English
Related papers

Related papers: CrySL: Validating Correct Usage of Cryptographic A…

200 papers

The login functionality, being the gateway to app usage, plays a critical role in both user experience and application security. As Android apps increasingly incorporate login functionalities, they support a variety of authentication…

Software Engineering · Computer Science 2025-02-14 Zixu Zhou , Rufeng Chen , Junfeng Chen , Yepang Liu , Lili Wei

Rust, a popular systems-level programming language, has garnered widespread attention due to its features of achieving run-time efficiency and memory safety. With an increasing number of real-world projects adopting Rust, understanding how…

Software Engineering · Computer Science 2024-12-20 Mohan Cui , Penglei Mao , Shuran Sun , Yangfan Zhou , Hui Xu

To empower smart contracts with the promising capabilities of cryptography, Ethereum officially introduced a set of cryptographic APIs that facilitate basic cryptographic operations within smart contracts, such as elliptic curve operations.…

Software Engineering · Computer Science 2023-12-18 Jiashuo Zhang , Jiachi Chen , Zhiyuan Wan , Ting Chen , Jianbo Gao , Zhong Chen

Increasing number of cyber-attacks demotivate people to use Information and Communication Technology (ICT) for industrial as well as day to day work. A main reason for the increasing number of cyber-attacks is mistakes that programmers make…

Cryptography and Security · Computer Science 2018-10-12 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), entails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a…

Cryptography and Security · Computer Science 2013-03-21 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Android has been the most popular smartphone system with multiple platform versions active in the market. To manage the application's compatibility with one or more platform versions, Android allows apps to declare the supported platform…

Software Engineering · Computer Science 2020-09-01 Daoyuan Wu , Debin Gao , David Lo

Third-party libraries (TPLs) have been widely used in mobile apps, which play an essential part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one hand, it can ease the development of mobile apps. On the other…

Software Engineering · Computer Science 2021-08-10 Xian Zhan , Tianming Liu , Lingling Fan , Li Li , Sen Chen , Xiapu Luo , Yang Liu

In Android, communications between apps and system services are supported by a transaction-based Inter-Process Communication (IPC) mechanism. Binder, as the cornerstone of this IPC mechanism, separates two communicating parties as client…

Cryptography and Security · Computer Science 2016-04-26 Huan Feng , Kang G. Shin

Online programming discussion platforms such as Stack Overflow serve as a rich source of information for software developers. Available information include vibrant discussions and oftentimes ready-to-use code snippets. Anecdotes report that…

Cryptography and Security · Computer Science 2017-10-10 Felix Fischer , Konstantin Böttinger , Huang Xiao , Christian Stransky , Yasemin Acar , Michael Backes , Sascha Fahl

Third-party security apps are an integral part of the Android app ecosystem. Many users install them as an extra layer of protection for their devices. There are hundreds of such security apps, both free and paid in Google Play Store and…

Cryptography and Security · Computer Science 2020-07-09 Weixian Yao , Yexuan Li , Weiye Lin , Tianhui Hu , Imran Chowdhury , Rahat Masood , Suranga Seneviratne

The prevalence of cryptographic API misuse (CAM) is compromising the effectiveness of cryptography and in turn the security of modern systems and applications. Despite extensive efforts to develop CAM detection tools, these tools typically…

Cryptography and Security · Computer Science 2025-09-16 Yang Zhang , Wenyi Ouyang , Yi Zhang , Liang Cheng , Chen Wu , Wenxin Hu

The android operating system is being installed in most of the smart devices. The introduction of intrusions in such operating systems is rising at a tremendous rate. With the introduction of such malicious data streams, the smart devices…

Machine Learning · Computer Science 2024-12-06 Madiha Tahreem , Ifrah Andleeb , Bilal Zahid Hussain , Arsalan Hameed

GitHub is a popular data repository for code examples. It is being continuously used to train several AI-based tools to automatically generate code. However, the effectiveness of such tools in correctly demonstrating the usage of…

Cryptography and Security · Computer Science 2022-11-28 Catherine Tony , Nicolás E. Díaz Ferreyra , Riccardo Scandariato

The advent of quantum computing poses a significant challenge as it has the potential to break certain cryptographic algorithms, necessitating a proactive approach to identify and modernize cryptographic code. Identifying these…

Cryptography and Security · Computer Science 2025-03-26 Micha Moffie , Omer Boehm , Anatoly Koyfman , Eyal Bin , Efrayim Sztokman , Sukanta Bhattacharjee , Meghnath Saha , James McGugan

Accurate detection of third-party libraries (TPLs) is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains…

Cryptography and Security · Computer Science 2025-09-08 Jintao Gu , Haolang Lu , Guoshun Nan , Yihan Lin , Kun Wang , Yuchun Guo , Yigui Cao , Yang Liu

The increasing development speed via Agile may introduce overlooked security steps in the process, with an example being the Iowa Caucus application. Verifying the protection of confidential information such as social security numbers…

Cryptography and Security · Computer Science 2022-01-20 Miles Frantz

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs to facilitate their app development. Unfortunately, the popularity of TPLs also brings new security issues. For…

Software Engineering · Computer Science 2021-08-05 Xian Zhan , Tianming Liu , Yepang Liu , Yang Liu , Li Li , Haoyu Wang , Xiapu Luo

The use of Large Language Models (LLMs) in software development is rapidly growing, with developers increasingly relying on these models for coding assistance, including security-critical tasks. Our work presents a comprehensive comparison…

Cryptography and Security · Computer Science 2024-11-18 Zohaib Masood , Miguel Vargas Martin

The permission mechanism in the Android Framework is integral to safeguarding the privacy of users by managing users' and processes' access to sensitive resources and operations. As such, developers need to be equipped with an in-depth…

Software Engineering · Computer Science 2025-10-07 Han Hu , Wei Minn , Yonghui Liu , Jiakun Liu , Ferdian Thung , Terry Yue Zhuo , Lwin Khin Shar , Debin Gao , David Lo