The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Java Native Interface: Programmer's Guide and Reference
Java Native Interface: Programmer's Guide and Reference
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Dynamic Taint Propagation for Java
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
TaintTrace: Efficient Flow Tracing with Dynamic Binary Rewriting
ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
A General Dynamic Information Flow Tracking Framework for Security Applications
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
Panorama: capturing system-wide information flow for malware detection and analysis
Proceedings of the 14th ACM conference on Computer and communications security
WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation
IEEE Transactions on Software Engineering
Efficient fine-grained binary instrumentationwith applications to taint-tracking
Proceedings of the 6th annual IEEE/ACM international symposium on Code generation and optimization
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Security-by-contract on the .NET platform
Information Security Tech. Report
Privacy oracle: a system for finding application leaks with black box differential testing
Proceedings of the 15th ACM conference on Computer and communications security
Implicit Flows: Can't Live with `Em, Can't Live without `Em
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Pointless tainting?: evaluating the practicality of pointer tainting
Proceedings of the 4th ACM European conference on Computer systems
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Improving application security with data flow assertions
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
DEFCON: high-performance event processing with information security
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Using labeling to prevent cross-service attacks against smart phones
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
The VMware mobile virtualization platform: is that a hypervisor in your pocket?
ACM SIGOPS Operating Systems Review
Exploiting smart-phone USB connectivity for fun and profit
Proceedings of the 26th Annual Computer Security Applications Conference
Privilege escalation attacks on android
ISC'10 Proceedings of the 13th international conference on Information security
Ethics, logs and videotape: ethics in large scale user trials and user generated content
CHI '11 Extended Abstracts on Human Factors in Computing Systems
Informed consent and users' attitudes to logging in large scale trials
CHI '11 Extended Abstracts on Human Factors in Computing Systems
Mobile apps: it's time to move up to CondOS
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
Privacy revelations for web and mobile apps
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
kb-anonymity: a model for anonymized behaviour-preserving test and debugging data
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Vision: automated security validation of mobile apps at app markets
MCS '11 Proceedings of the second international workshop on Mobile cloud computing and services
Analyzing inter-application communication in Android
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
The effectiveness of application permissions
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
Taming information-stealing smartphone applications (on Android)
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Towards practical avoidance of information leakage in enterprise networks
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
All your droid are belong to us: a survey of current android attacks
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
Permission re-delegation: attacks and defenses
SEC'11 Proceedings of the 20th USENIX conference on Security
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
Examining storage performance on mobile devices
MobiHeld '11 Proceedings of the 3rd ACM SOSP Workshop on Networking, Systems, and Applications on Mobile Handhelds
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Crowdroid: behavior-based malware detection system for Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
L4Android: a generic operating system framework for secure smartphones
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Practical and lightweight domain isolation on Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
(sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
Identifying diverse usage behaviors of smartphone apps
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
YouProve: authenticity and fidelity in mobile sensing
Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems
Taint-exchange: a generic system for cross-process and cross-host taint tracking
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
Smartphone security limitations: conflicting traditions
Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies
Attacks on WebView in the Android system
Proceedings of the 27th Annual Computer Security Applications Conference
Automated remote repair for mobile malware
Proceedings of the 27th Annual Computer Security Applications Conference
RTRP: right time right place kernel analysis tool
Proceedings of the 2011 ACM Symposium on Research in Applied Computation
Protecting health information on mobile devices
Proceedings of the second ACM conference on Data and Application Security and Privacy
Detecting repackaged smartphone applications in third-party android marketplaces
Proceedings of the second ACM conference on Data and Application Security and Privacy
libdft: practical dynamic data flow tracking for commodity systems
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Don't kill my ads!: balancing privacy in an ad-supported mobile application market
Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
Defending users against smartphone apps: techniques and future directions
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Trusted language runtime (TLR): enabling trusted applications on smartphones
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
User controllable security and privacy for mobile mashups
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
MockDroid: trading privacy for application functionality on smartphones
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
Can deterministic replay be an enabling tool for mobile computing?
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
Sensor tricorder: what does that sensor know about me?
