publication . Article . Other literature type . 2018

Large-Scale Analysis of Remote Code Injection Attacks in Android Apps

Hyunwoo Choi; Yongdae Kim;
Open Access English
  • Published: 17 Apr 2018 Journal: Security and Communication Networks (issn: 1939-0114, eissn: 1939-0122, Copyright policy)
  • Publisher: Hindawi-Wiley
Abstract
<jats:p>It is pretty well known that insecure code updating procedures for Android allow remote code injection attack. However, other than codes, there are many resources in Android that have to be updated, such as temporary files, images, databases, and configurations (XML and JSON). Security of update procedures for these resources is largely unknown. This paper investigates general conditions for remote code injection attacks on these resources. Using this, we design and implement a static detection tool that automatically identifies apps that meet these conditions. We apply the detection tool to a large dataset comprising 9,054 apps, from three different typ...
Subjects
free text keywords: Technology (General), T1-995, Science (General), Q1-390, Article Subject, Computer Networks and Communications, Information Systems, Computer science, JSON, computer.programming_language, computer, XML, computer.internet_protocol, Code injection attacks, Android (operating system), Code injection, Operating system, computer.software_genre, Computer security
Powered by OpenAIRE Research Graph
Any information missing or wrong?Report an Issue