English
Related papers

Related papers: PolyScope: Multi-Policy Access Control Analysis to…

200 papers

Mobile applications rely on complex backends that introduce significant security risks, yet developers often lack the tools to assess these risks effectively. This paper presents AndroScanner, an automated pipeline for detecting…

Cryptography and Security · Computer Science 2026-04-17 Harini Dandu

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app…

Cryptography and Security · Computer Science 2017-06-09 Jorge Blasco , Thomas M. Chen , Igor Muttik , Markus Roggenbach

Modern operating systems such as Android, iOS, Windows Phone, and Chrome OS support a cooperating program abstraction. Instead of placing all functionality into a single program, programs cooperate to complete tasks requested by users.…

Cryptography and Security · Computer Science 2018-08-17 Giuseppe Petracca , Jens Grossklags , Patrick McDaniel , Trent Jaeger

Android applications are executed on smartphones equipped with a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively…

Software Engineering · Computer Science 2019-11-22 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

In this paper, we present a comparative analysis of benign and malicious Android applications, based on static features. In particular, we focus our attention on the permissions requested by an application. We consider both binary…

Cryptography and Security · Computer Science 2019-04-02 Neeraj Chavan , Fabio Di Troia , Mark Stamp

Unique challenges arise when testing mobile applications due to their prevailing event-driven nature and complex contextual features (e.g. sensors, notifications). Current automated input generation approaches for Android apps are typically…

Software Engineering · Computer Science 2018-01-22 Kevin Moran , Mario Linares-Vasquez , Carlos Bernal-Cardenas , Christopher Vendome , Denys Poshyvanyk

Android is the most popular OS worldwide. Therefore, it is a target for various kinds of malware. As a countermeasure, the security community works day and night to develop appropriate Android malware detection systems, with ML-based or…

Cryptography and Security · Computer Science 2022-06-22 Harel Berger , Chen Hajaj , Amit Dvir

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs to facilitate their app development. Unfortunately, the popularity of TPLs also brings new security issues. For…

Software Engineering · Computer Science 2021-08-05 Xian Zhan , Tianming Liu , Yepang Liu , Yang Liu , Li Li , Haoyu Wang , Xiapu Luo

Vendors in the Android ecosystem typically customize their devices by modifying Android Open Source Project (AOSP) code, adding in-house developed proprietary software, and pre-installing third-party applications. However, research has…

Cryptography and Security · Computer Science 2017-12-25 Sadegh Farhang , Aron Laszka , Jens Grossklags

Access to privacy-sensitive information on Android is a growing concern in the mobile community. Albeit Google Play recently introduced some privacy guidelines, it is still an open problem to soundly verify whether apps actually comply with…

Cryptography and Security · Computer Science 2021-12-13 Luca Verderame , Davide Caputo , Andrea Romdhana , Alessio Merlo

Due to the amount of data that smartphone applications can potentially access, platforms enforce permission systems that allow users to regulate how applications access protected resources. If users are asked to make security decisions too…

Cryptography and Security · Computer Science 2015-04-16 Primal Wijesekera , Arjun Baokar , Ashkan Hosseini , Serge Egelman , David Wagner , Konstantin Beznosov

The Android permission system is a set of controls to regulate access to sensitive data and platform resources (e.g., camera). The fast evolving nature of Android permissions, coupled with inadequate documentation, results in numerous…

Software Engineering · Computer Science 2023-11-02 Sahrima Jannat Oishwee , Natalia Stakhanova , Zadia Codabux

Cryptography has been extensively used in Android applications to guarantee secure communications, conceal critical data from reverse engineering, or ensure mobile users' privacy. Various system-based and third-party libraries for Android…

Cryptography and Security · Computer Science 2022-07-08 Adam Janovsky , Davide Maiorca , Dominik Macko , Vashek Matyas , Giorgio Giacinto

We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of…

Cryptography and Security · Computer Science 2014-04-08 Michael Backes , Sven Bugiel , Sebastian Gerling , Philipp von Styp-Rekowsky

Google's Android is a comprehensive software framework for mobile communication devices (i.e., smartphones, PDAs). The Android framework includes an operating system, middleware and a set of key applications. The incorporation of integrated…

Cryptography and Security · Computer Science 2009-12-31 A. Shabtai , Y. Fledel , U. Kanonov , Y. Elovici , S. Dolev

We investigate the use of Android permissions as the vehicle to allow for quick and effective differentiation between benign and malware apps. To this end, we extract all Android permissions, eliminating those that have zero impact, and…

Cryptography and Security · Computer Science 2022-01-24 Muhammad Suleman Saleem , Jelena Mišić , Vojislav B. Mišić

The Android framework provides a rich set of APIs that can be exploited by developers to build their apps. However, the rapid evolution of these APIs jointly with the specific characteristics of the lifecycle of the Android components…

Software Engineering · Computer Science 2022-02-25 Oliviero Riganelli , Ionut Daniel Fagadau , Daniela Micucci , Leonardo Mariani

In Android, communications between apps and system services are supported by a transaction-based Inter-Process Communication (IPC) mechanism. Binder, as the cornerstone of this IPC mechanism, separates two communicating parties as client…

Cryptography and Security · Computer Science 2016-04-26 Huan Feng , Kang G. Shin

Filesystem vulnerabilities persist as a significant threat to Android systems, despite various proposed defenses and testing techniques. The complexity of program behaviors and access control mechanisms in Android systems makes it…

Cryptography and Security · Computer Science 2024-07-17 Yu-Tsung Lee , Hayawardh Vijayakumar , Zhiyun Qian , Trent Jaeger

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By…

Cryptography and Security · Computer Science 2016-09-14 Daoyuan Wu , Debin Gao , Yingjiu Li , Robert H. Deng