Abstract : URANOS is an Android application which uses syntactical static analysis to determine in which component of an Android application a permission is required. This work describes how the detection and analysis of widely distributed and security critical ad-ware plugins is achieved. We show, how users can trigger bytecode rewriting to (de)activate selected or redundant permissions in Android applications without sacrificing functionality. The paper also discusses performance, security, and legal implications of the presented approach.
https://hal.inria.fr/hal-01485933 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, March 9, 2017 - 3:16:14 PM Last modification on : Thursday, March 9, 2017 - 3:21:21 PM Long-term archiving on: : Saturday, June 10, 2017 - 2:21:15 PM
Daniel Schreckling, Stephan Huber, Focke Höhne, Joachim Posegga. URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. pp.50-65, ⟨10.1007/978-3-642-38530-8_4⟩. ⟨hal-01485933⟩