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
FollowMe: enhancing mobile applications with open infrastructure sensing
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
A managed security environment for enterprise iPhones
Proceedings of the 50th Annual Southeast Regional Conference
Unsafe exposure analysis of mobile in-app advertisements
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
DroidChecker: analyzing android applications for capability leak
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Minemu: the world's fastest taint tracker
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Challenges for dynamic analysis of iOS applications
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Plagiarizing smartphone applications: attack strategies and defense techniques
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
Revisiting storage for smartphones
FAST'12 Proceedings of the 10th USENIX conference on File and Storage Technologies
MaskIt: privately releasing user context streams for personalized mobile applications
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
A location-based policy-specification language for mobile devices
Pervasive and Mobile Computing
ECOS: practical mobile application offloading for enterprises
Hot-ICE'12 Proceedings of the 2nd USENIX conference on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services
Towards statistical queries over distributed private user data
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Koi: a location-privacy platform for smartphone apps
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
RGBDroid: a novel response-based approach to android privilege escalation attacks
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
A framework for static detection of privacy leaks in android applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Constroid: data-centric access control for android
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Representation-Independent data usage control
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Runtime verification meets android security
NFM'12 Proceedings of the 4th international conference on NASA Formal Methods
MOSES: supporting operation modes on smartphones
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Android permissions: a perspective combining risks and benefits
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
RiskRanker: scalable and accurate zero-day android malware detection
Proceedings of the 10th international conference on Mobile systems, applications, and services
Tapprints: your finger taps have fingerprints
Proceedings of the 10th international conference on Mobile systems, applications, and services
mTags: augmenting microkernel messages with lightweight metadata
ACM SIGOPS Operating Systems Review
Android permissions: user attention, comprehension, and behavior
Proceedings of the Eighth Symposium on Usable Privacy and Security
Towards a taint mode for cloud computing web applications
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Gibraltar: exposing hardware devices to web pages using AJAX
WebApps'12 Proceedings of the 3rd USENIX conference on Web Application Development
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
ProfileDroid: multi-layer profiling of android applications
Proceedings of the 18th annual international conference on Mobile computing and networking
Can offloading save energy for popular apps?
Proceedings of the seventh ACM international workshop on Mobility in the evolving internet architecture
User-aware privacy control via extended static-information-flow analysis
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Aurasium: practical policy enforcement for Android applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
AdSplit: separating smartphone advertising from applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Security'12 Proceedings of the 21st USENIX conference on Security symposium
STING: finding name resolution vulnerabilities in programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Verifiable control flow policies for java bytecode
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Proceedings of the 2012 ACM Conference on Ubiquitous Computing
HotSec'12 Proceedings of the 7th USENIX conference on Hot Topics in Security
Security analysis of smartphone point-of-sale systems
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
User interface toolkit mechanisms for securing interface elements
Proceedings of the 25th annual ACM symposium on User interface software and technology
DaaC: device-reserved memory as an eviction-based file cache
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
ADEL: an automatic detector of energy leaks for smartphone applications
Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
Dr. Android and Mr. Hide: fine-grained permissions in android applications
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Short paper: enhancing users' comprehension of android permissions
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Short paper: enhancing mobile application permissions with runtime feedback and constraints
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Reducing attack surfaces for intra-application communication in android
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Why eve and mallory love android: an analysis of android SSL (in)security
Proceedings of the 2012 ACM conference on Computer and communications security
PScout: analyzing the Android permission specification
Proceedings of the 2012 ACM conference on Computer and communications security
CHEX: statically vetting Android apps for component hijacking vulnerabilities
Proceedings of the 2012 ACM conference on Computer and communications security
Using probabilistic generative models for ranking risks of Android apps
Proceedings of the 2012 ACM conference on Computer and communications security
Collaborative TCP sequence number inference attack: how to crack sequence number under a second
Proceedings of the 2012 ACM conference on Computer and communications security
TreeDroid: a tree automaton based approach to enforcing data processing policies
