DC Field | Value | Language |
---|---|---|
dc.contributor.author | CHO, BEUMJIN | - |
dc.contributor.author | LEE, SANGHO | - |
dc.contributor.author | XU, MENG | - |
dc.contributor.author | JI, SANGWOO | - |
dc.contributor.author | KIM, TAESOO | - |
dc.contributor.author | KIM, JONG | - |
dc.date.accessioned | 2018-05-03T09:36:18Z | - |
dc.date.available | 2018-05-03T09:36:18Z | - |
dc.date.created | 2018-02-21 | - |
dc.date.issued | 2018-01 | - |
dc.identifier.issn | 1820-0214 | - |
dc.identifier.uri | https://oasis.postech.ac.kr/handle/2014.oak/41010 | - |
dc.description.abstract | Updating applications is an important mechanism to enhance their availability, functionality, and security. However, without careful considerations, application updates can bring other security problems. In this paper, we consider a novel attack that exploits application updates on Android: a cross-update privacy-leak attack called COUPLE. The COUPLE attack allows an application to secretly leak sensitive data through the cross-update interaction between its old and new versions; each version only has permissions and logic for either data collection or transmission to evade detection. We implement a runtime security system, BREAKUP, that prevents cross-update sensitive data transactions by tracking permission-use histories of individual applications. Evaluation results show that BREAKUP’s time overhead is below 5%. We further show the feasibility of the COUPLE attack by analyzing the versions of 2,009 applications (28,682 APKs). © 2018, ComSIS Consortium. All rights reserved. | - |
dc.language | English | - |
dc.publisher | ComSIS Consortium | - |
dc.relation.isPartOf | Computer Science and Information Systems | - |
dc.title | Prevention of Cross-update Privacy Leaks on Android | - |
dc.type | Article | - |
dc.identifier.doi | 10.2298/CSIS170728047C | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | Computer Science and Information Systems, v.15, no.1, pp.111 - 137 | - |
dc.identifier.wosid | 000427010600006 | - |
dc.citation.endPage | 137 | - |
dc.citation.number | 1 | - |
dc.citation.startPage | 111 | - |
dc.citation.title | Computer Science and Information Systems | - |
dc.citation.volume | 15 | - |
dc.contributor.affiliatedAuthor | CHO, BEUMJIN | - |
dc.contributor.affiliatedAuthor | JI, SANGWOO | - |
dc.contributor.affiliatedAuthor | KIM, JONG | - |
dc.identifier.scopusid | 2-s2.0-85041620387 | - |
dc.description.journalClass | 1 | - |
dc.description.journalClass | 1 | - |
dc.description.isOpenAccess | Y | - |
dc.type.docType | ARTICLE | - |
dc.subject.keywordAuthor | Android | - |
dc.subject.keywordAuthor | Privacy | - |
dc.subject.keywordAuthor | Information flow | - |
dc.subject.keywordAuthor | Permission | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Software Engineering | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
library@postech.ac.kr Tel: 054-279-2548
Copyrights © by 2017 Pohang University of Science ad Technology All right reserved.