English
Related papers

Related papers: A Permission-Dependent Type System for Secure Info…

200 papers

Flow-sensitive type systems offer an elegant way to ensure memory-safety in programming languages. Unfortunately, their adoption in new or existing languages is often hindered by a painful effort to implement or integrate them into…

Programming Languages · Computer Science 2021-06-24 Dimitri Racordon , Aurélien Coet , Didier Buchs

Software testing is the most commonly used technique in the industry to certify the correctness of software systems. This includes security properties like access control and data confidentiality. However, information flow control and the…

Software Engineering · Computer Science 2019-08-28 Eduardo Geraldo , João Costa Seco

In this paper, we present a comparative analysis of benign and malicious Android applications, based on static features. In particular, we focus our attention on the permissions requested by an application. We consider both binary…

Cryptography and Security · Computer Science 2019-04-02 Neeraj Chavan , Fabio Di Troia , Mark Stamp

The Android permission system is a set of controls to regulate access to sensitive data and platform resources (e.g., camera). The fast evolving nature of Android permissions, coupled with inadequate documentation, results in numerous…

Software Engineering · Computer Science 2023-11-02 Sahrima Jannat Oishwee , Natalia Stakhanova , Zadia Codabux

This paper develops semantic typing in a smart-contract setting to ensure type safety of code that uses statically untypable language constructs, such as the fallback function. The idea is that the creator of a contract on the blockchain…

Programming Languages · Computer Science 2026-04-28 Stian Lybech , Daniele Gorla , Luca Aceto

We show how security type systems from the literature of language-based noninterference can be represented more directly as predicates defined by structural recursion on the programs. In this context, we show how our uniform syntactic…

Cryptography and Security · Computer Science 2013-08-16 Andrei Popescu

We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information…

Programming Languages · Computer Science 2022-04-21 Jonathan Sterling , Robert Harper

The ubiquity of smartphones, and their very broad capabilities and usage, make the security of these devices tremendously important. Unfortunately, despite all progress in security and privacy mechanisms, vulnerabilities continue to…

Cryptography and Security · Computer Science 2020-06-03 Mohammad Ghafari , Pascal Gadient , Oscar Nierstrasz

Today's mobile platforms provide only coarse-grained permissions to users with regard to how third- party applications use sensitive private data. Unfortunately, it is easy to disguise malware within the boundaries of legitimately-granted…

Programming Languages · Computer Science 2013-11-19 Shuying Liang , Matthew Might , David Van Horn

Ransomware core capability, unauthorized encryption, demands controls that identify and block malicious cryptographic activity without disrupting legitimate use. We present a probabilistic, risk-based access control architecture that…

Cryptography and Security · Computer Science 2026-03-24 Kenan Begovic , Abdulaziz Al-Ali , Qutaibah Malluhi

Smartphones with the platforms of applications are gaining extensive attention and popularity. The enormous use of different applications has paved the way to numerous security threats. The threats are in the form of attacks such as…

Cryptography and Security · Computer Science 2022-07-15 Misbah Shafi , Rakesh Kumar Jha , Sanjeev Jain

The exponential growth of mobile devices has raised concerns about sensitive data leakage. In this paper, we make the first attempt to identify suspicious location-related HTTP transmission flows from the user's perspective, by answering…

Cryptography and Security · Computer Science 2016-07-26 Hao Fu , Zizhan Zheng , Aveek K. Das , Parth H. Pathak , Pengfei Hu , Prasant Mohapatra

Mature push button tools have emerged for checking trace properties (e.g. secrecy or authentication) of security protocols. The case of indistinguishability-based privacy properties (e.g. ballot privacy or anonymity) is more complex and…

Cryptography and Security · Computer Science 2017-08-29 Véronique Cortier , Niklas Grimm , Joseph Lallemand , Matteo Maffei

This paper introduces a malware detection system for smartphones based on studying the dynamic behavior of suspicious applications. The main goal is to prevent the installation of the malicious software on the victim systems. The approach…

Cryptography and Security · Computer Science 2024-02-07 Jorge Maestre Vidal , Marco Antonio Sotelo Monge , Luis Javier García Villalba

The permission mechanism in the Android Framework is integral to safeguarding the privacy of users by managing users' and processes' access to sensitive resources and operations. As such, developers need to be equipped with an in-depth…

Software Engineering · Computer Science 2025-10-07 Han Hu , Wei Minn , Yonghui Liu , Jiakun Liu , Ferdian Thung , Terry Yue Zhuo , Lwin Khin Shar , Debin Gao , David Lo

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

The widespread use of smartphones gives rise to new security and privacy concerns. Smartphone thefts account for the largest percentage of thefts in recent crime statistics. Using a victim's smartphone, the attacker can launch impersonation…

Cryptography and Security · Computer Science 2017-03-10 Wei-Han Lee , Ruby Lee

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app…

Cryptography and Security · Computer Science 2017-06-09 Jorge Blasco , Thomas M. Chen , Igor Muttik , Markus Roggenbach

In this position paper we advocate software model checking as a technique suitable for security analysis of mobile apps. Our recommendation is based on promising results that we achieved on analysing app collusion in the context of the…

Software Engineering · Computer Science 2017-06-16 Irina Mariuca Asavoae , Hoang Nga Nguyen , Markus Roggenbach , Siraj Ahmed Shaikh

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two…

Cryptography and Security · Computer Science 2012-02-14 Mário S. Alvim
‹ Prev 1 4 5 6 7 8 10 Next ›