Proceedings of the 2012 ACM conference on Computer and communications security
Detecting money-stealing apps in alternative Android markets
Proceedings of the 2012 ACM conference on Computer and communications security
Revisiting storage for smartphones
ACM Transactions on Storage (TOS)
CleanOS: limiting mobile data exposure with idle eviction
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
COMET: code offload by migrating execution transparently
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
AppInsight: mobile app performance monitoring in the wild
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Efficient patch-based auditing for web application vulnerabilities
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Proceedings of the Third International Workshop on Sensing Applications on Mobile Phones
Retargeting Android applications to Java bytecode
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
Automated concolic testing of smartphone apps
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
ECOS: leveraging software-defined networks to support mobile application offloading
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
Breaking for commercials: characterizing mobile advertising
Proceedings of the 2012 ACM conference on Internet measurement conference
Exposing security risks for commercial mobile devices
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Follow you follow me: using location tracking to mitigate multi-device privacy threats
Proceedings of the Workshop on Multi-device App Middleware
Meddle: middleboxes for increased transparency and control of mobile traffic
Proceedings of the 2012 ACM conference on CoNEXT student workshop
Analysis of the communication between colluding applications on modern smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
Enabling private conversations on Twitter
Proceedings of the 28th Annual Computer Security Applications Conference
What you see predicts what you get—lightweight agent-based malware detection
Security and Communication Networks
A conundrum of permissions: installing applications on an android smartphone
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
Permission-based abnormal application detection for android
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Towards fully automatic placement of security sanitizers and declassifiers
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Fast, scalable detection of "Piggybacked" mobile applications
Proceedings of the third ACM conference on Data and application security and privacy
Sweetening android lemon markets: measuring and combating malware in application marketplaces
Proceedings of the third ACM conference on Data and application security and privacy
AppsPlayground: automatic security analysis of smartphone applications
Proceedings of the third ACM conference on Data and application security and privacy
Proceedings of the third ACM conference on Data and application security and privacy
Detecting control flow in smarphones: combining static and dynamic analyses
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Handset-Based Data Collection Process and Participant Attitudes
International Journal of Handheld Computing Research
A framework for context-aware privacy of sensor data on mobile systems
Proceedings of the 14th Workshop on Mobile Computing Systems and Applications
Information Security Tech. Report
A proposal for the privacy leakage verification tool for Android application developers
Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
Towards unified authorization for android
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Architecture-Independent dynamic information flow tracking
CC'13 Proceedings of the 22nd international conference on Compiler Construction
Verifying security invariants in ExpressOS
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Towards an understanding of the impact of advertising on data leaks
International Journal of Security and Networks
MAST: triage for market-scale mobile malware analysis
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
An information flow control meta-model
Proceedings of the 18th ACM symposium on Access control models and technologies
SmartAds: bringing contextual ads to mobile apps
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
ScreenPass: secure password entry on touchscreen devices
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
SocioPhone: everyday face-to-face interaction monitoring platform using multi-phone sensor fusion
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Privacy as part of the app decision-making process
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Fine-grained disclosure control for app ecosystems
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Mobile-sandbox: having a deeper look into android applications
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Slicing droids: program slicing for smali code
Proceedings of the 28th Annual ACM Symposium on Applied Computing
ADAM: an automatic and extensible platform to stress test android anti-virus systems
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
MeadDroid: detecting monetary theft attacks in android by DVM monitoring
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Android provenance: diagnosing device disorders
TaPP'13 Proceedings of the 5th USENIX conference on Theory and Practice of Provenance
πBox: a platform for privacy-preserving apps
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
P3: toward privacy-preserving photo sharing
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Android provenance: diagnosing device disorders
Proceedings of the 5th USENIX Workshop on the Theory and Practice of Provenance
PSiOS: bring your own privacy & security to iOS devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
On the effectiveness of API-level access control using bytecode rewriting in Android
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Real-time detection and prevention of android SMS permission abuses
Proceedings of the first international workshop on Security in embedded systems and smartphones
