English
Related papers

Related papers: CRYLOGGER: Detecting Crypto Misuses Dynamically

200 papers

The amount of Android malware has increased greatly during the last few years. Static analysis is widely used in detecting such malware by analyzing the code without execution. The effectiveness of current tools relies on the app model as…

Cryptography and Security · Computer Science 2016-04-11 Mohsin Junaid , Donggang Liu , David Kung

Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand. As a consequence, ICC is a common source of security vulnerability in Android apps. To promote secure programming…

Cryptography and Security · Computer Science 2018-12-11 Pascal Gadient , Mohammad Ghafari , Patrick Frischknecht , Oscar Nierstrasz

Software libraries implement APIs that deliver reusable functionalities. To correctly use these functionalities, software applications must satisfy certain correctness policies, for instance policies about the order some API methods can be…

Software Engineering · Computer Science 2020-10-14 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

The Android system manages access to sensitive APIs by permission enforcement. An application (app) must declare proper permissions before invoking specific Android APIs. However, there is no official documentation providing the complete…

Cryptography and Security · Computer Science 2021-11-17 Chaoran Li , Xiao Chen , Ruoxi Sun , Jason Xue , Sheng Wen , Muhammad Ejaz Ahmed , Seyit Camtepe , Yang Xiang

Programmers of cryptographic applications written in C need to avoid common mistakes such as sending private data over public channels, modifying trusted data with untrusted functions, or improperly ordering protocol steps. These secrecy,…

Cryptography and Security · Computer Science 2019-07-04 Darion Cassel , Yan Huang , Limin Jia

Machine learning-based malware detection dominates current security defense approaches for Android apps. However, due to the evolution of Android platforms and malware, existing such techniques are widely limited by their need for constant…

Cryptography and Security · Computer Science 2021-11-03 Haipeng Cai

Mobile mini-programs in WeChat have gained significant popularity since their debut in 2017, reaching a scale similar to that of Android apps in the Play Store. Like Google, Tencent, the provider of WeChat, offers APIs to support the…

Cryptography and Security · Computer Science 2023-06-16 Yue Zhang , Yuqing Yang , Zhiqiang Lin

Multinational corporations routinely track how its employees use their computers, the internet, or email. There are roughly a thousand devices on the market that enable businesses to monitor their workforce. Observe what their users do…

Cryptography and Security · Computer Science 2023-04-18 Jami Gayatri Manjeera , Alisha Malla , Masani Venkata Lakshmi Pravallika

The Android ecosystem is vulnerable to issues such as app repackaging, counterfeiting, and piracy, threatening both developers and users. To mitigate these risks, developers often employ code obfuscation techniques. However, while effective…

Cryptography and Security · Computer Science 2025-02-10 Akila Niroshan , Suranga Seneviratne , Aruna Seneviratne

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. Following prior work, we advocate using secure program partitioning to synthesize cryptographic…

Cryptography and Security · Computer Science 2024-01-10 Coşku Acay , Joshua Gancher , Rolph Recto , Andrew C. Myers

This work investigates how to monitor access to Android zero-permission sensors which could cause privacy leakage to users. Moreover, monitoring such sensitive access allows security researchers to characterize potential sensor abuse…

Cryptography and Security · Computer Science 2025-07-04 Yan Long , Jiancong Cui , Yuqing Yang , Tobias Alam , Zhiqiang Lin , Kevin Fu

APIs are essential ingredients for developing complex software systems. However, they are difficult to learn and to use. Thus, developers may misuse them, which results in various types of issues. In this paper, we explore the use of a…

Software Engineering · Computer Science 2020-12-29 Maxime Gallais-Jimenez , Hoan A. Nguyen , Mohamed Aymen Saied , Tien N. Nguyen , Houari Sahraoui

With the exponential growth in mobile applications, protecting user privacy has become even more crucial. Android applications are often known for collecting, storing, and sharing sensitive user information such as contacts, location,…

Cryptography and Security · Computer Science 2025-11-05 Mst Eshita Khatun , Lamine Noureddine , Zhiyong Sui , Aisha Ali-Gombe

The Android OS has become the most popular mobile operating system leading to a significant increase in the spread of Android malware. Consequently, several static and dynamic analysis systems have been developed to detect Android malware.…

Cryptography and Security · Computer Science 2017-05-19 Mohammed K. Alzaylaee , Suleiman Y. Yerima , Sakir Sezer

This work presents ContractChecker, a Blockchain-based security protocol for verifying the storage consistency between the mutually distrusting cloud provider and clients. Unlike existing protocols, the ContractChecker uniquely delegates…

Cryptography and Security · Computer Science 2019-07-31 Kai Li , Yuzhe Tang , Beom Heyn Kim , Jianliang Xu

Mobile applications (apps) often suffer from failure nowadays. Developers usually pay more attention to the failure that is perceived by users and compromises the user experience. Existing approaches focus on mining large volume logs to…

Software Engineering · Computer Science 2021-03-25 Deyu Tian

The increasing complexity and scale of modern digital environments have exposed significant gaps in traditional cybersecurity penetration testing methods, which are often time-consuming, labor-intensive, and unable to rapidly adapt to…

Cryptography and Security · Computer Science 2024-09-09 Ibrahim Alshehri , Adnan Alshehri , Abdulrahman Almalki , Majed Bamardouf , Alaqsa Akbar

Thousands of malicious applications targeting mobile devices, including the popular Android platform, are created every day. A large number of those applications are created by a small number of professional under-ground actors, however…

Cryptography and Security · Computer Science 2019-03-06 Hyunjae Kang , Jae-wook Jang , Aziz Mohaisen , Huy Kang Kim

The Android platform introduces the runtime permission model in version 6.0. The new model greatly improves data privacy and user experience, but brings new challenges for app developers. First, it allows users to freely revoke granted…

Software Engineering · Computer Science 2022-02-01 Sinan Wang , Yibo Wang , Xian Zhan , Ying Wang , Yepang Liu , Xiapu Luo , Shing-Chi Cheung

Currently, Application Programming Interfaces (APIs) are becoming increasingly popular to facilitate data transfer in a variety of mobile applications. These APIs often process sensitive user information through their endpoints, which are…

Cryptography and Security · Computer Science 2023-10-24 Nate Haris , Kendree Chen , Ann Song , Benjamin Pou