English
Related papers

Related papers: CRYLOGGER: Detecting Crypto Misuses Dynamically

200 papers

Problem: We address the challenge in responsible computing where an exploitable mobile app is misused by one app user (an abuser) against another user or bystander (victim). We introduce the idea of a misuse audit of apps as a way of…

Cryptography and Security · Computer Science 2024-11-11 Vaibhav Garg , Hui Guo , Nirav Ajmeri , Saikath Bhattacharya , Munindar P. Singh

Smartphones and mobile devices are rapidly becoming indispensable devices for many users. Unfortunately, they also become fertile grounds for hackers to deploy malware and to spread virus. There is an urgent need to have a "security…

Cryptography and Security · Computer Science 2013-09-24 Min Zheng , Mingshen Sun , John C. S. Lui

Despite its widespread use in Android apps, reflection poses graving problems for static security analysis. Currently, string inference is applied to handle reflection, resulting in significantly missed security vulnerabilities. In this…

Cryptography and Security · Computer Science 2016-12-19 Yifei Zhang , Tian Tan , Yue Li , Jingling Xue

Android malware is a persistent threat to billions of users around the world. As a countermeasure, Android malware detection systems are occasionally implemented. However, these systems are often vulnerable to \emph{evasion attacks}, in…

Cryptography and Security · Computer Science 2020-04-01 Harel Berger , Chen Hajaj , Amit Dvir

The prevalence of cryptographic API misuse (CAM) is compromising the effectiveness of cryptography and in turn the security of modern systems and applications. Despite extensive efforts to develop CAM detection tools, these tools typically…

Cryptography and Security · Computer Science 2025-09-16 Yang Zhang , Wenyi Ouyang , Yi Zhang , Liang Cheng , Chen Wu , Wenxin Hu

Static data-flow analysis has proven its effectiveness in assessing security of applications. One major challenge it faces is scalability to large software. This issue is even exacerbated when additional limitations on computing and storage…

Software Engineering · Computer Science 2018-08-08 Mohamed Nassim Seghir

DroidDissector is an extraction tool for both static and dynamic features. The aim is to provide Android malware researchers and analysts with an integrated tool that can extract all of the most widely used features in Android malware…

Cryptography and Security · Computer Science 2023-12-04 Ali Muzaffar , Hani Ragab Hassen , Hind Zantout , Michael A Lones

GitHub is a popular data repository for code examples. It is being continuously used to train several AI-based tools to automatically generate code. However, the effectiveness of such tools in correctly demonstrating the usage of…

Cryptography and Security · Computer Science 2022-11-28 Catherine Tony , Nicolás E. Díaz Ferreyra , Riccardo Scandariato

API misuse introduces security vulnerabilities, system failures, and increases maintenance costs, all of which remain critical challenges in software development. Existing detection approaches rely on static analysis or machine…

Software Engineering · Computer Science 2025-09-23 Saikat Mondal , Chanchal K. Roy , Hong Wang , Juan Arguello , Samantha Mathan

Access to privacy-sensitive information on Android is a growing concern in the mobile community. Albeit Google Play recently introduced some privacy guidelines, it is still an open problem to soundly verify whether apps actually comply with…

Cryptography and Security · Computer Science 2021-12-13 Luca Verderame , Davide Caputo , Andrea Romdhana , Alessio Merlo

Android applications collecting data from users must protect it according to the current legal frameworks. Such data protection has become even more important since the European Union rolled out the General Data Protection Regulation…

Software Engineering · Computer Science 2024-02-13 Mugdha Khedkar , Eric Bodden

As cyber threats continue to evolve and diversify, it has become increasingly challenging to identify the root causes of security breaches that occur between periodic security assessments. This paper explores the fundamental importance of…

Cryptography and Security · Computer Science 2024-12-24 Prakhar Paliwal , Arjun Sable , Manjesh K. Hanawal

Host-based cryptomining malware, commonly known as cryptojackers, have gained notoriety for their stealth and the significant financial losses they cause in Linux-based cloud environments. Existing solutions often struggle with scalability…

Cryptography and Security · Computer Science 2025-10-22 Gyeonghoon Park , Jaehan Kim , Jinu Choi , Jinwoo Kim

Recent studies have shown that developers have difficulties in using cryptographic APIs, which often led to security flaws. We are interested to tackle this matter by looking into what types of problems exist in various crypto libraries. We…

Cryptography and Security · Computer Science 2021-11-03 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammad Ghafari

Smart contracts are self-executing programs that manage financial transactions on blockchain networks. Developers commonly rely on third-party code libraries to improve both efficiency and security. However, improper use of these libraries…

Software Engineering · Computer Science 2026-04-02 Yishun Wang , Wenkai Li , Xiaoqi Li , Zongwei Li , Lei Xie , Yuqing Zhang

Previous studies have shown that cryptography is hard for developers to use and misusing cryptography leads to severe security vulnerabilities. We studied relevant vulnerability reports on the HackerOne bug bounty platform to understand…

Cryptography and Security · Computer Science 2021-11-09 Mohammadreza Hazhirpasand , Mohammad Ghafari

String obfuscation is an established technique used by proprietary, closed-source applications to protect intellectual property. Furthermore, it is also frequently used to hide spyware or malware in applications. In both cases, the…

Cryptography and Security · Computer Science 2020-09-10 Leonid Glanz , Patrick Müller , Lars Baumgärtner , Michael Reif , Sven Amann , Pauline Anthonysamy , Mira Mezini

Mobile messaging apps are a fundamental communication infrastructure, used by billions of people every day to share information, including sensitive data. Security and Privacy are thus critical concerns for such applications. Although the…

Cryptography and Security · Computer Science 2026-04-01 Ioannis Karyotakis , Foivos Timotheos Proestakis , Evangelos Talos , Diomidis Spinellis , Nikolaos Alexopoulos

Smartphone apps usually have access to sensitive user data such as contacts, geo-location, and account credentials and they might share such data to external entities through the Internet or with other apps. Confidentiality of user data…

Software Engineering · Computer Science 2018-12-20 Biniam Fisseha Demissie , Mariano Ceccato , Lwin Khin Shar

We show that the new hover (floating touch) technology, available in a number of today's smartphone models, can be abused by any Android application running with a common SYSTEM_ALERT_WINDOW permission to record all touchscreen input into…

Cryptography and Security · Computer Science 2017-08-03 Enis Ulqinaku , Luka Malisa , Julinda Stefa , Alessandro Mei , Srdjan Capkun
‹ Prev 1 3 4 5 6 7 10 Next ›