HybriDroid: static analysis framework for Android hybrid applications

Lee, Sungho; Dolby, Julian; Ryu, Sukyoung

doi:10.1145/2970276.2970368

Cited by 67 publications

(34 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The development of HybriDroid seems to have started by Lee et al [14] roughly at the same time as we started our work. With HybriDroid, we share the overall goal: detecting security vulnerabilities as well as leakage of private information in hybrid mobile applications on Android.…”

Section: Related Workmentioning

confidence: 70%

On the Static Analysis of Hybrid Mobile Apps

Brucker

Herzberg²

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Developing mobile applications is a challenging business: developers need to support multiple platforms and, at the same time, need to cope with limited resources, as the revenue generated by an average app is rather small. This results in an increasing use of cross-platform development frameworks that allow developing an app once and offering it on multiple mobile platforms such as Android, iOS, or Windows. Apache Cordova is a popular framework for developing multi-platform apps. Cordova combines HTML5 and JavaScript with native application code. Combining web and native technologies creates new security challenges as, e. g., an XSS attacker becomes more powerful. In this paper, we present a novel approach for statically analysing the foreign language calls. We evaluate our approach by analysing the top Cordova apps from Google Play. Moreover, we report on the current state of the overall quality and security of Cordova apps.

show abstract

Section: Related Workmentioning

confidence: 70%

On the Static Analysis of Hybrid Mobile Apps

Brucker

Herzberg²

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…The advantage of running HTML documents in wrapping applications, rather than browsers is that most of the assets required by Web pages are stored in Native app packets on the device, not on the server. This means that the app will feel faster, and can run completely offline like a Native app [14][15][16][17]. By maintaining the benefits of Native apps, Hybrid apps can be launched almost as fast as Web applications [15].…”

Section: Fig 1 Hybrid Application Mapmentioning

confidence: 99%

The implementation of fisher yates shuffle on aljabar learning media based on hybrid application

2018

View full text Add to dashboard Cite

Learning media are widely circulated in the school environment, especially Madrasah Tsanawiyah is a native-shaped media for a particular type of smart phone. There is a problem if there are learners who use different types of smart phones of different types of OS, brand, type, and screen size. This work proposed a hybrid application technology to design the learning media so that it can be accessed by various types of smart phones. Rational Unified Process (RUP) implementing as the main framework. The Fisher Yates Shuffle algorithm applied to the training module and exam to display the sequence of questions and random answer options.

show abstract

“…• Security issues relating to what information is exposed when one language procedure is called from another [10] [11].…”

Section: Prior Literaturementioning

confidence: 99%

Lightweight Multilingual Software Analysis

Lyons

Bogar

Baird

2017

Challenges and Opportunities in ICT Research Projects

View full text Add to dashboard Cite

Developer preferences, language capabilities and the persistence of older languages contribute to the trend that large software codebases are often multilingual -that is, written in more than one computer language. While developers can leverage monolingual software development tools to build software components, companies are faced with the problem of managing the resultant large, multilingual codebases to address issues with security, efficiency, and quality metrics. The key challenge is to address the opaque nature of the language interoperability interface: one language calling procedures in a second (which may call a third, or even back to the first), resulting in a potentially tangled, inefficient and insecure codebase. An architecture is proposed for lightweight static analysis of large multilingual codebases -the MLSA architecture. Its modular and table-oriented structure addresses the open-ended nature of multiple languages and language interoperability APIs. We focus here as an application on the construction of call-graphs that capture both inter-language and intra-language calls. The algorithms for extracting multilingual call-graphs from codebases are presented, and several examples of multilingual software engineering analysis are discussed. The state of the implementation and testing of MLSA is presented, and the implications for future work are discussed.1. The procedure-based interoperability API call is tested for in line 3 (e.g., PyObject_CallObject) 2. The name of the procedure, if it is statically available, is added to the modified call-graph CGM at lines 8 and 11, and the arguments to the procedure are modified to omit the first argument. 3. The node is labelled "ProcBased-Dynamic" at line 6 This algorithm does not include several steps typically associated with procedure-based interoperability calls. Continuing our python.h example:

show abstract

HybriDroid: static analysis framework for Android hybrid applications

Cited by 67 publications

References 23 publications

On the Static Analysis of Hybrid Mobile Apps

On the Static Analysis of Hybrid Mobile Apps

The implementation of fisher yates shuffle on aljabar learning media based on hybrid application

Lightweight Multilingual Software Analysis

Contact Info

Product

Resources

About