Proceedings of the 2013 ACM SIGSAC Conference on Computer &Amp; Communications Security - CCS '13 2013
DOI: 10.1145/2508859.2516728
|View full text |Cite
|
Sign up to set email alerts
|

The impact of vendor customizations on android security

Abstract: The smartphone market has grown explosively in recent years, as more and more consumers are attracted to the sensor-studded multipurpose devices. Android is particularly ascendant; as an open platform, smartphone manufacturers are free to extend and modify it, allowing them to differentiate themselves from their competitors. However, vendor customizations will inherently impact overall Android security and such impact is still largely unknown.In this paper, we analyze ten representative stock Android images fr… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
86
0
3

Year Published

2014
2014
2023
2023

Publication Types

Select...
5
3
1

Relationship

0
9

Authors

Journals

citations
Cited by 128 publications
(90 citation statements)
references
References 31 publications
1
86
0
3
Order By: Relevance
“…All the tools are able to directly analyze Android bytecode except AppScan Source, which is only able to analyze the source code of the apps. Unfortunately, we were unable to compare IccTA with other static taint analysis tools as either they fail to report any leaks (e.g., SCanDroid [21]) or their authors did not make them available (e.g., SEFA [45] Table III confirm this, since FlowDroid shows a high recall (70.0%) and a low precision (27.4%). Furthermore, FlowDroid misses three more leaks than IccTA in bindService{2,3,4}.…”
Section: A Rq1: Comparison With Existing Toolsmentioning
confidence: 99%
See 1 more Smart Citation
“…All the tools are able to directly analyze Android bytecode except AppScan Source, which is only able to analyze the source code of the apps. Unfortunately, we were unable to compare IccTA with other static taint analysis tools as either they fail to report any leaks (e.g., SCanDroid [21]) or their authors did not make them available (e.g., SEFA [45] Table III confirm this, since FlowDroid shows a high recall (70.0%) and a low precision (27.4%). Furthermore, FlowDroid misses three more leaks than IccTA in bindService{2,3,4}.…”
Section: A Rq1: Comparison With Existing Toolsmentioning
confidence: 99%
“…SCanDroid [21] and SEFA [45] are another two tools that perform ICC analysis. However, neither of them keeps the context between components and thus are less precise than IccTA by design.…”
Section: Related Workmentioning
confidence: 99%
“…This resolution is performed in a two-step process. In step 1 (lines [17][18][19][20][21][22], the algorithm addresses the cases of type 1 conflicts. In step 2, type 2 conflicts are solved by refactoring the code.…”
Section: Resolution Of Conflictsmentioning
confidence: 99%
“…Mobile devices have to face a number of issues due to the resource constraints (performance issue [1,2], e.g.) and also security issues (data leakage [3,4], privacy concern [5,6], etc.). In particular, the latter may be affected by the applications installed.…”
Section: Introductionmentioning
confidence: 99%