Breaking and fixing the Android Launching Flow

Computers and Security

Volumn 39, Issue PARTA, 2013, Pages 104-115

  Armando, Alessandro ^a,b   Merlo, Alessio ^a,c   Migliardi, Mauro ^d   Verderame, Luca ^a  

^a UNIVERSITY OF GENOA   (Italy)

^b ITC IRST   (Italy)

^c ECAMPUS UNIVERSITY   (Italy)

^d UNIVERSITY OF PADOVA   (Italy)

Author keywords

Android OS; Android security; Android security framework; Denial of Service; Zygote vulnerability

Indexed keywords

ANDROID OSSA; ANDROID SECURITIES; DALVIK VIRTUAL MACHINES; DENIAL OF SERVICE; DENIAL OF SERVICE ATTACKS; DISCRETIONARY ACCESS CONTROL MODELS; SECURITY MECHANISM; ZYGOTE VULNERABILITY;

COMPUTER OPERATING SYSTEMS;

ROBOTS;

EID: 84888289162     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2013.03.009     Document Type: Article

References (22)

1. A. Armando, G. Costa, and A. Merlo Formal modeling and reasoning about the android security framework Proceedings of the 7th international symposium on Trustworthy Global Computing 2012 TGC
2. Armando A, Costa G, Merlo A, Verderame L. Bring your own device, securely. In: Proceedings of the 28th Symposium on Applied Computing (SAC 2013); 2013. p. 1852-1859.
3. A. Armando, A. Merlo, M. Migliardi, and L. Verderame Would you mind forking this process? A denial of service attack on Android (and some countermeasures) Proc. of the 27th IFIP international information security and privacy conference (SEC 2012) vol. 376 2012 IFIP Advances in Information and Communication Technology/Springer 13 24
4. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, and A.R. Sadeghi XManDroid: a new Android evolution to mitigate privilege escalation attacks Technical Report TR-2011-04 2011 Technische Univ. Darmstadt
5. Burguera I, Zurutuza U, Nadjm-Therani S. Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM workshop on security and privacy in smartphones and mobile devices (SPSM'11); 2011.
6. A. Chaudhuri Language-based security on Android Proceedings of the ACM SIGPLAN fourth workshop on programming languages and analysis for security 2009 ACM 1 7 PLAS'09
7. E. Chin, A.P. Felt, K. Greenwood, and D. Wagner Analyzing inter-application communication in Android Proceedings of the 9th international conference on mobile systems, applications, and services 2011 ACM New York, NY, USA 239 252 URL:
8. D. Dagon, T. Martin, and T. St (Pubitemid 40010893)
9. L. Davi, A. Dmitrienko, A.R. Sadeghi, and M. Winandy Privilege escalation attacks on android Information security Vol. 6531 of LNCS 2011 346 360
10. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri A study of android application security Proceedings of the 20th USENIX conference on security 2011 USENIX Association 21 URL: SEC'11
11. Felt AP, Chin E, Hanna S, Song D, Wagner D. Android permissions demystified. In: Proceedings of the 18th ACM conference on computer and communications security. CCS'11; 2011. p. 627-638. URL: .
12. Fragkaki E, Bauer L, Jia L, Swasey D. Modeling and enhancing android's permission system. In: Computer Security - ESORICS 2012; 2012.
13. A.P. Fuchs, A. Chaudhuri, and J.S. Foster SCanDroid: automated security certification of Android applications Technical Report 2010 University of Maryland
14. Mylonas A, Dritsas S, Tsoumas B, Gritzalis D. Smartphone security evaluation - the malware attack case. In: SECRYPT'11; 2011. p. 25-36.
15. M. Nauman, S. Khan, and X. Zhang Apex: extending android permission model and enforcement with user-defined runtime constraints Proceedings of the 5th ACM symposium on information, computer and communications security 2010 ACM 328 332 URL: http://doi.acm.org/10.1145/1755688.1755732 ASIACCS'10
16. Oberheide J, Miller C. Dissecting the android bouncer. In: SummerCon 2012. URL: http://jon.oberheide.org/research/.
17. Ongtang M, Mclaughlin S, Enck W, Mcdaniel P. Semantically rich application-centric security in android. In: ACSAC'09: annual computer security applications conference; 2009.
18. Schmidt AD, Bye R, Schmidt HG, Clausen J, Kiraz O, Yuksel K. Static analysis of executables for collaborative malware detection on android. In: Communications, 2009. ICC'09. IEEE international conference on; 2009.
19. W. Shin, S. Kiyomoto, K. Fukushima, and T. Tanaka A formal model to analyze the permission authorization and enforcement in the android framework Proceedings of the 2010 IEEE second international conference on social computing 2010 IEEE Computer Society 944 951 SOCIALCOM'10
20. Zhou Y, Jiang X. Dissecting Android malware: characterization and evolution. In: Security and Privacy (SP), 2012 IEEE Symposium on; 2012. p. 95-109.
21. Zhou Y, Wang Z, Zhou W, Jiang X. Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets. In: Proceedings of the 19th annual network & distributed system security symposium; 2012.
22. Zhou Y, Zhang X, Jiang X, Freeh VW. Taming information-stealing smartphone applications (on Android). In: Proceedings of the 4th international conference on trust and trustworthy computing. TRUST'11; 2011. p. 93-107. URL: http://dl.acm.org/citation.cfm?id=2022245.2022255.