Shifting to Mobile: Network-Based Empirical Study of Mobile Vulnerability Market
暂无分享,去创建一个
Jia Zhang | Zhiyong Feng | Wei Tan | Keman Huang | Zhiyong Feng | Keman Huang | Jia Zhang | Wei Tan
[1] Eric Rescorla,et al. Is finding security holes a good idea? , 2005, IEEE Security & Privacy.
[2] Michael Backes,et al. You Get Where You're Looking for: The Impact of Information Sources on Code Security , 2016, 2016 IEEE Symposium on Security and Privacy (SP).
[3] Albert-László Barabási,et al. Understanding the Spreading Patterns of Mobile Phone Viruses , 2009, Science.
[4] Yashwant K. Malaiya,et al. Software Vulnerability Markets: Discoverers and Buyers , 2014 .
[5] Neil Savage,et al. Gaining wisdom from crowds , 2012, Commun. ACM.
[6] David A. Wagner,et al. Analyzing inter-application communication in Android , 2011, MobiSys '11.
[7] Thomas T. Hills,et al. Exploration versus exploitation in space, mind, and society , 2015, Trends in Cognitive Sciences.
[8] Jens Grossklags,et al. Given enough eyeballs, all bugs are shallow? Revisiting Eric Raymond with bug bounty programs , 2016, J. Cybersecur..
[9] Mu Zhang,et al. Efficient, context-aware privacy leakage confinement for android applications without firmware modding , 2014, AsiaCCS.
[10] Yizheng Chen,et al. On the Feasibility of Large-Scale Infections of iOS Devices , 2014, USENIX Security Symposium.
[11] Steve Hanna,et al. Android permissions demystified , 2011, CCS '11.
[12] Michael Siegel,et al. Poster: Diversity or Concentration? Hackers’ Strategy for Working Across Multiple Bug Bounty Programs , 2016 .
[13] Ramayya Krishnan,et al. An Empirical Analysis of Software Vendors' Patch Release Behavior: Impact of Vulnerability Disclosure , 2010, Inf. Syst. Res..
[14] Golden G. Richard,et al. Don't Touch that Column: Portable, Fine-Grained Access Control for Android's Native Content Providers , 2016, WISEC.
[15] David A. Wagner,et al. Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.
[16] Gregory White,et al. An Empirical Study on the Effectiveness of Common Security Measures , 2010, 2010 43rd Hawaii International Conference on System Sciences.
[17] Stuart E. Schechter,et al. Milk or Wine: Does Software Security Improve with Age? , 2006, USENIX Security Symposium.
[18] Muhammad Zubair Shafiq,et al. A large scale exploratory analysis of software vulnerability life cycles , 2012, 2012 34th International Conference on Software Engineering (ICSE).
[19] Dorothy E. Denning. Toward more secure software , 2015, Commun. ACM.
[20] Leyla Bilge,et al. Before we knew it: an empirical study of zero-day attacks in the real world , 2012, CCS.
[21] Tudor Dumitras,et al. Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits , 2015, USENIX Security Symposium.
[22] Fabio Massacci,et al. Comparing Vulnerability Severity and Exploits Using Case-Control Studies , 2014, TSEC.
[23] Bernhard Plattner,et al. Modelling the Security Ecosystem- The Dynamics of (In)Security , 2009, WEIS.
[24] Yuan Zhang,et al. AppIntent: analyzing sensitive data transmission in android for privacy leakage detection , 2013, CCS.
[25] David A. Wagner,et al. Android Permissions Remystified: A Field Study on Contextual Integrity , 2015, USENIX Security Symposium.
[26] Jia Zhang,et al. An Empirical Analysis of Contemporary Android Mobile Vulnerability Market , 2015, 2015 IEEE International Conference on Mobile Services.
[27] Mehran Bozorgi,et al. Beyond heuristics: learning to classify vulnerabilities and predict exploits , 2010, KDD.
[28] Xuanzhe Liu,et al. PRADA: Prioritizing Android Devices for Apps by Mining Large-Scale Usage Data , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).
[29] Ahmed E. Hassan,et al. A Large-Scale Empirical Study on Software Reuse in Mobile Apps , 2014, IEEE Software.
[30] Matthew Smith,et al. VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits , 2015, CCS.
[31] Matthew Smith,et al. Rethinking SSL development in an appified world , 2013, CCS.
[32] Ross J. Anderson. Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.
[33] Konrad Rieck,et al. Modeling and Discovering Vulnerabilities with Code Property Graphs , 2014, 2014 IEEE Symposium on Security and Privacy.
[34] Hannes Holm,et al. An expert-based investigation of the Common Vulnerability Scoring System , 2015, Comput. Secur..
[35] Jacques Klein,et al. DroidRA: taming reflection to support whole-program analysis of Android apps , 2016, ISSTA.
[36] Nicolas Christin,et al. Measuring the Longitudinal Evolution of the Online Anonymous Marketplace Ecosystem , 2015, USENIX Security Symposium.
[37] Tyler Moore,et al. The Economics of Information Security , 2006, Science.
[38] Huseyin Cavusoglu,et al. Emerging Issues in Responsible Vulnerability Disclosure , 2005, WEIS.
[39] Peng Liu,et al. An Empirical Study of Web Vulnerability Discovery Ecosystems , 2015, CCS.
[40] Sang Pil Han,et al. Estimating Demand for Mobile Applications in the New Economy , 2014, Manag. Sci..
[41] Bernhard Plattner,et al. Software Security Economics: Theory, in Practice , 2012, WEIS.
[42] Neal Leavitt,et al. Mobile Security: Finally a Serious Problem? , 2011, Computer.
[43] Calton Pu,et al. JTangCSB: A Cloud Service Bus for Cloud and Enterprise Application Integration , 2015, IEEE Internet Computing.
[44] Peng Ning,et al. EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning , 2015, USENIX Security Symposium.
[45] Hang Zhang,et al. Android Root and its Providers: A Double-Edged Sword , 2015, CCS.
[46] Shizhan Chen,et al. A Skewness-Based Framework for Mobile App Permission Recommendation and Risk Evaluation , 2016, ICSOC.
[47] Huseyin Cavusoglu,et al. Efficiency of Vulnerability Disclosure Mechanisms to Disseminate Vulnerability Knowledge , 2007, IEEE Transactions on Software Engineering.
[48] Hao Xu,et al. Optimal Policy for Software Vulnerability Disclosure , 2008, Manag. Sci..
[49] David A. Wagner,et al. An Empirical Study of Vulnerability Rewards Programs , 2013, USENIX Security Symposium.
[50] Terrence August,et al. The Influence of Software Process Maturity and Customer Error Reporting on Software Release and Pricing , 2013, Manag. Sci..
[51] Rahul Telang,et al. Market for Software Vulnerabilities? Think Again , 2005, Manag. Sci..
[52] Yuan Tian,et al. OAuth Demystified for Mobile Application Developers , 2014, CCS.
[53] Alessandra Gorla,et al. Checking app behavior against app descriptions , 2014, ICSE.
[54] Matthew Smith,et al. SoK: Lessons Learned from Android Security Research for Appified Software Platforms , 2016, 2016 IEEE Symposium on Security and Privacy (SP).
[55] Stuart E. Schechter,et al. Bootstrapping the Adoption of Internet Security Protocols , 2006, WEIS.
[56] Feng Li,et al. Android Smartphone Third Party Advertising Library Data Leak Analysis , 2014, 2014 IEEE 11th International Conference on Mobile Ad Hoc and Sensor Systems.