English
Related papers

Related papers: BabelView: Evaluating the Impact of Code Injection…

200 papers

Existing Android malware detection approaches use a variety of features such as security sensitive APIs, system calls, control-flow structures and information flows in conjunction with Machine Learning classifiers to achieve accurate…

Cryptography and Security · Computer Science 2017-04-11 Annamalai Narayanan , Mahinthan Chandramohan , Lihui Chen , Yang Liu

A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), entails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a…

Cryptography and Security · Computer Science 2013-03-21 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

The ubiquity of smartphones, and their very broad capabilities and usage, make the security of these devices tremendously important. Unfortunately, despite all progress in security and privacy mechanisms, vulnerabilities continue to…

Cryptography and Security · Computer Science 2020-06-03 Mohammad Ghafari , Pascal Gadient , Oscar Nierstrasz

Mobile apps often embed authentication secrets, such as API keys, tokens, and client IDs, to integrate with cloud services. However, developers often hardcode these credentials into Android apps, exposing them to extraction through reverse…

Cryptography and Security · Computer Science 2025-10-22 Marco Alecci , Jordan Samhi , Tegawendé F. Bissyandé , Jacques Klein

Increasing interest in securing the Android ecosystem has spawned numerous efforts to assist app developers in building secure apps. These efforts have resulted in tools and techniques capable of detecting vulnerabilities (and malicious…

Cryptography and Security · Computer Science 2019-08-06 Venkatesh-Prasad Ranganath , Joydeep Mitra

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate…

Cryptography and Security · Computer Science 2026-04-02 Francesco Pagano , Lorenzo Pisu , Leonardo Regano , Davide Maiorca , Alessio Merlo , Giorgio Giacinto

[Background] Web communication is universal in cyberspace, and security risks in this domain are devastating. [Aims] We analyzed the prevalence of six security smells in mobile app servers, and we investigated the consequence of these…

Cryptography and Security · Computer Science 2021-08-17 Pascal Gadient , Marc-Andrea Tarnutzer , Oscar Nierstrasz , Mohammad Ghafari

Expecting the shipment of 1 billion Android devices in 2017, cyber criminals have naturally extended their vicious activities towards Google's mobile operating system. With an estimated number of 700 new Android applications released every…

Cryptography and Security · Computer Science 2014-10-29 Sebastian Neuner , Victor van der Veen , Martina Lindorfer , Markus Huber , Georg Merzdovnik , Martin Mulazzani , Edgar Weippl

We conduct a large-scale measurement of developers' insecure practices leading to mini-app to super-app authentication bypass, among which hard-coding developer secrets for such authentication is a major contributor. We also analyze the…

Cryptography and Security · Computer Science 2023-07-19 Supraja Baskaran , Lianying Zhao , Mohammad Mannan , Amr Youssef

Android applications are frequently plagiarized or repackaged, and software obfuscation is a recommended protection against these practices. However, there is very little data on the overall rates of app obfuscation, the techniques used, or…

Cryptography and Security · Computer Science 2018-02-21 Dominik Wermke , Nicolas Huaman , Yasemin Acar , Brad Reaves , Patrick Traynor , Sascha Fahl

Computing platforms such as smartphones frequently access Web content using many separate applications rather than a single Web browser application. These applications often deal with sensitive user information such as financial data or…

Cryptography and Security · Computer Science 2014-10-29 Vasant Tendulkar , William Enck

Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the…

Cryptography and Security · Computer Science 2019-02-18 Calum C. Hall , Lynsay A. Shepherd , Natalie Coull

The misunderstanding and incorrect configurations of cryptographic primitives have exposed severe security vulnerabilities to attackers. Due to the pervasiveness and diversity of cryptographic misuses, a comprehensive and accurate…

Cryptography and Security · Computer Science 2023-05-16 Cong Sun , Xinpeng Xu , Yafei Wu , Dongrui Zeng , Gang Tan , Siqi Ma , Peicheng Wang

Mobile apps are predominantly integrated with cloud services to benefit from enhanced functionalities. Adopting authentication using secrets such as API keys is crucial to ensure secure mobile-cloud interactions. However, developers often…

Cryptography and Security · Computer Science 2025-11-11 Kevin Li , Lin Ling , Jinqiu Yang , Lili Wei

According to the World Health Organization(WHO), it is estimated that approximately 1.3 billion people live with some forms of vision impairment globally, of whom 36 million are blind. Due to their disability, engaging these minority into…

Human-Computer Interaction · Computer Science 2020-07-03 Jieshan Chen , Chunyang Chen , Zhenchang Xing , Xiwei Xu , Liming Zhu , Guoqiang Li , Jinshui Wang

Classifying mobile apps based on their description is beneficial for several purposes. However, many app descriptions do not reflect app functionalities, whether accidentally or on purpose. Most importantly, these app classification methods…

Software Engineering · Computer Science 2021-03-23 Md. Shamsujjoha , John Grundy , Li Li , Hourieh Khalajzadeh , Qinghua Lu

Third-party security apps are an integral part of the Android app ecosystem. Many users install them as an extra layer of protection for their devices. There are hundreds of such security apps, both free and paid in Google Play Store and…

Cryptography and Security · Computer Science 2020-07-09 Weixian Yao , Yexuan Li , Weiye Lin , Tianhui Hu , Imran Chowdhury , Rahat Masood , Suranga Seneviratne

Modern web browsers have effectively become the new operating system for business applications, yet their security posture is often under-scrutinized. This paper presents a novel, comprehensive Browser Security Posture Analysis…

Cryptography and Security · Computer Science 2025-05-14 Avihay Cohen

Mini-programs, an emerging mobile application paradigm within super-apps, offer a seamless and installation-free experience. However, the adoption of the web-view component has disrupted their isolation mechanisms, exposing new attack…

Cryptography and Security · Computer Science 2025-10-29 Miao Zhang , Shenao Wang , Guilin Zheng , Yanjie Zhao , Haoyu Wang

As the field of Web3 continues its rapid expansion, the security of Web3 authentication, often the gateway to various Web3 applications, becomes increasingly crucial. Despite its widespread use as a login method by numerous Web3…

Cryptography and Security · Computer Science 2024-10-02 Kailun Yan , Xiaokuan Zhang , Wenrui Diao