Web-to-Application Injection Attacks on Android: Characterization and Detection
暂无分享,去创建一个
[1] Jacques Klein,et al. FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.
[2] David A. Wagner,et al. Bifocals: Analyzing WebView Vulnerabilities in Android Applications , 2013, WISA.
[3] Yajin Zhou,et al. Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.
[4] A. Porter. Phishing on Mobile Devices , 2011 .
[5] Sam Malek,et al. Testing android apps through symbolic execution , 2012, ACM SIGSOFT Softw. Eng. Notes.
[6] Vitaly Shmatikov,et al. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks , 2014, NDSS.
[7] Yajin Zhou,et al. Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.
[8] Ondrej Lhoták,et al. The Soot framework for Java program analysis: a retrospective , 2011 .
[9] Byung-Gon Chun,et al. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.
[10] Heng Yin,et al. DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.
[11] Mu Zhang,et al. AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications , 2014, NDSS.
[12] Heng Yin,et al. Attacks on WebView in the Android system , 2011, ACSAC '11.
[13] Hongseok Yang,et al. Automated concolic testing of smartphone apps , 2012, SIGSOFT FSE.
[14] Koushik Sen,et al. DART: directed automated random testing , 2005, PLDI '05.
[15] Helen J. Wang,et al. Permission Re-Delegation: Attacks and Defenses , 2011, USENIX Security Symposium.
[16] Nan Zhang,et al. The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations , 2014, 2014 IEEE Symposium on Security and Privacy.
[17] XiaoFeng Wang,et al. Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating , 2014, 2014 IEEE Symposium on Security and Privacy.
[18] Heng Yin,et al. Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation , 2014, CCS.
[19] Rui Wang,et al. Unauthorized origin crossing on mobile platforms: threats and mitigation , 2013, CCS.
[20] Wenke Lee,et al. CHEX: statically vetting Android apps for component hijacking vulnerabilities , 2012, CCS.
[21] Dawn Xiaodong Song,et al. Towards a Formal Foundation of Web Security , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.
[22] Edgar R. Weippl,et al. Guess Who's Texting You? Evaluating the Security of Smartphone Messaging Applications , 2012, NDSS.
[23] Zhuoqing Morley Mao,et al. Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks , 2014, USENIX Security Symposium.
[24] Hongyang Li,et al. Screenmilker: How to Milk Your Android Screen for Secrets , 2014, NDSS.
[25] Yajin Zhou,et al. Systematic Detection of Capability Leaks in Stock Android Smartphones , 2012, NDSS.
[26] Jacques Klein,et al. Dexpler: converting Android Dalvik bytecode to Jimple for static analysis with Soot , 2012, SOAP '12.
[27] Yajin Zhou,et al. Detecting Passive Content Leaks and Pollution in Android Applications , 2013, NDSS.
[28] Thomas W. Reps,et al. Precise interprocedural dataflow analysis via graph reachability , 1995, POPL '95.
[29] Apu Kapadia,et al. Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones , 2011, NDSS.
[30] Eric Bodden,et al. A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks , 2014, NDSS.
[31] Mayur Naik,et al. Dynodroid: an input generation system for Android apps , 2013, ESEC/FSE 2013.
[32] Cesare Tinelli,et al. A DPLL(T) Theory Solver for a Theory of Strings and Regular Expressions , 2014, CAV.
[33] Bogdan Korel,et al. Automated Software Test Data Generation , 1990, IEEE Trans. Software Eng..
[34] James C. King,et al. Symbolic execution and program testing , 1976, CACM.
[35] Ahmad-Reza Sadeghi,et al. Privilege Escalation Attacks on Android , 2010, ISC.
[36] Ondrej Lhoták,et al. Scaling Java Points-to Analysis Using SPARK , 2003, CC.