English
Related papers

Related papers: CrySL: Validating Correct Usage of Cryptographic A…

200 papers

Large language model fine-tuning APIs enable widespread model customization, yet pose significant safety risks. Recent work shows that adversaries can exploit access to these APIs to bypass model safety mechanisms by encoding harmful…

Machine Learning · Computer Science 2025-08-26 Jack Youstra , Mohammed Mahfoud , Yang Yan , Henry Sleight , Ethan Perez , Mrinank Sharma

This study focuses on the creation and implementation of ransomware for educational purposes that leverages Python's native cryptographic APIs in a controlled environment. Additionally, an Android version of the framework is implemented…

Cryptography and Security · Computer Science 2025-08-19 James Gu , Ahmed Sartaj , Mohammed Akram Taher Khan , Rashid Hussain Khokhar

Building Android applications reliably remains a persistent challenge due to complex dependencies, diverse configurations, and the rapid evolution of the Android ecosystem. This study conducts an empirical analysis of 200 open-source…

Software Engineering · Computer Science 2025-11-11 Lakshmi Priya Bodepudi , Yutong Zhao , Ming Quan Fu , Yuanyuan Wu , Sen He , Yu Zhao

Android malware is a persistent threat to billions of users around the world. As a countermeasure, Android malware detection systems are occasionally implemented. However, these systems are often vulnerable to \emph{evasion attacks}, in…

Cryptography and Security · Computer Science 2020-04-01 Harel Berger , Chen Hajaj , Amit Dvir

In training their newly-developed malware detection methods, researchers rely on threshold-based labeling strategies that interpret the scan reports provided by online platforms, such as VirusTotal. The dynamicity of this platform renders…

Cryptography and Security · Computer Science 2020-07-02 Aleieldin Salem

Android is a widely used operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating application resource requests. APS is a critical component of the Android…

Cryptography and Security · Computer Science 2022-08-24 Amirhosein Sayyadabdi , Behrouz Tork Ladani , Bahman Zamani

We conduct a large-scale measurement of developers' insecure practices leading to mini-app to super-app authentication bypass, among which hard-coding developer secrets for such authentication is a major contributor. We also analyze the…

Cryptography and Security · Computer Science 2023-07-19 Supraja Baskaran , Lianying Zhao , Mohammad Mannan , Amr Youssef

Mobile phones and tablets have become the most widely used computing devices, with a large predominance of the Android platform. As a natural evolution, the development of Android applications has surged and has become a major field of…

Software Engineering · Computer Science 2018-09-27 Franz-Xaver Geiger , Ivano Malavolta

Several real-world libraries (e.g., reentrant locks, GUI frameworks, serialization libraries) require their clients to use the provided API in a manner that conforms to a context-free specification. Motivated by this observation, this paper…

Programming Languages · Computer Science 2020-10-20 Kostas Ferles , Jon Stephens , Isil Dillig

Fragmentation is a serious problem in the Android ecosystem. This problem is mainly caused by the fast evolution of the system itself and the various customizations independently maintained by different smartphone manufacturers. Many…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Yanjie Zhao , Haipeng Cai , Mattia Fazzini , John Grundy , Li Li

XML configuration files are widely used in Android to define an app's user interface and essential runtime information such as system permissions. As Android evolves, it might introduce functional changes in the configuration environment,…

Software Engineering · Computer Science 2021-09-02 Huaxun Huang , Ming Wen , Lili Wei , Yepang Liu , Shing-Chi Cheung

Networked applications interact with the TCP/IP stack through the socket API. Over the years, various extensions have been added to this popular API. In this paper, we propose and implement the TCPSnitch software that tracks the…

Networking and Internet Architecture · Computer Science 2017-11-03 Gregory Vander Schueren , Quentin De Coninck , Olivier Bonaventure

Due to non-experts also developing security relevant applications it is necessary to support them too. Some improvements in the current research may not reach or impact these developers. Nonetheless these developers use security libraries.…

Cryptography and Security · Computer Science 2016-03-24 Kai Mindermann

Producing secure software is challenging. The poor usability of security APIs makes this even harder. Many recommendations have been proposed to support developers by improving the usability of cryptography libraries and APIs; rooted in…

Cryptography and Security · Computer Science 2021-05-06 Nikhil Patnaik , Andrew C. Dwyer , Joseph Hallett , Awais Rashid

Privacy policies are intended to inform users about how software systems collect and handle data, yet they often remain vague or incomplete. This paper presents an empirical study of patterns in log-related statements within privacy…

Cryptography and Security · Computer Science 2026-05-04 Zhiyuan Chen , Love Jayesh Ahir , Ahmad Suleiman , Kundi Yao , Yiming Tang , Weiyi Shang , Daqing Hou

As privacy features in Android operating system improve, privacy-invasive apps may gradually shift their focus to non-standard and covert channels for leaking private user/device information. Such leaks also remain largely undetected by…

Cryptography and Security · Computer Science 2022-10-03 Sajjad Pourali , Nayanamana Samarasinghe , Mohammad Mannan

The Google Play marketplace has introduced the Data Safety section to improve transparency regarding how mobile applications (apps) collect, share, and protect user data. This mechanism requires developers to disclose privacy and…

Cryptography and Security · Computer Science 2026-03-26 Bakheet Aljedaani

Privacy concerns have long been expressed around smart devices, and the concerns around Android apps have been studied by many past works. Over the past 10 years, we have crawled and scraped data for almost 1.9 million apps, and also stored…

Cryptography and Security · Computer Science 2021-12-30 Alexander Yu , Yuvraj Agarwal , Jason I. Hong

String obfuscation is an established technique used by proprietary, closed-source applications to protect intellectual property. Furthermore, it is also frequently used to hide spyware or malware in applications. In both cases, the…

Cryptography and Security · Computer Science 2020-09-10 Leonid Glanz , Patrick Müller , Lars Baumgärtner , Michael Reif , Sven Amann , Pauline Anthonysamy , Mira Mezini

Android applications collecting data from users must protect it according to the current legal frameworks. Such data protection has become even more important since the European Union rolled out the General Data Protection Regulation…

Software Engineering · Computer Science 2024-02-13 Mugdha Khedkar , Eric Bodden