A technique for evaluation and detection of potentially vulnerable code in Android applications

机译：一种用于评估和检测Android应用程序中潜在漏洞代码的技术

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Searching for vulnerabilities in Android apps through approaches based on the app's dex bytecode has been applied to a lot of researches. This approach, called late detection, is applied to apps already released, and usually doesn't identify vulnerabilities before users have been exposed. This article presents a method based on static analysis with matching patterns for identifying these vulnerabilities beforehand, during the app development, avoiding users' exposure. The presented technique was evaluated by an experimental test proofapplied to open-source applications, analyzed by appDroidAnalyzer, identifying dozens of apps affected by vulnerabilities in their source code.

机译：通过基于应用程序的dex字节码的方法搜索Android应用程序中的漏洞已被用于许多研究。这种称为延迟检测的方法适用于已经发布的应用程序，通常在用户暴露之前无法识别漏洞。本文介绍了一种基于静态分析和匹配模式的方法，该方法可在应用程序开发期间预先识别这些漏洞，从而避免用户暴露。通过应用到开源应用程序的实验测试证明对提出的技术进行了评估，并通过appDroidAnalyzer进行了分析，从而确定了数十个受其源代码漏洞影响的应用程序。

著录项

来源
《Iberian Conference on Information Systems and Technologies》|2017年|1-6|共6页
会议地点
作者
Ricardo Luis D. M. Ferreira; Anderson F. P. dos Santos; Ricardo Choren;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Androids; Humanoid robots; Mobile communication; Java; Security; Open source software;

机译：安卓;类人机器人;移动通信; Java;安全性;开源软件;

相似文献

外文文献
中文文献
专利

1. VAnDroid: A framework for vulnerability analysis of Android applications using a model-driven reverse engineering technique [J] . Nirumand Atefeh, Zamani Bahman, Ladani Behrouz Tork Software . 2019,第1期

机译：VAnDroid：使用模型驱动的逆向工程技术对Android应用程序进行漏洞分析的框架
2. Towards predictive analysis of android vulnerability using statistical codes and machine learning for IoT applications [J] . Cui Jianfeng, Wang Lixin, Zhao Xin, Computer Communications . 2020,第Apra期

机译：使用统计代码和机器学习对IoT应用程序进行android漏洞的预测分析
3. Code clone detection technique of android layout codes using view attribute filtering [J] . JaeYeon Lee, Jongwook Jeong, Hoh In Contemporary Engineering Sciences . 2016,第9a12期

机译：使用视图属性过滤的Android布局代码的代码克隆检测技术
4. A technique for evaluation and detection of potentially vulnerable code in Android applications [C] . Ricardo Luis D. M. Ferreira, Anderson F. P. dos Santos, Ricardo Choren Iberian Conference on Information Systems and Technologies . 2017

机译：一种用于评估和检测Android应用程序中潜在易受攻击的技术
5. Large scale, automated detection of SSL Man-in-the-Middle vulnerabilities in Android applications. [D] . Sounthiraraj, David B. 2013

机译：大规模，自动检测Android应用程序中的SSL中间人漏洞。
6. vitisFlower®: Development and Testing of a Novel Android-Smartphone Application for Assessing the Number of Grapevine Flowers per Inflorescence Using Artificial Vision Techniques [O] . Arturo Aquino, Borja Millan, Daniel Gaston, 2015

机译：vitisFlower®：开发和测试新型Android智能手机应用程序用于使用人工视觉技术评估每个花序的葡萄花数量
7. Android Applications Repackaging Detection Techniques for Smartphone Devices [O] . Rastogi Sajal, Bhushan Kriti, Gupta B.B. 2016

机译：Android应用程序重新包装智能手机设备的检测技术

A technique for evaluation and detection of potentially vulnerable code in Android applications

摘要

著录项

相似文献

相关主题

期刊订阅