English
Related papers

Related papers: CRYLOGGER: Detecting Crypto Misuses Dynamically

200 papers

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

Computer network defense is a partnership between automated systems and human cyber security analysts. The system behaviors, for example raising a high proportion of false alarms, likely impact cyber analyst performance. Experimentation in…

Cryptography and Security · Computer Science 2020-02-26 William Roden , Lucas Layman

The login functionality, being the gateway to app usage, plays a critical role in both user experience and application security. As Android apps increasingly incorporate login functionalities, they support a variety of authentication…

Software Engineering · Computer Science 2025-02-14 Zixu Zhou , Rufeng Chen , Junfeng Chen , Yepang Liu , Lili Wei

Android is among the popular platforms running on millions of smart devices, like smartphones and tablets, whose widespread adoption is seen as an opportunity for spreading malware. Adding malicious payloads to cracked applications, often…

Cryptography and Security · Computer Science 2019-03-13 Konstantinos-Panagiotis Grammatikakis , Angela Ioannou , Stavros Shiaeles , Nicholas Kolokotronis

The ubiquity of smartphones, and their very broad capabilities and usage, make the security of these devices tremendously important. Unfortunately, despite all progress in security and privacy mechanisms, vulnerabilities continue to…

Cryptography and Security · Computer Science 2020-06-03 Mohammad Ghafari , Pascal Gadient , Oscar Nierstrasz

Mobile apps are predominantly integrated with cloud services to benefit from enhanced functionalities. Adopting authentication using secrets such as API keys is crucial to ensure secure mobile-cloud interactions. However, developers often…

Cryptography and Security · Computer Science 2025-11-11 Kevin Li , Lin Ling , Jinqiu Yang , Lili Wei

Automatically analyzing information flow within Android applications that rely on cryptographic operations with their computational security guarantees imposes formidable challenges that existing approaches for understanding an app's…

Cryptography and Security · Computer Science 2016-10-26 Michael Backes , Robert Künnemann , Esfandiar Mohammadi

While smartphone usage become more and more pervasive, people start also asking to which extent such devices can be maliciously exploited as "tracking devices". The concern is not only related to an adversary taking physical or remote…

Cryptography and Security · Computer Science 2014-07-30 Mauro Conti , Luigi V. Mancini , Riccardo Spolaor , Nino V. Verde

Voter registration systems are a critical - and surprisingly understudied - element of most high-stakes elections. Despite a history of targeting by adversaries, relatively little academic work has been done to increase visibility into how…

Cryptography and Security · Computer Science 2025-03-07 Andrés Fábrega , Jack Cable , Michael A. Specter , Sunoo Park

Several solutions ensuring the dynamic detection of malicious activities on Android ecosystem have been proposed. These are represented by generic rules and models that identify any purported malicious behavior. However, the approaches…

Cryptography and Security · Computer Science 2023-08-01 Abdellah Ouaguid , Mohamed Ouzzif , Noreddine Abghour

Although the use of pay-per-click mechanisms stimulates the prosperity of the mobile advertisement network, fraudulent ad clicks result in huge financial losses for advertisers. Extensive studies identify click fraud according to…

Cryptography and Security · Computer Science 2021-09-16 Tong Zhu , Yan Meng , Haotian Hu , Xiaokuan Zhang , Minhui Xue , Haojin Zhu

The Android middleware, in particular the so-called systemserver, is a crucial and central component to Android's security and robustness. To understand whether the systemserver provides the demanded security properties, it has to be…

Cryptography and Security · Computer Science 2021-10-13 Oliver Schranz , Sebastian Weisgerber , Erik Derr , Michael Backes , Sven Bugiel

Application authentication is typically performed using some form of secret credentials such as cryptographic keys, passwords, or API keys. Since clients are responsible for securely storing and managing the keys, this approach is…

Cryptography and Security · Computer Science 2022-11-24 Mihai Christodorescu , Maliheh Shirvanian , Shams Zawoad

Third-party security apps are an integral part of the Android app ecosystem. Many users install them as an extra layer of protection for their devices. There are hundreds of such security apps, both free and paid in Google Play Store and…

Cryptography and Security · Computer Science 2020-07-09 Weixian Yao , Yexuan Li , Weiye Lin , Tianhui Hu , Imran Chowdhury , Rahat Masood , Suranga Seneviratne

Recently, interest has been emerging in the application of symbolic techniques to the specification and analysis of cryptosystems. These techniques, when accompanied by suitable proofs of soundness/completeness, can be used both to identify…

Human values are an important aspect of life and should be supported in ubiquitous technologies such as mobile applications (apps). There has been a lot of focus on fixing certain kinds of violation of human values, especially privacy,…

Software Engineering · Computer Science 2021-09-30 Conghui Li , Humphrey O. Obie , Hourieh Khalajzadeh

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage.…

Cryptography and Security · Computer Science 2017-09-07 Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , Berk Sunar

Large language models (LLMs) are increasingly used to assist developers with code, yet their implementations of cryptographic functionality often contain exploitable flaws. Minor design choices (e.g., static initialization vectors or…

Cryptography and Security · Computer Science 2026-02-09 Max Manolov , Tony Gao , Siddharth Shukla , Cheng-Ting Chou , Ryan Lagasse

A new cybersecurity attack,where an adversary illicitly runs crypto-mining software over the devices of unaware users, is emerging in both the literature and in the wild . This attack, known as cryptojacking, has proved to be very effective…

Cryptography and Security · Computer Science 2022-08-09 Maurantonio Caprolu , Simone Raponi , Gabriele Oligeri , Roberto Di Pietro

Android allows apps to communicate with its system services via system service helpers so that these apps can use various functions provided by the system services. Meanwhile, the system services rely on their service helpers to enforce…

Cryptography and Security · Computer Science 2022-03-25 Yi He , Yacong Gu , Purui Su , Kun Sun , Yajin Zhou , Zhi Wang , Qi Li