English
Related papers

Related papers: SCLib: A Practical and Lightweight Defense against…

200 papers

Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand. As a consequence, ICC is a common source of security vulnerability in Android apps. To promote secure programming…

Cryptography and Security · Computer Science 2018-12-11 Pascal Gadient , Mohammad Ghafari , Patrick Frischknecht , Oscar Nierstrasz

In the current software development environment, third-party libraries play a crucial role. They provide developers with rich functionality and convenient solutions, speeding up the pace and efficiency of software development. However, with…

Software Engineering · Computer Science 2024-04-30 Jia Zeng , Dan Han , Yaling Zhu , Yangzhong Wang , Fangchen Weng

In recent years, there has been rapid growth in mobile devices such as smartphones, and a number of applications are developed specifically for the smartphone market. In particular, there are many applications that are ``free'' to the user,…

Cryptography and Security · Computer Science 2013-05-20 Hiroki Kuzuno , Satoshi Tonami

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

Smart contracts are frequently vulnerable to control-flow attacks based on confused deputies, reentrancy, and incorrect error handling. These attacks exploit the complexity of interactions among multiple possibly unknown contracts. Existing…

Cryptography and Security · Computer Science 2025-04-24 Siqiu Yao , Haobin Ni , Stephanie Ma , Noah Schiff , Andrew C. Myers , Ethan Cecchetti

The problem of malware has become significant on Android devices. Library operating systems and application virtualization are both possible solutions for confining malware. Unfortunately, such solutions do not exist for Android. Designing…

Cryptography and Security · Computer Science 2014-01-28 Earlence Fernandes , Alexander Crowell , Ajit Aluri , Atul Prakash

The development and analysis of mobile applications in term of security have become an active research area from many years as many apps are vulnerable to different attacks. Especially the concept of hybrid applications has emerged in the…

Cryptography and Security · Computer Science 2020-07-31 Usama Khalid , Muhammad Abdullah , Kashif Inayat

Android is undergoing unprecedented malicious threats daily, but the existing methods for malware detection often fail to cope with evolving camouflage in malware. To address this issue, we present HAWK, a new malware detection framework…

Cryptography and Security · Computer Science 2021-08-18 Yiming Hei , Renyu Yang , Hao Peng , Lihong Wang , Xiaolin Xu , Jianwei Liu , Hong Liu , Jie Xu , Lichao Sun

Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component data-flow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool,…

Software Engineering · Computer Science 2014-04-30 Li Li , Alexandre Bartel , Jacques Klein , Yves Le Traon , Steven Arzt , Siegfried Rasthofer , Eric Bodden , Damien Octeau , Patrick McDaniel

Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities in software. Prior…

Cryptography and Security · Computer Science 2017-09-29 Na Meng , Stefan Nagy , Daphne Yao , Wenjie Zhuang , Gustavo Arango Argoty

Third-party security apps are an integral part of the Android app ecosystem. Many users install them as an extra layer of protection for their devices. There are hundreds of such security apps, both free and paid in Google Play Store and…

Cryptography and Security · Computer Science 2020-07-09 Weixian Yao , Yexuan Li , Weiye Lin , Tianhui Hu , Imran Chowdhury , Rahat Masood , Suranga Seneviratne

Computing platforms such as smartphones frequently access Web content using many separate applications rather than a single Web browser application. These applications often deal with sensitive user information such as financial data or…

Cryptography and Security · Computer Science 2014-10-29 Vasant Tendulkar , William Enck

Vetting security impacts introduced by third-party libraries in iOS apps requires a reliable library detection technique. Especially when a new vulnerability (or a privacy-invasive behavior) was discovered in a third-party library, there is…

Cryptography and Security · Computer Science 2022-07-06 Jingyi Guo , Min Zheng , Yajin Zhou , Haoyu Wang , Lei Wu , Xiapu Luo , Kui Ren

Linux Seccomp is widely used by the program developers and the system maintainers to secure the operating systems, which can block unused syscalls for different applications and containers to shrink the attack surface of the operating…

Cryptography and Security · Computer Science 2025-10-07 Dongyang Zhan , Zhaofeng Yu , Xiangzhan Yu , Hongli Zhang , Lin Ye

Mobile applications (apps) have become an essential part of everyday life, offering convenient access to services such as banking, healthcare, and shopping. With these apps handling sensitive personal and financial data, ensuring their…

Cryptography and Security · Computer Science 2024-08-20 Anthony Peruma , Timothy Huo , Ana Catarina Araújo , Jake Imanaka , Rick Kazman

A single authentication bypass in a partner SDK grants attackers the identity of every partner in the ecosystem -- and millions of apps use SDKs with exactly this vulnerability. OWASP's 2024 Mobile Top 10 ranks Inadequate Supply Chain…

Cryptography and Security · Computer Science 2026-03-04 Ramanpreet Singh Khinda

Enclave deployments often fail to simultaneously be secure (e.g., resistant to side channel attacks), powerful (i.e., as fast as an off-the-shelf server), and flexible (i.e., unconstrained by development hurdles). In this paper, we present…

Cryptography and Security · Computer Science 2023-08-01 Philipp Winter , Ralph Giles , Moritz Schafhuber , Hamed Haddadi

Mobile apps are predominantly integrated with cloud services to benefit from enhanced functionalities. Adopting authentication using secrets such as API keys is crucial to ensure secure mobile-cloud interactions. However, developers often…

Cryptography and Security · Computer Science 2025-11-11 Kevin Li , Lin Ling , Jinqiu Yang , Lili Wei

A wide variety of smartphone applications today rely on third-party advertising services, which provide libraries that are linked into the hosting application. This situation is undesirable for both the application author and the…

Operating Systems · Computer Science 2015-03-20 Shashi Shekhar , Michael Dietz , Dan S. Wallach