Mobile Malware
Attacks
Permission Circumvention
- Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating
- Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, XiaoFeng Wang; 2014.
Sensor Based
- Stalking Beijing from Timbuktu: A Generic measurement Approach for Exploiting Location-Based Social Discovery
- Yuan Ding, Sai Teja Pedinti, Keith W. Ross; 2014
- Your Voice Asistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone
- Wenrui Diao, Xiangyu Liu, Zhe Zhou, Kehuan Zhang; 2014.
- PIN Skimming: Exploiting the Ambient-Light Sensor in Mobile Devices
- Raphael Spreitzer; 2014.
- QR Inception: Barcode-in-Barcode Attacks
- Adrian Dabrowski, Katharina Krombholz, Johanna Ullrich, Edgar R. Weippl
- Gyrophone: Recognizing Speech from Gyroscope Signals
- Yan Michalevsky Dan Boneh, Gabi Nakibly; 2014.
GUI Based
- What the App is That? Deception and Coutermeasures in the Android User Interface
- A. Bianchi, j. Corbetta, L. Invernizzi, Y. Fratantonio, C. Kruegel, G. Vigna; 2015.
- Screenmilker: How to Milk Your Android Screen for Secrets
- Chia-Chi Lin, Hongyang Li, Xiao-yong Zhou, XiaoFeng Wang; 2014.
- Peeking into Your App without Actually Seeing it: UI State Inference and Novel Android Attacks
- Qi Alfred Chen, Zhiyun Qian, Zhuoqing Morley Mao; 2014.
System Based
- From Zygote to Morula: Fortifying Weakend ASLR on Android
- Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, Wenke Lee; 2014.
Misc
- Denial of App Attack: Inhibiting the Installation of Android Apps on Stock Phones
- Steven Arzt, Stephan Huber, Siegfried Rasthofer, Eric Bodden; 2014.
Prevention
System Security
- From Zygote to Morula: Fortifying Weakend ASLR on Android
- Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, Wenke Lee; 2014.
- ASM: A Programmable Interface for Extending Android Security
- Stephan Heuser, Adwait Nadkarni, William Enck, Ahmad-Reza Saeghi; 2014.
- AirBag: Boosting Smartphone Resistance to Malware Infection
- Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang; 2014.
App-level Security
- Cassandra: Towards a Certifying App Store for Android
- Steffen Lortz, Heiko Mantel, Artem Starostin, Timo Bahr, David Schneider, Alexandra Weber; 2014.
- Leave me Alone: App-Level Protection against Runtime information Gathering on Android
- Nan Zhang, Kan Yuan, M Naveed, Xiaoyong Zhou, Xiaofeng Wang; 2015.
- AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications.
- Mu Zhang, Heng Yin; 2014.
Detection
Static Analysis - Malware
- What the App is That? Deception and Coutermeasures in the Android User Interface
- A. Bianchi, j. Corbetta, L. Invernizzi, Y. Fratantonio, C. Kruegel, G. Vigna; 2015.
- DREBIN: Effective and explainable detection of Android Malware in Your Pocket.
- Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck; 2014.
- Information Flow Analysis of Android Applications in DroidSafe
- Michael I. Gordon, Deokhwan kim, Jeff H. Perkins, Limei Gilham, Nguyen Nguyen, Martin C. Rinard; 2015.
Static Analysis - Vulnerability
- Bramastra: Driving Apps to Test the Security of Third-Party Components
- Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, David Wetherall; 2014
Static + Dynamic Analysis - Vulnerability
- Effective Real-Time Android Application Auditing
- Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengqei Qi, Xue Liu; 2015.
- SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps.
- David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, Latifur Khan; 2014.
Static + Dynamic Analysis - Malware
- A5: Automated Analysis of Adversarial Android Applications
- Timothy Vidas, Jiaqi Tan, Jay Nahata, Chaur Lih Tan, Nicolas Christin, Patrick Tague
Dynamic Analysis - Malware
- The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations
- Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, M. Naveed, XiaoFeng Wang; 2014.
Dynamic Analysis - Vulnerability
Empirical Study
- Analysis of Secure Key Storage Solutions on Android
- Tim Cooijmans, Joeri de Ruiter, Erik Poll; 2014.
- The company you keep: mobile malware infection rates and inexpensive risk indicators
- Hien Thi Thu Truong, Eemil Lagerspetz, Petteri Nurmi, Adam J. Oliner, Sasu Tarkoma, No. Asokan, Sourav Bhattacharya; 2015.
- Inside Job; Understanding and Mitigating the Threat of External Device Mis-Binding on Android
- Muhammad Naveed, Xiao-yong Zhou, Soteris Demetriou, XiaoFeng Wang, Carl A. Gunter; 2014.
- Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.
- Martin Georgiev, Suman Jana, Vitaly Shmatikov; 2014.
- AccelPrint: Imperfections of Accelerometers Make Smartphones Trackable
- Sanorita Dey, Nirupam roy, Wenyuan Xu, Romit Roy Choudhury, Srihari Nelakuditi; 2014.
Need Categorization
- LazyTainter: Memory-Efficient Taint Tracking in Managed Runtime
- Zheng Wei, David Lie; 2014. ???
- What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources. ???
- Soteris Demetriou, Xiao-yong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, Carl A. Gunter; 2015.
- EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework ???
- Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Yan Chen; 2015.
- CopperDroid: Automatic Reconstruction of Android Malware Behaviors ???
- Kimberly Tam, Salahuddin J. Khan, Aristide Fattori, Lorenzo Cavallaro; 2015.
- DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices ???
- Xueqiang Wang, Kun Sun, Yuewu Wang, Jiwu Jing; 2015.
- A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks ???
- Siegfried Rasthofer, Steven Arzt, Eric Bodden; 2014.
- Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications ???
- Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christoper Kruegel, Giovani Vigna; 2014
- Early Detection of Spam Mobile Apps ???
- Suranga Seneviratne, Aruna Seneviratne, Mohamed Ali kaafar, Anirban Mahanti, Prasant Mohapatra; 2015.