English
Related papers

Related papers: Exploiting PendingIntent Provenance Confusion to S…

200 papers

Android applications may leak privacy data carelessly or maliciously. In this work we perform inter-component data-flow analysis to detect privacy leaks between components of Android applications. Unlike all current approaches, our tool,…

Software Engineering · Computer Science 2014-04-30 Li Li , Alexandre Bartel , Jacques Klein , Yves Le Traon , Steven Arzt , Siegfried Rasthofer , Eric Bodden , Damien Octeau , Patrick McDaniel

In recent years, there has been rapid growth in mobile devices such as smartphones, and a number of applications are developed specifically for the smartphone market. In particular, there are many applications that are ``free'' to the user,…

Cryptography and Security · Computer Science 2013-05-20 Hiroki Kuzuno , Satoshi Tonami

As data privacy continues to be a crucial human-right concern as recognized by the UN, regulatory agencies have demanded developers obtain user permission before accessing user-sensitive data. Mainly through the use of privacy policies…

Computers and Society · Computer Science 2022-02-16 Md Rashedur Rahman , Elizabeth Miller , Moinul Hossain , Aisha Ali-Gombe

A fundamental premise of SMS One-Time Password (OTP) is that the used pseudo-random numbers (PRNs) are uniquely unpredictable for each login session. Hence, the process of generating PRNs is the most critical step in the OTP authentication.…

Cryptography and Security · Computer Science 2021-03-11 Siqi Ma , Juanru Li , Hyoungshick Kim , Elisa Bertino , Surya Nepal , Diethelm Ostry , Cong Sun

Business Collaboration Platforms like Microsoft Teams and Slack enable teamwork by supporting text chatting and third-party resource integration. A user can access online file storage, make video calls, and manage a code repository, all…

Cryptography and Security · Computer Science 2022-10-25 Yunang Chen , Yue Gao , Nick Ceccio , Rahul Chatterjee , Kassem Fawaz , Earlence Fernandes

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may…

Cryptography and Security · Computer Science 2012-05-01 Steffen Bartsch , Karsten Sohr , Michaela Bunke , Oliver Hofrichter , Bernhard Berger

The Intent in Android plays an important role in inter-process and intra-process communications. The implicit Intent that an application could accept are declared in its manifest and are amongst the easiest feature to extract from an apk.…

Cryptography and Security · Computer Science 2020-10-20 Mohit Sewak , Sanjay K. Sahay , Hemant Rathore

Mobile apps often embed authentication secrets, such as API keys, tokens, and client IDs, to integrate with cloud services. However, developers often hardcode these credentials into Android apps, exposing them to extraction through reverse…

Cryptography and Security · Computer Science 2025-10-22 Marco Alecci , Jordan Samhi , Tegawendé F. Bissyandé , Jacques Klein

Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an…

Cryptography and Security · Computer Science 2017-09-01 Wei-Han Lee , Ruby B. Lee

Android's open-source nature facilitates widespread smartphone accessibility, particularly in price-sensitive markets. System and vendor applications that come pre-installed on budget Android devices frequently operate with elevated…

Cryptography and Security · Computer Science 2025-09-24 Alioune Diallo , Anta Diop , Abdoul Kader Kabore , Jordan Samhi , Aleksandr Pilgun , Tegawendé F. Bissyande , Jacque Klein

Filesystem vulnerabilities persist as a significant threat to Android systems, despite various proposed defenses and testing techniques. The complexity of program behaviors and access control mechanisms in Android systems makes it…

Cryptography and Security · Computer Science 2024-07-17 Yu-Tsung Lee , Hayawardh Vijayakumar , Zhiyun Qian , Trent Jaeger

Mobile apps frequently use Bluetooth Low Energy (BLE) and WiFi scanning permissions to discover nearby devices like peripherals and connect to WiFi Access Points (APs). However, wireless interfaces also serve as a covert proxy for…

Cryptography and Security · Computer Science 2025-03-20 Aniketh Girish , Joel Reardon , Juan Tapiador , Srdjan Matic , Narseo Vallina-Rodriguez

Android has been the most popular smartphone system with multiple platform versions active in the market. To manage the application's compatibility with one or more platform versions, Android allows apps to declare the supported platform…

Software Engineering · Computer Science 2020-09-01 Daoyuan Wu , Debin Gao , David Lo

Mobile applications (apps) often transmit sensitive data through network with various intentions. Some transmissions are needed to fulfill the app's functionalities. However, transmissions with malicious receivers may lead to privacy…

Cryptography and Security · Computer Science 2017-02-08 Hao Fu , Zizhan Zheng , Somdutta Bose , Matt Bishop , Prasant Mohapatra

The proliferation of ubiquitous computing requires energy-efficient as well as secure operation of modern processors. Side channel attacks are becoming a critical threat to security and privacy of devices embedded in modern computing…

Cryptography and Security · Computer Science 2019-07-11 Nikhil Chawla , Arvind Singh , Monodeep Kar , Saibal Mukhopadhyay

Android is a widely used operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating application resource requests. APS is a critical component of the Android…

Cryptography and Security · Computer Science 2022-08-24 Amirhosein Sayyadabdi , Behrouz Tork Ladani , Bahman Zamani

We analyze the prandom pseudo random number generator (PRNG) in use in the Linux kernel (which is the kernel of the Linux operating system, as well as of Android) and demonstrate that this PRNG is weak. The prandom PRNG is in use by many…

Cryptography and Security · Computer Science 2020-12-15 Amit Klein

The ability to identify the author responsible for a given software object is critical for many research studies and for enhancing software transparency and accountability. However, as opposed to other application markets like iOS,…

Cryptography and Security · Computer Science 2022-11-24 Kaspar Hageman , Álvaro Feal , Julien Gamba , Aniketh Girish , Jakob Bleier , Martina Lindorfer , Juan Tapiador , Narseo Vallina-Rodriguez

Third-party applications have become an essential part of today's online ecosystem, enhancing the functionality of popular platforms. However, the intensive data exchange underlying their proliferation has increased concerns about…

Cryptography and Security · Computer Science 2024-05-03 Shuaishuai Liu , Gergely Biczók

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By…

Cryptography and Security · Computer Science 2018-01-16 Daoyuan Wu , Yao Cheng , Debin Gao , Yingjiu Li , Robert H. Deng