English
Related papers

Related papers: Security Code Smells in Android ICC

200 papers

The ubiquity of smartphones, and their very broad capabilities and usage, make the security of these devices tremendously important. Unfortunately, despite all progress in security and privacy mechanisms, vulnerabilities continue to…

Cryptography and Security · Computer Science 2020-06-03 Mohammad Ghafari , Pascal Gadient , Oscar Nierstrasz

Inter-Component Communication (ICC) is a key mechanism in Android. It enables developers to compose rich functionalities and explore reuse within and across apps. Unfortunately, as reported by a large body of literature, ICC is rather…

Software Engineering · Computer Science 2021-01-18 Jordan Samhi , Alexandre Bartel , Tegawendé F. Bissyandé , Jacques Klein

[Background] Web communication is universal in cyberspace, and security risks in this domain are devastating. [Aims] We analyzed the prevalence of six security smells in mobile app servers, and we investigated the consequence of these…

Cryptography and Security · Computer Science 2021-08-17 Pascal Gadient , Marc-Andrea Tarnutzer , Oscar Nierstrasz , Mohammad Ghafari

Context: Security smells are recurring coding patterns that are indicative of security weakness, and require further inspection. As infrastructure as code (IaC) scripts, such as Ansible and Chef scripts, are used to provision cloud-based…

Cryptography and Security · Computer Science 2020-06-23 Akond Rahman , Md. Rayhanur Rahman , Chris Parnin , Laurie Williams

Object-oriented code smells are well-known concepts in software engineering that refer to bad design and development practices commonly observed in software systems. With the emergence of mobile apps, new classes of code smells have been…

Software Engineering · Computer Science 2020-10-15 Sarra Habchi , Naouel Moha , Romain Rouvoy

Context: Security is vital to software developed for commercial or personal use. Although more organizations are realizing the importance of applying secure coding practices, in many of them, security concerns are not known or addressed…

Software Engineering · Computer Science 2020-11-02 Kazi Zakia Sultana , Zadia Codabux , Byron Williams

Inter-component communication (ICC) is a widely used mechanism in mobile apps, which enables message-based control flow transferring and data passing between Android components. Effective ICC resolution requires precisely identifying entry…

Software Engineering · Computer Science 2022-09-07 Jiwei Yan , Shixin Zhang , Yepang Liu , Xi Deng , Jun Yan , Jian Zhang

JavaScript has been consistently among the most popular programming languages in the past decade. However, its dynamic, weakly-typed, and asynchronous nature can make it challenging to write maintainable code for developers without in-depth…

Cryptography and Security · Computer Science 2024-12-02 Vikas Kambhampati , Nehaz Hussain Mohammed , Amin Milani Fard

With the digital breakthrough, smart phones have become very essential component. Mobile devices are very attractive attack surface for cyber thieves as they hold personal details (accounts, locations, contacts, photos) and have potential…

Cryptography and Security · Computer Science 2017-09-22 Shweta Bhandari , Wafa Ben Jaballah , Vineeta Jain , Vijay Laxmi , Akka Zemmari , Manoj Singh Gaur , Mohamed Mosbah , Mauro Conti

Android apps cooperate through message passing via intents. However, when apps do not have identical sets of privileges inter-app communication (IAC) can accidentally or maliciously be misused, e.g., to leak sensitive information contrary…

Software Engineering · Computer Science 2023-05-09 Abhishek Tiwari , Sascha Groß , Christian Hammer

Android is the most used Operating System worldwide for mobile devices, with hundreds of thousands of apps downloaded daily. Although these apps are primarily written in Java and Kotlin, advanced functionalities such as graphics or…

Cryptography and Security · Computer Science 2024-12-03 Silvia Lucia Sanna , Diego Soi , Davide Maiorca , Giorgio Fumera , Giorgio Giacinto

Infrastructure as Code (IaC) has become essential for modern software management, yet security flaws in IaC scripts can have severe consequences, as exemplified by the recurring exploits of Cloud Web Services. Prior work has recognized the…

Cryptography and Security · Computer Science 2025-09-24 Aicha War , Serge L. B. Nikiema , Jordan Samhi , Jacques Klein , Tegawende F. Bissyande

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential…

Cryptography and Security · Computer Science 2025-03-18 Vasileios Kouliaridis , Georgios Karopoulos , Georgios Kambourakis

Infrastructure as Code (IaC) is the process of managing IT infrastructure via programmable configuration files (also called IaC scripts). Like other software artifacts, IaC scripts may contain security smells, which are coding patterns that…

Cryptography and Security · Computer Science 2022-09-08 Nuno Saavedra , João F. Ferreira

Computing platforms such as smartphones frequently access Web content using many separate applications rather than a single Web browser application. These applications often deal with sensitive user information such as financial data or…

Cryptography and Security · Computer Science 2014-10-29 Vasant Tendulkar , William Enck

Third-party security apps are an integral part of the Android app ecosystem. Many users install them as an extra layer of protection for their devices. There are hundreds of such security apps, both free and paid in Google Play Store and…

Cryptography and Security · Computer Science 2020-07-09 Weixian Yao , Yexuan Li , Weiye Lin , Tianhui Hu , Imran Chowdhury , Rahat Masood , Suranga Seneviratne

Increasing interest in securing the Android ecosystem has spawned numerous efforts to assist app developers in building secure apps. These efforts have resulted in tools and techniques capable of detecting vulnerabilities (and malicious…

Cryptography and Security · Computer Science 2019-08-06 Venkatesh-Prasad Ranganath , Joydeep Mitra

Mobile apps are predominantly integrated with cloud services to benefit from enhanced functionalities. Adopting authentication using secrets such as API keys is crucial to ensure secure mobile-cloud interactions. However, developers often…

Cryptography and Security · Computer Science 2025-11-11 Kevin Li , Lin Ling , Jinqiu Yang , Lili Wei

In Android, communications between apps and system services are supported by a transaction-based Inter-Process Communication (IPC) mechanism. Binder, as the cornerstone of this IPC mechanism, separates two communicating parties as client…

Cryptography and Security · Computer Science 2016-04-26 Huan Feng , Kang G. Shin

Researchers and commercial companies have made a lot of efforts on detecting malware in Android platform. However, a recent malware threat, App collusion, makes malware detection challenging. In App collusion, two or more Apps collaborate…

Cryptography and Security · Computer Science 2018-03-15 Jice Wang , Hongqi Wu
‹ Prev 1 2 3 10 Next ›