English
Related papers

Related papers: Demystifying Cookie Sharing Risks in WebView-based…

200 papers

Mobile mini-programs in WeChat have gained significant popularity since their debut in 2017, reaching a scale similar to that of Android apps in the Play Store. Like Google, Tencent, the provider of WeChat, offers APIs to support the…

Cryptography and Security · Computer Science 2023-06-16 Yue Zhang , Yuqing Yang , Zhiqiang Lin

Mobile applications, particularly those from social media platforms such as WeChat and TikTok, are evolving into "super apps" that offer a wide range of services such as instant messaging and media sharing, e-commerce, e-learning, and…

Cryptography and Security · Computer Science 2023-06-16 Chao Wang , Yue Zhang , Zhiqiang Lin

We conduct a large-scale measurement of developers' insecure practices leading to mini-app to super-app authentication bypass, among which hard-coding developer secrets for such authentication is a major contributor. We also analyze the…

Cryptography and Security · Computer Science 2023-07-19 Supraja Baskaran , Lianying Zhao , Mohammad Mannan , Amr Youssef

Mini-applications, commonly referred to as mini-apps, are compact software programs embedded within larger applications or platforms, offering targeted functionality without the need for separate installations. Typically web-based or…

Cryptography and Security · Computer Science 2024-02-13 Liming Jiang

WebView is an essential component in Android and iOS. It enables applications to display content from on-line resources. It simplifies task of performing a network request, parsing the data and rendering it. WebView uses a number of APIs…

Cryptography and Security · Computer Science 2013-04-30 A B Bhavani

As a new format of mobile application, mini programs, which function within a larger app and are built with HTML, CSS, and JavaScript web technology, have become the way to do almost everything in China. This paper presents our research on…

Cryptography and Security · Computer Science 2022-05-31 Jianyi Zhang , Leixin Yang , Yuyang Han , Zhi Sun , Zixiao Xiang

With the digital breakthrough, smart phones have become very essential component. Mobile devices are very attractive attack surface for cyber thieves as they hold personal details (accounts, locations, contacts, photos) and have potential…

Cryptography and Security · Computer Science 2017-09-22 Shweta Bhandari , Wafa Ben Jaballah , Vineeta Jain , Vijay Laxmi , Akka Zemmari , Manoj Singh Gaur , Mohamed Mosbah , Mauro Conti

Mini-app is an emerging form of mobile application that combines web technology with native capabilities. Its features, e.g., no need to download and no installation, have made it popular rapidly. However, privacy issues that violate the…

Cryptography and Security · Computer Science 2023-02-28 Yin Wang , Ming Fan , Junfeng Liu , Junjie Tao , Wuxia Jin , Qi Xiong , Yuhao Liu , Qinghua Zheng , Ting Liu

Securing browsers in mobile devices is very challenging, because these browser apps usually provide browsing services to other apps in the same device. A malicious app installed in a device can potentially obtain sensitive information…

Cryptography and Security · Computer Science 2014-09-02 Daoyuan Wu , Rocky K. C. Chang

The super app paradigm, exemplified by platforms such as WeChat and AliPay, has revolutionized the mobile app landscape by enabling third-party developers to deploy add-ons within these apps. These add-ons, known as miniapps, leverage user…

Cryptography and Security · Computer Science 2023-06-14 Yuqing Yang , Chao Wang , Yue Zhang , Zhiqiang Lin

Many Android applications embed webpages via WebView components and execute JavaScript code within Android. Hybrid applications leverage dedicated APIs to load a resource and render it in a WebView. Furthermore, Android objects can be…

Cryptography and Security · Computer Science 2020-08-06 Abhishek Tiwari , Jyoti Prakash , Sascha Gross , Christian Hammer

A Webview embeds a full-fledged browser in a mobile application and allows the application to expose a custom interface to JavaScript code. This is a popular technique to build so-called hybrid applications, but it circumvents the usual…

Cryptography and Security · Computer Science 2019-05-08 Claudio Rizzo , Lorenzo Cavallaro , Johannes Kinder

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app…

Cryptography and Security · Computer Science 2017-06-09 Jorge Blasco , Thomas M. Chen , Igor Muttik , Markus Roggenbach

The WeChat mini-game ecosystem faces rampant intellectual property theft to other platforms via secondary development, yet existing JavaScript obfuscation tools are ill-equipped for large-scale applications, suffering from prohibitive…

Micro-controller units (MCUs) implement the de facto interface between the physical and digital worlds. As a consequence, they appear in a variety of sensing/actuation applications, from smart personal spaces to complex industrial control…

Cryptography and Security · Computer Science 2024-07-09 Liam Tyler , Ivan De Oliveira Nunes

A number of Internet of Things (IoTs) platforms have emerged to enable various IoT apps developed by third-party developers to automate smart homes. Prior research mostly concerns the overprivilege problem in the permission model. Our work,…

Cryptography and Security · Computer Science 2021-01-26 Haotian Chi , Qiang Zeng , Xiaojiang Du , Jiaping Yu

Mobile privacy and security can be a collaborative process where individuals seek advice and help from their trusted communities. To support such collective privacy and security management, we developed a mobile app for Community Oversight…

Human-Computer Interaction · Computer Science 2025-04-22 Mamtaj Akter , Madiha Tabassum , Nazmus Sakib Miazi , Leena Alghamdi , Jess Kropczynski , Pamela Wisniewski , Heather Lipford

Business Collaboration Platforms like Microsoft Teams and Slack enable teamwork by supporting text chatting and third-party resource integration. A user can access online file storage, make video calls, and manage a code repository, all…

Cryptography and Security · Computer Science 2022-10-25 Yunang Chen , Yue Gao , Nick Ceccio , Rahul Chatterjee , Kassem Fawaz , Earlence Fernandes

WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its capabilities are extensively exploited in multiple…

Cryptography and Security · Computer Science 2025-02-11 Gaetano Perrone , Simon Pietro Romano

As third-party cookies are being phased out or restricted by major browsers, first-party cookies are increasingly repurposed for tracking. Prior work has shown that third-party scripts embedded in the main frame can access and exfiltrate…

Cryptography and Security · Computer Science 2025-10-02 Pouneh Nikkhah Bahrami , Aurore Fass , Zubair Shafiq
‹ Prev 1 2 3 10 Next ›