Abstract : URANOS is an Android application which uses syntactical static analysis to determine in which component of an Android application a permission is required. This work describes how the detection and analysis of widely distributed and security critical ad-ware plugins is achieved. We show, how users can trigger bytecode rewriting to (de)activate selected or redundant permissions in Android applications without sacrificing functionality. The paper also discusses performance, security, and legal implications of the presented approach.
Type de document :
Communication dans un congrès
Lorenzo Cavallaro; Dieter Gollmann. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. Springer, Lecture Notes in Computer Science, LNCS-7886, pp.50-65, 2013, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems. 〈10.1007/978-3-642-38530-8_4〉
https://hal.inria.fr/hal-01485933
Contributeur : Hal Ifip
<>
Soumis le : jeudi 9 mars 2017 - 15:16:14
Dernière modification le : jeudi 9 mars 2017 - 15:21:21
Document(s) archivé(s) le : samedi 10 juin 2017 - 14:21:15
Daniel Schreckling, Stephan Huber, Focke Höhne, Joachim Posegga. URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security. Lorenzo Cavallaro; Dieter Gollmann. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. Springer, Lecture Notes in Computer Science, LNCS-7886, pp.50-65, 2013, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems. 〈10.1007/978-3-642-38530-8_4〉. 〈hal-01485933〉
