Zhao et al., 2020 - Google Patents
Automatic uncovering of hidden behaviors from input validation in mobile appsZhao et al., 2020
View PDF- Document ID
- 1481761597022100093
- Author
- Zhao Q
- Zuo C
- Dolan-Gavitt B
- Pellegrino G
- Lin Z
- Publication year
- Publication venue
- 2020 IEEE Symposium on Security and Privacy (SP)
External Links
Snippet
Mobile applications (apps) have exploded in popularity, with billions of smartphone users using millions of apps available through markets such as the Google Play Store or the Apple App Store. While these apps have rich and useful functionality that is publicly exposed to …
- 238000010200 validation analysis 0 title abstract description 82
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/445—Programme loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/4443—Execution mechanisms for user interfaces
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/4421—Execution paradigms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
- G06F17/30864—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems
- G06F17/30867—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems with filtering and personalisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/20—Handling natural language data
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhao et al. | Automatic uncovering of hidden behaviors from input validation in mobile apps | |
| Heartfield et al. | A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks | |
| Pan et al. | Dark hazard: Large-scale discovery of unknown hidden sensitive operations in Android apps | |
| Andronio et al. | Heldroid: Dissecting and detecting mobile ransomware | |
| Teufl et al. | Malware detection by applying knowledge discovery processes to application metadata on the Android Market (Google Play) | |
| Wang et al. | Beyond the virus: A first look at coronavirus-themed mobile malware | |
| Aggarwal et al. | I spy with my little eye: Analysis and detection of spying browser extensions | |
| Akram et al. | How to build a vulnerability benchmark to overcome cyber security attacks | |
| Wang et al. | Beyond the virus: a first look at coronavirus-themed Android malware | |
| Wang et al. | Uncovering and exploiting hidden apis in mobile super apps | |
| Shrivastava et al. | Android application behavioural analysis for data leakage | |
| Kadir et al. | Understanding android financial malware attacks: Taxonomy, characterization, and challenges | |
| Liu et al. | Demystifying rce vulnerabilities in llm-integrated apps | |
| Baskaran et al. | Measuring the leakage and exploitability of authentication secrets in super-apps: The wechat case | |
| Wang et al. | Characterizing cryptocurrency-themed malicious browser extensions | |
| Appelt et al. | Assessing the impact of firewalls and database proxies on SQL injection testing | |
| Jang et al. | Function‐Oriented Mobile Malware Analysis as First Aid | |
| Zhao et al. | Privacy model: detect privacy leakage for chinese browser extensions | |
| Sentana et al. | An empirical analysis of security and privacy risks in android cryptocurrency wallet apps | |
| Zhao et al. | Large-scale detection of privacy leaks for BAT browsers extensions in China | |
| Di et al. | Influencing user’s behavior concerning android privacy policy: an overview | |
| Hou et al. | On the (in) security of llm app stores | |
| Cao | Understanding the characteristics of invasive malware from the Google Play Store | |
| Moussaileb | Log analysis for malicious software detection | |
| Kaushik et al. | Investigating and Safeguarding the Web Browsers from Malicious Web Extensions |