Android security assessment: A review, taxonomy and research gap study
作者: Shivi Garg , Niyati Baliyan
DOI: 10.1016/J.COSE.2020.102087
关键词:
摘要: Abstract Security threats are escalating exponentially posing a serious challenge to mobile platforms, specifically Android. In recent years the number of attacks has not only increased but each attack become more damaging platform. Therefore, it is important develop stringent counter-measures defend systems. Although in last few significant research progress seen field detection and mitigation Android security, yet numerous challenges gaps still exist. This paper presents comprehensive sound taxonomy review state-of-the-art approaches used security. We have highlighted trends patterns different analysis approaches, identified key aspects terms objectives, techniques, code representations, tools frameworks used, etc. enumerated areas for future work. To carry out this study, proper systematic literature process followed results nearly 200 publications been comprehended based on security aspects.
sci-hub.st 参考文章(203)
Daniel Schoepe, Musard Balliu, Frank Piessens, Andrei Sabelfeld, Let’s Face It: Faceted Values for Taint Tracking european symposium on research in computer security. pp. 561- 580 ,(2016) , 10.1007/978-3-319-45744-4_28
Alireza Sadeghi, Hamid Bagheri, Joshua Garcia, Sam Malek, A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android Software IEEE Transactions on Software Engineering. ,vol. 43, pp. 492- 530 ,(2017) , 10.1109/TSE.2016.2615307
William Martin, Federica Sarro, Yue Jia, Yuanyuan Zhang, Mark Harman, A Survey of App Store Analysis for Software Engineering IEEE Transactions on Software Engineering. ,vol. 43, pp. 817- 847 ,(2017) , 10.1109/TSE.2016.2630689
Tarunpreet Bhatia, A. K. Verma, Data security in mobile cloud computing paradigm: a survey, taxonomy and open research issues The Journal of Supercomputing. ,vol. 73, pp. 2558- 2631 ,(2017) , 10.1007/S11227-016-1945-Y
Michelle Y. Wong, David Lie, IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware network and distributed system security symposium. ,(2016) , 10.14722/NDSS.2016.23118
Carol J. Fung, Bahman Rashidi, A Survey of Android Security Threats and Defenses. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl.. ,vol. 6, pp. 3- 35 ,(2015)
Wenying Bao, Wenbin Yao, Ming Zong, Dongbin Wang, Cross-site Scripting Attacks on Android Hybrid Applications international conference cryptography security and privacy. pp. 56- 61 ,(2017) , 10.1145/3058060.3058076
Mariem Graa, Nora Cuppens-Boulahia, Frédéric Cuppens, Jean-Louis Lanet, Routa Moussaileb, Detection of Side Channel Attacks Based on Data Tainting in Android Systems ICT Systems Security and Privacy Protection. pp. 205- 218 ,(2017) , 10.1007/978-3-319-58469-0_14
Yang Liu, Chaoshun Zuo, Zonghua Zhang, Shanqing Guo, Xinshun Xu, An automatically vetting mechanism for SSL error-handling vulnerability in android hybrid Web apps World Wide Web. ,vol. 21, pp. 127- 150 ,(2018) , 10.1007/S11280-017-0458-9
Yulei Pang, Xiaozhen Xue, Huaying Wang, Predicting Vulnerable Software Components through Deep Neural Network Proceedings of the 2017 International Conference on Deep Learning Technologies. pp. 6- 10 ,(2017) , 10.1145/3094243.3094245