English
Related papers

Related papers: A Sink-driven Approach to Detecting Exposed Compon…

200 papers

Android is undergoing unprecedented malicious threats daily, but the existing methods for malware detection often fail to cope with evolving camouflage in malware. To address this issue, we present HAWK, a new malware detection framework…

Cryptography and Security · Computer Science 2021-08-18 Yiming Hei , Renyu Yang , Hao Peng , Lihong Wang , Xiaolin Xu , Jianwei Liu , Hong Liu , Jie Xu , Lichao Sun

In this paper, we present a concolic execution technique for detecting SQL injection vulnerabilities in Android apps, with a new tool we called ConsiDroid. We extend the source code of apps with mocking technique, such that the execution of…

Software Engineering · Computer Science 2019-08-09 Ehsan Edalat , Babak Sadeghiyan , Fatemeh Ghassemi

Android allows apps to communicate with its system services via system service helpers so that these apps can use various functions provided by the system services. Meanwhile, the system services rely on their service helpers to enforce…

Cryptography and Security · Computer Science 2022-03-25 Yi He , Yacong Gu , Purui Su , Kun Sun , Yajin Zhou , Zhi Wang , Qi Li

Android is one of the leading operating systems for smart phones in terms of market share and usage. Unfortunately, it is also an appealing target for attackers to compromise its security through malicious applications. To tackle this…

Cryptography and Security · Computer Science 2022-05-31 Kaleem Nawaz Khan , Najeeb Ullah , Sikandar Ali , Muhammad Salman Khan , Mohammad Nauman , Anwar Ghani

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By…

Cryptography and Security · Computer Science 2018-01-16 Daoyuan Wu , Yao Cheng , Debin Gao , Yingjiu Li , Robert H. Deng

With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Li Li , Yichun Yan , Mattia Fazzini , John Grundy

The escalating sophistication of Android malware poses significant challenges to traditional detection methods, necessitating innovative approaches that can efficiently identify and classify threats with high precision. This paper…

Cryptography and Security · Computer Science 2025-04-14 Safayat Bin Hakim , Muhammad Adil , Kamal Acharya , Houbing Herbert Song

Filesystem vulnerabilities persist as a significant threat to Android systems, despite various proposed defenses and testing techniques. The complexity of program behaviors and access control mechanisms in Android systems makes it…

Cryptography and Security · Computer Science 2024-07-17 Yu-Tsung Lee , Hayawardh Vijayakumar , Zhiyun Qian , Trent Jaeger

The art of finding software vulnerabilities has been covered extensively in the literature and there is a huge body of work on this topic. In contrast, the intentional insertion of exploitable, security-critical bugs has received little…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Thorsten Holz

Inter-Component Communication (ICC) is a key mechanism in Android. It enables developers to compose rich functionalities and explore reuse within and across apps. Unfortunately, as reported by a large body of literature, ICC is rather…

Software Engineering · Computer Science 2021-01-18 Jordan Samhi , Alexandre Bartel , Tegawendé F. Bissyandé , Jacques Klein

Detecting security vulnerabilities in open-source software is a critical task that is highly regarded in the related research communities. Several approaches have been proposed in the literature for detecting vulnerable codes and…

Cryptography and Security · Computer Science 2025-07-25 Nima Atashin , Behrouz Tork Ladani , Mohammadreza Sharbaf

Security of Android devices is now paramount, given their wide adoption among consumers. As researchers develop tools for statically or dynamically detecting suspicious apps, malware writers regularly update their attack mechanisms to hide…

Cryptography and Security · Computer Science 2022-10-21 Xiaoyu Sun , Xiao Chen , Li Li , Haipeng Cai , John Grundy , Jordan Samhi , Tegawendé F. Bissyandé , Jacques Klein

Mobile apps have become indispensable for daily life, not only for individuals but also for companies/organizations that offer their services digitally. Inherited by the mobility of devices, there are no limitations regarding the locations…

Android's open-source nature facilitates widespread smartphone accessibility, particularly in price-sensitive markets. System and vendor applications that come pre-installed on budget Android devices frequently operate with elevated…

Cryptography and Security · Computer Science 2025-09-24 Alioune Diallo , Anta Diop , Abdoul Kader Kabore , Jordan Samhi , Aleksandr Pilgun , Tegawendé F. Bissyande , Jacque Klein

Cryptojacking applications pose a serious threat to mobile devices. Due to the extensive computations, they deplete the battery fast and can even damage the device. In this work we make a step towards combating this threat. We collected and…

Cryptography and Security · Computer Science 2020-02-25 Stanislav Dashevskyi , Yury Zhauniarovich , Olga Gadyatskaya , Aleksandr Pilgun , Hamza Ouhssain

Android malware is one of the most dangerous threats on the internet, and it's been on the rise for several years. Despite significant efforts in detecting and classifying android malware from innocuous android applications, there is still…

Cryptography and Security · Computer Science 2021-07-06 Ahmed Hashem El Fiky , Ayman El Shenawy , Mohamed Ashraf Madkour

It is increasingly suggested to identify Software Vulnerabilities (SVs) in code commits to give early warnings about potential security risks. However, there is a lack of effort to assess vulnerability-contributing commits right after they…

Software Engineering · Computer Science 2021-08-19 Triet H. M. Le , David Hin , Roland Croft , M. Ali Babar

Since Google unveiled Android OS for smartphones, malware are thriving with 3Vs, i.e. volume, velocity, and variety. A recent report indicates that one out of every five business/industry mobile application leaks sensitive personal data.…

Cryptography and Security · Computer Science 2021-03-02 Hemant Rathore , Sanjay K. Sahay , Ritvik Rajvanshi , Mohit Sewak

Mobile devices encroach on almost every part of our lives, including work and leisure, and contain a wealth of personal and sensitive information. It is, therefore, imperative that these devices uphold high security standards. A key aspect…

Cryptography and Security · Computer Science 2020-02-25 Sadegh Farhang , Mehmet Bahadir Kirdan , Aron Laszka , Jens Grossklags

This paper presents a framework that selectively triggers security reviews for incoming source code changes. Functioning as a review bot within a code review service, the framework can automatically request additional security reviews at…

Cryptography and Security · Computer Science 2024-05-28 Keun Soo Yim