Werthmann et al., 2013 - Google Patents
PSiOS: bring your own privacy & security to iOS devicesWerthmann et al., 2013
View PDF- Document ID
- 17605182086745630399
- Author
- Werthmann T
- Hund R
- Davi L
- Sadeghi A
- Holz T
- Publication year
- Publication venue
- Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
External Links
Snippet
Apple iOS is one of the most popular mobile operating systems. As its core security technology, iOS provides application sandboxing but assigns a generic sandboxing profile to every third-party application. However, recent attacks and incidents with benign …
- 230000003068 static 0 abstract description 31
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Werthmann et al. | PSiOS: bring your own privacy & security to iOS devices | |
| Batyuk et al. | Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications | |
| Tam et al. | The evolution of android malware and android analysis techniques | |
| Backes et al. | Appguard–fine-grained policy enforcement for untrusted android applications | |
| Backes et al. | Boxify: Full-fledged app sandboxing for stock android | |
| Xu et al. | Toward engineering a secure android ecosystem: A survey of existing techniques | |
| Enck | Defending users against smartphone apps: Techniques and future directions | |
| Fang et al. | Permission based Android security: Issues and countermeasures | |
| Marforio et al. | Application collusion attack on the permission-based security model and its implications for modern smartphone systems | |
| Zhou et al. | Taming information-stealing smartphone applications (on android) | |
| Hornyack et al. | These aren't the droids you're looking for: retrofitting android to protect data from imperious applications | |
| Wang et al. | Unauthorized origin crossing on mobile platforms: Threats and mitigation | |
| Mylonas et al. | Smartphone security evaluation the malware attack case | |
| Wang et al. | Compac: Enforce component-level access control in android | |
| Han et al. | Comparing mobile privacy protection through cross-platform applications | |
| Backes et al. | Appguard-real-time policy enforcement for third-party applications | |
| Do et al. | Enhancing user privacy on android mobile devices via permissions removal | |
| Ciardo et al. | SMART: Simulation and Markovian analyzer for reliability and timing | |
| Dai Zovi | Apple iOS 4 security evaluation | |
| Zhou et al. | Hybrid user-level sandboxing of third-party android apps | |
| Mylonas et al. | On the feasibility of malware attacks in smartphone platforms | |
| Liebergeld et al. | Android security, pitfalls and lessons learned | |
| Faruki et al. | Droidanalyst: Synergic app framework for static and dynamic app analysis | |
| Bucicoiu et al. | XiOS: Extended application sandboxing on iOS | |
| Alfalqi et al. | Android platform malware analysis |