Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Physical Sciences and Mathematics
Towards Dynamically Monitoring Android Applications On Non-Rooted Devices In The Wild, Xiaoxiao Tang, Daoyuan Wu, Yan Lin, Debin Gao
Towards Dynamically Monitoring Android Applications On Non-Rooted Devices In The Wild, Xiaoxiao Tang, Daoyuan Wu, Yan Lin, Debin Gao
Research Collection School Of Computing and Information Systems
Dynamic analysis is an important technique to reveal sensitive behavior of Android apps. Current works require access to the code-level and system-level events (e.g., API calls and system calls) triggered by the running apps and consequently they can only be conducted on in-lab running environments (e.g., emulators and modified OS). The strict requirement of running environment hinders their deployment in scale and makes them vulnerable to anti-analysis techniques. Furthermore, current dynamic analysis of Android apps exploits input generators to invoke app behavior, which, however, cannot provide sufficient code coverage. We propose to dynamically analyze app behavior on non-rooted devices used …
Sclib: A Practical And Lightweight Defense Against Component Hijacking In Android Applications, Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, Robert H. Deng
Sclib: A Practical And Lightweight Defense Against Component Hijacking In Android Applications, Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By hijacking a vulnerable component in victim apps, an attack app can escalate its privilege for operations originally prohibited. Many prior studies have been performed to understand and mitigate this issue, but no defense is being deployed in the wild, largely due to the deployment difficulties and performance concerns. In this paper we present SCLib, a secure component library that performs in-app mandatory access control on behalf of app …