EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
作者: Yinzhi Cao , Yanick Fratantonio , Antonio Bianchi , Manuel Egele , Christopher Kruegel
关键词:
摘要: Android users can choose from over one million applications (apps) offered through the official Google Play marketplace. Furthermore, a wealth of alternative sources for is available to from. These range curated stores, such as Amazon’s Appstore less legitimate that offer pirated content. The sheer number mobile prompted researchers academia and industry develop static analysis techniques scrutinize these vulnerabilities malicious functionality. always execute in context framework — comprehensive collection functionality developers conveniently use their applications. prolific poses unique challenges
ndss-symposium.org
core.ac.uk
ucsb.edu
yinzhicao.org 参考文章(25)
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Christian W. Probst, Modular Control Flow Analysis for Libraries static analysis symposium. pp. 165- 179 ,(2002) , 10.1007/3-540-45789-5_14
Ondrej Lhotak, Eric Bodden, Patrick Lam, Laurie Hendren, The Soot framework for Java program analysis: a retrospective ,(2011)
Karim Ali, Ondřej Lhoták, Application-Only Call Graph Construction ECOOP 2012 – Object-Oriented Programming. pp. 688- 712 ,(2012) , 10.1007/978-3-642-31057-7_30
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Ron Cytron, Jeanne Ferrante, Barry K. Rosen, Mark N. Wegman, F. Kenneth Zadeck, Efficiently computing static single assignment form and the control dependence graph ACM Transactions on Programming Languages and Systems. ,vol. 13, pp. 451- 490 ,(1991) , 10.1145/115372.115320
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 229- 240 ,(2012) , 10.1145/2382196.2382223
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691
Magnus Madsen, Benjamin Livshits, Michael Fanning, Practical static analysis of JavaScript applications in the presence of frameworks and libraries foundations of software engineering. pp. 499- 509 ,(2013) , 10.1145/2491411.2491417
Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, Xuxian Jiang, RiskRanker Proceedings of the 10th international conference on Mobile systems, applications, and services - MobiSys '12. pp. 281- 294 ,(2012) , 10.1145/2307636.2307663