English
Related papers

Related papers: SCLib: A Practical and Lightweight Defense against…

200 papers

Android apps could expose their components for cooperating with other apps. This convenience, however, makes apps susceptible to the exposed component vulnerability (ECV), in which a dangerous API (commonly known as sink) inside its…

Cryptography and Security · Computer Science 2014-05-27 Daoyuan Wu , Xiapu Luo , Rocky K. C. Chang

Third-party Software Development Kits (SDKs) are widely adopted in Android app development, to effortlessly accelerate development pipelines and enhance app functionality. However, this convenience raises substantial concerns about…

Cryptography and Security · Computer Science 2025-06-19 Mark Huasong Meng , Chuan Yan , Qing Zhang , Zeyu Wang , Kailong Wang , Sin Gee Teo , Guangdong Bai , Jin Song Dong

Software complexity has increased over the years. One common way to tackle this complexity during development is to encapsulate features into a shared library. This allows developers to reuse already implemented features instead of…

Cryptography and Security · Computer Science 2019-09-17 Nicolai Davidsson , Andre Pawlowski , Thorsten Holz

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may…

Cryptography and Security · Computer Science 2012-05-01 Steffen Bartsch , Karsten Sohr , Michaela Bunke , Oliver Hofrichter , Bernhard Berger

Secure Device Pairing (SDP) relies on an out-of-band channel to authenticate devices. This requires a common hardware interface, which limits the use of existing SDP systems. We propose to use short-range acoustic communication for the…

Cryptography and Security · Computer Science 2023-02-16 Florentin Putz , Flor Álvarez , Jiska Classen

Android's open-source nature facilitates widespread smartphone accessibility, particularly in price-sensitive markets. System and vendor applications that come pre-installed on budget Android devices frequently operate with elevated…

Cryptography and Security · Computer Science 2025-09-24 Alioune Diallo , Anta Diop , Abdoul Kader Kabore , Jordan Samhi , Aleksandr Pilgun , Tegawendé F. Bissyande , Jacque Klein

Large language models (LLMs) have recently seen widespread adoption in both academia and industry. As these models grow, they become valuable intellectual property (IP), reflecting substantial investments by their owners. The high cost of…

Cryptography and Security · Computer Science 2025-11-04 Yehonathan Refael , Adam Hakim , Lev Greenberg , Satya Lokam , Tal Aviv , Ben Fishman , Shachar Seidman , Racchit Jain , Jay Tenenbaum

Android is among the popular platforms running on millions of smart devices, like smartphones and tablets, whose widespread adoption is seen as an opportunity for spreading malware. Adding malicious payloads to cracked applications, often…

Cryptography and Security · Computer Science 2019-03-13 Konstantinos-Panagiotis Grammatikakis , Angela Ioannou , Stavros Shiaeles , Nicholas Kolokotronis

Browsers, Library OSes, and system emulators rely on sandboxes and in-process isolation to emulate system resources and securely isolate untrusted components. All access to system resources like system calls (syscall) need to be securely…

Cryptography and Security · Computer Science 2024-06-12 Fangfei Yang , Anjo Vahldiek-Oberwagner , Chia-Che Tsai , Kelly Kaoudis , Nathan Dautenhahn

Android filesystem access control provides a foundation for Android system integrity. Android utilizes a combination of mandatory (e.g., SEAndroid) and discretionary (e.g., UNIX permissions) access control, both to protect the Android…

Cryptography and Security · Computer Science 2020-08-11 Yu-Tsung Lee , William Enck , Haining Chen , Hayawardh Vijayakumar , Ninghui Li , Daimeng Wang , Zhiyun Qian , Giuseppe Petracca , Trent Jaeger

Android apps cooperate through message passing via intents. However, when apps do not have identical sets of privileges inter-app communication (IAC) can accidentally or maliciously be misused, e.g., to leak sensitive information contrary…

Software Engineering · Computer Science 2023-05-09 Abhishek Tiwari , Sascha Groß , Christian Hammer

Application size and complexity are the underlying cause of numerous security vulnerabilities in code. In order to mitigate the risks arising from such vulnerabilities, various techniques have been proposed to isolate the execution of…

Cryptography and Security · Computer Science 2017-06-12 Ahmad Atamli-Reineh , Andrew Martin

The packaging model of Android apps requires the entire code necessary for the execution of an app to be shipped into one single apk file. Thus, an analysis of Android apps often visits code which is not part of the functionality delivered…

Software Engineering · Computer Science 2015-11-23 Li Li , Tegawendé F. Bissyandé , Jacques Klein , Yves Le Traon

Google's Android is a comprehensive software framework for mobile communication devices (i.e., smartphones, PDAs). The Android framework includes an operating system, middleware and a set of key applications. The incorporation of integrated…

Cryptography and Security · Computer Science 2009-12-31 A. Shabtai , Y. Fledel , U. Kanonov , Y. Elovici , S. Dolev

Cryptography has been extensively used in Android applications to guarantee secure communications, conceal critical data from reverse engineering, or ensure mobile users' privacy. Various system-based and third-party libraries for Android…

Cryptography and Security · Computer Science 2022-07-08 Adam Janovsky , Davide Maiorca , Dominik Macko , Vashek Matyas , Giorgio Giacinto

Compartmentalization is good security-engineering practice. By breaking a large software system into mutually distrustful components that run with minimal privileges, restricting their interactions to conform to well-defined interfaces, we…

Cryptography and Security · Computer Science 2017-04-18 Yannis Juglaret , Catalin Hritcu , Arthur Azevedo de Amorim , Boris Eng , Benjamin C. Pierce

Many Android applications embed webpages via WebView components and execute JavaScript code within Android. Hybrid applications leverage dedicated APIs to load a resource and render it in a WebView. Furthermore, Android objects can be…

Cryptography and Security · Computer Science 2020-08-06 Abhishek Tiwari , Jyoti Prakash , Sascha Gross , Christian Hammer

Android allows apps to communicate with its system services via system service helpers so that these apps can use various functions provided by the system services. Meanwhile, the system services rely on their service helpers to enforce…

Cryptography and Security · Computer Science 2022-03-25 Yi He , Yacong Gu , Purui Su , Kun Sun , Yajin Zhou , Zhi Wang , Qi Li

Micro-controller units (MCUs) implement the de facto interface between the physical and digital worlds. As a consequence, they appear in a variety of sensing/actuation applications, from smart personal spaces to complex industrial control…

Cryptography and Security · Computer Science 2024-07-09 Liam Tyler , Ivan De Oliveira Nunes

Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development…

Software Engineering · Computer Science 2017-10-04 Stefan Krüger , Johannes Späth , Karim Ali , Eric Bodden , Mira Mezini