English
Related papers

Related papers: Taxonomy of Security Weaknesses in Java and Kotlin…

200 papers

We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of…

Cryptography and Security · Computer Science 2014-04-08 Michael Backes , Sven Bugiel , Sebastian Gerling , Philipp von Styp-Rekowsky

Android apps can hold secret strings of themselves such as cloud service credentials or encryption keys. Leakage of such secret strings can induce unprecedented consequences like monetary losses or leakage of user private information. In…

Cryptography and Security · Computer Science 2025-01-15 Lili Wei , Heqing Huang , Shing-Chi Cheung , Kevin Li

Android and Facebook provide third-party applications with access to users' private data and the ability to perform potentially sensitive operations (e.g., post to a user's wall or place phone calls). As a security measure, these platforms…

Cryptography and Security · Computer Science 2012-10-10 Mario Frank , Ben Dong , Adrienne Porter Felt , Dawn Song

The main stretch in the paper is buffer overflow anomaly occurring in major source codes, designed in various programming language. It describes the various as to how to improve your code and increase its strength to withstand security…

Cryptography and Security · Computer Science 2012-08-17 Manas Gaur

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app…

Cryptography and Security · Computer Science 2017-06-09 Jorge Blasco , Thomas M. Chen , Igor Muttik , Markus Roggenbach

Background. Evidence suggests that mobile applications are not thoroughly tested as their desktop counterparts. In particular GUI testing is generally limited. Like web-based applications, mobile apps suffer from GUI test fragility, i.e.…

Software Engineering · Computer Science 2017-11-13 Riccardo Coppola , Maurizio Morisio , Marco Torchiano

In the age of ubiquitous technologies, security- and privacy-focused choices have turned out to be a significant concern for individuals and organizations. Risks of such pervasive technologies are extensive and often misaligned with user…

Cryptography and Security · Computer Science 2020-07-01 Behnood Momenzadeh , Shakthidhar Gopavaram , Sanchari Das , L Jean Camp

Android allows apps to communicate with its system services via system service helpers so that these apps can use various functions provided by the system services. Meanwhile, the system services rely on their service helpers to enforce…

Cryptography and Security · Computer Science 2022-03-25 Yi He , Yacong Gu , Purui Su , Kun Sun , Yajin Zhou , Zhi Wang , Qi Li

Previous research has shown that crypto APIs are hard for developers to understand and difficult for them to use. They consequently rely on unvalidated boilerplate code from online resources where security vulnerabilities are common. We…

Cryptography and Security · Computer Science 2019-08-06 Mohammadreza Hazhirpasand , Mohammad Ghafari , Stefan Krüger , Eric Bodden , Oscar Nierstrasz

A common security architecture is based on the protection of certain resources by permission checks (used e.g., in Android and Blackberry). It has some limitations, for instance, when applications are granted more permissions than they…

Software Engineering · Computer Science 2023-05-05 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By…

Cryptography and Security · Computer Science 2016-09-14 Daoyuan Wu , Debin Gao , Yingjiu Li , Robert H. Deng

According to the Symantec and F-Secure threat reports, mobile malware development in 2013 and 2014 has continued to focus almost exclusively ~99% on the Android platform. Malware writers are applying stealthy mutations (obfuscations) to…

Cryptography and Security · Computer Science 2016-02-23 Shahid Alam , Zhengyang Qu , Ryan Riley , Yan Chen , Vaibhav Rastogi

The Android unrestricted application market, being of open source nature, has made it a popular platform for third-party applications reaching millions of smart devices in the world. This tremendous increase in applications with an…

Cryptography and Security · Computer Science 2021-09-09 Stylianos Monogios , Konstantinos Limniotis , Nicholas Kolokotronis , Stavros Shiaeles

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By…

Cryptography and Security · Computer Science 2018-01-16 Daoyuan Wu , Yao Cheng , Debin Gao , Yingjiu Li , Robert H. Deng

With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Li Li , Yichun Yan , Mattia Fazzini , John Grundy

Internet of Things (IoT) devices are becoming increasingly important. These devices are often resource-limited, hindering rigorous enforcement of security policies. Assessing the vulnerability of IoT devices is an important problem, but…

Cryptography and Security · Computer Science 2019-01-30 Davino Mauro Junior , Luis Melo , Harvey Lu , Marcelo d'Amorim , Atul Prakash

The increasing trend of using Large Language Models (LLMs) for code generation raises the question of their capability to generate trustworthy code. While many researchers are exploring the utility of code generation for uncovering software…

Cryptography and Security · Computer Science 2024-04-08 Zahra Mousavi , Chadni Islam , Kristen Moore , Alsharif Abuadbba , Muhammad Ali Babar

Android introduces a new permission model that allows apps to request permissions at runtime rather than at the installation time since 6.0 (Marshmallow, API level 23). While this runtime permission model provides users with greater…

Software Engineering · Computer Science 2021-06-25 Ying Wang , Yibo Wang , Sinan Wang , Yepang Liu , Chang Xu , Shing-Chi Cheung , Hai Yu , Zhiliang Zhu

Performance issues in Android applications significantly undermine users' experience, engagement, and retention, which is a long-lasting research topic in academia. Unlike functionality issues, performance issues are more difficult to…

Software Engineering · Computer Science 2025-10-14 Dianshu Liao , Shidong Pan , Siyuan Yang , Yanjie Zhao , Zhenchang Xing , Xiaoyu Sun

Smartphones hold important private information, yet users routinely expose this information to questionable applications written by developers they know nothing about. Users may be tempted to think of smartphones as old-style dumb phones,…

Cryptography and Security · Computer Science 2019-06-28 Amer Chamseddine , George Candea