publication . Preprint . 2014

A Sink-driven Approach to Detecting Exposed Component Vulnerabilities in Android Apps

Wu, Daoyuan; Luo, Xiapu; Chang, Rocky K. C.;
Open Access English
  • Published: 24 May 2014
Abstract
Comment: This is a technical report from HKPolyU
Subjects
free text keywords: Computer Science - Cryptography and Security
Download from
39 references, page 1 of 3

[1] Android Application Components. http://developer.android.com/guide/components/ fundamentals.html#Components.

[2] S. Arzt, S. Rasthofer, and E. Bodden. Susi: A tool for the fully automated classi cation and categorization of Android sources and sinks. In Technical Report TUD-CS-2013-0114, 2013.

[3] K. Au, Y. Zhou, Z. Huang, and D. Lie. Pscout: Analyzing the Android permission speci cation. In Proc. ACM CCS, 2012.

[4] B. Bellamy, P. Avgustinov, O. Moor, and D. Sereni. E cient local type inference. In Proc. ACM OOPSLA, 2008. [OpenAIRE]

[5] S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A. Sadeghi, and B. Shastry. Towards taming privilege-escalation attacks on Android. In Proc. ISOC NDSS, 2012.

[6] S. Bugiel, S. Heuser, and A. Sadeghi. Flexible and ne-grained mandatory access control on Android for diverse security and privacy policies. In Proc. Usenix Security, 2013. [OpenAIRE]

[7] P. Chan, L. Hui, and S. Yiu. Droidchecker: Analyzing Android applications for capability leak. In Proc. ACM WiSec, 2012.

[8] E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing inter-application communication in Android. In Proc. ACM MobiSys, 2011.

[9] L. Davi, A. Dmitrienko, A. Sadeghi, and M. Winandy. Privilege escalation attacks on Android. In Proc. Springer ISC, 2010.

[10] M. Dietz, S. Shekhar, Y. Pisetsky, A. Shu, and D. Wallach. Quire: Lightweight provenance for smart phone operating systems. In Proc. USENIX Security, 2011.

[11] M. Egele, C. Kruegel, E. Kirda, and G. Vigna. Pios: Detecting privacy leaks in iOS applications. In Proc. ISOC NDSS, 2011. [OpenAIRE]

[12] K. Elish, D. Yao, B. Ryder, and X. Jiang. A static assurance analysis of Android applications. http://people.cs.vt.edu/~danfeng/papers/ user-intention-PA-2013.pdf, 2013. [OpenAIRE]

[13] W. Enck, P. Gilbert, B. Chun, L. Cox, J. Jung, P. McDaniel, and A. Sheth. Taintdroid: An information- ow tracking system for realtime privacy monitoring on smartphones. In Proc. Usenix OSDI, 2010. [OpenAIRE]

[14] A. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demysti ed. In Proc. ACM CCS, 2011.

[15] A. Felt, H. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission re-delegation: Attacks and defenses. In Proc. Usenix Security, 2011.

39 references, page 1 of 3
Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue