scope of u'smile, the Josef Ressel Center for User-Friendly Secure Mobile Environments.  ... 
arXiv:1410.7749v1 fatcat:uh67vr2eyvajdcts62mjodjb24

Toward Engineering a Secure Android Ecosystem

Meng Xu, Chenxiong Qian, Sangho Lee, Taesoo Kim, Chengyu Song, Yang Ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee
2016 ACM Computing Surveys  
practices in the ecosystem.  ...  With the increasing number and complexity of security problems and solutions, we believe this is the right moment to step back and systematically re-evaluate the Android security architecture and security  ...  PRIVACY LEAK AND MALWARE DETECTIONS Privacy disclosure and malware detections are essential components to enhance security of the Android ecosystem.  ... 
doi:10.1145/2963145 fatcat:d5vhxpdywrevvbh4as6vvt576q

Permission evolution in the Android ecosystem

Xuetao Wei, Lorenzo Gomez, Iulian Neamtiu, Michalis Faloutsos
2012 Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12  
In this paper, we present arguably the first longterm study that is centered around both permission evolution and usage, of the entire Android ecosystem (platform, third-party apps, and pre-installed apps  ...  Unfortunately, we have little understanding of the evolution of Android permissions since their inception (2008). Is the permission model allowing the Android platform and apps to become more secure?  ...  Acknowledgements This work was supported in part by National Science Foundation award CNS-1064646, by a Google Research Award, by ARL CTA W911NF-09-2-0053, and by DARPA SMISC Program W911NF-12-C-0028.  ... 
doi:10.1145/2420950.2420956 dblp:conf/acsac/WeiGNF12 fatcat:rqi4joi42ffcpjs2wwvtlch75e

The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations

Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, XiaoFeng Wang
2014 2014 IEEE Symposium on Security and Privacy  
In this way, we can detect a set of likely security flaws on the phone.  ...  Our study is based on ADDICTED, a new tool we built for automatically detecting some types of flaws in customized driver protection.  ...  ACKNOWLEDGEMENTS The project was supported in part by the NSF CNS-1017782, 1117106, 1223477 and 1223495.  ... 
doi:10.1109/sp.2014.33 dblp:conf/sp/ZhouLZNW14 fatcat:avewl5mobvew7o7iqanv5eaf3m

ARMageddon: Cache Attacks on Mobile Devices [article]

Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard
2016 arXiv   pre-print
So far, no cross-core cache attacks have been demonstrated on non-rooted Android smartphones.  ...  The techniques we present can be used to attack hundreds of millions of Android devices.  ...  With this information it is possible to precisely determine the length of single words entered using the default AOSP keyboard. We illustrate the capability of detecting word lengths in Figure 10 .  ... 
arXiv:1511.04897v2 fatcat:44jugt6hovgf3a4f3q2rgtk4ze

Armageddon: Cache Attacks On Mobile Devices

Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard
2016 Zenodo  
So far, no cross-core cache attacks have been demonstrated on non-rooted Android smartphones.  ...  The techniques we present can be used to attack hundreds of millions of Android devices.  ...  With this information it is possible to precisely determine the length of single words entered using the default AOSP keyboard. We illustrate the capability of detecting word lengths in Figure 10 .  ... 
doi:10.5281/zenodo.59889 fatcat:hvoa4rfdxbfv3jmmhlxusaq5zu

NaClDroid: Native Code Isolation for Android Applications [chapter]

Elias Athanasopoulos, Vasileios P. Kemerlis, Georgios Portokalidis, Angelos D. Keromytis
2016 Lecture Notes in Computer Science  
As a matter of fact, one in two apps in Google Play are linked with a library providing ad network services.  ...  NaClDroid prevents malicious native-code libraries from hijacking Android applications using Software Fault Isolation.  ...  Office of Naval Research under award number N00014-16-1-2261.  ... 
doi:10.1007/978-3-319-45744-4_21 fatcat:z6qiciwpx5flzjp42bwoobq3my
« Previous Showing results 1 — 15 out of 190 results