Proceedings of the 22nd international conference on World Wide Web companion
Practical information flow for legacy web applications
Proceedings of the 8th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems
Dynodroid: an input generation system for Android apps
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Know your enemy: the risk of unauthorized access in smartphones by insiders
Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Communications of the ACM
Proceedings of the 4th Asia-Pacific Workshop on Systems
Optimizing unit test execution in large software programs using dependency analysis
Proceedings of the 4th Asia-Pacific Workshop on Systems
Proceedings of the Ninth Symposium on Usable Privacy and Security
"Little brothers watching you": raising awareness of data leaks on smartphones
Proceedings of the Ninth Symposium on Usable Privacy and Security
Rise of the planet of the apps: a systematic study of the mobile app ecosystem
Proceedings of the 2013 conference on Internet measurement conference
ACM SIGMOBILE Mobile Computing and Communications Review
A secure play store for android
Proceedings of the 2013 companion publication for conference on Systems, programming, & applications: software for humanity
Targeted and depth-first exploration for systematic testing of android apps
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
A taint marking approach to confidentiality violation detection
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
POSTER: Preserving privacy and accountability for personal devices
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
POSTER: A new framework against privilege escalation attacks on android
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Appinspect: large-scale evaluation of social networking apps
Proceedings of the first ACM conference on Online social networks
Identity, location, disease and more: inferring your secrets from android public resources
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
AppIntent: analyzing sensitive data transmission in android for privacy leakage detection
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Preventing accidental data disclosure in modern operating systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Vetting undesirable behaviors in android apps with permission use analysis
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
An empirical study of cryptographic misuse in android applications
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
ShadowReplica: efficient parallelization of dynamic data flow tracking
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Unauthorized origin crossing on mobile platforms: threats and mitigation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
The impact of vendor customizations on android security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Easily instrumenting android applications for security purposes
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Sound and precise malware analysis for android via pushdown reachability and entry-point saturation
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
ShadowVM: robust and comprehensive dynamic program analysis for the java platform
Proceedings of the 12th international conference on Generative programming: concepts & experiences
Structural detection of android malware using embedded call graphs
Proceedings of the 2013 ACM workshop on Artificial intelligence and security
Challenges of keyword-based location disclosure
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
AndroSimilar: robust statistical feature signature for Android malware detection
Proceedings of the 6th International Conference on Security of Information and Networks
AFrame: isolating advertisements from mobile applications in Android
Proceedings of the 29th Annual Computer Security Applications Conference
SilverLine: preventing data leaks from compromised web applications
Proceedings of the 29th Annual Computer Security Applications Conference
FireDroid: hardening security in almost-stock Android
Proceedings of the 29th Annual Computer Security Applications Conference
Launching generic attacks on iOS with approved third-party applications
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Enabling modularity and re-use in dynamic program analysis tools for the java virtual machine
ECOOP'13 Proceedings of the 27th European conference on Object-Oriented Programming
Sleuth: automated verification of software power analysis countermeasures
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Automatic mediation of privacy-sensitive resource access in smartphone applications
SEC'13 Proceedings of the 22nd USENIX conference on Security
SEC'13 Proceedings of the 22nd USENIX conference on Security
Enabling fine-grained permissions for augmented reality applications with recognizers
SEC'13 Proceedings of the 22nd USENIX conference on Security
WHYPER: towards automating risk assessment of mobile applications
SEC'13 Proceedings of the 22nd USENIX conference on Security
SEC'13 Proceedings of the 22nd USENIX conference on Security
Jekyll on iOS: when benign apps become evil
SEC'13 Proceedings of the 22nd USENIX conference on Security
Give in to procrastination and stop prefetching
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Using ARM trustzone to build a trusted language runtime for mobile applications
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
ACM SIGMOBILE Mobile Computing and Communications Review
An operational semantics for android activities
Proceedings of the ACM SIGPLAN 2014 Workshop on Partial Evaluation and Program Manipulation
Static Reference Analysis for GUI Objects in Android Software
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Information flow tracking meets just-in-time compilation
ACM Transactions on Architecture and Code Optimization (TACO)
WHISK: an uncore architecture for dynamic information flow tracking in heterogeneous embedded SoCs
Proceedings of the Ninth IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis
Panappticon: event-based tracing to measure mobile application and platform performance
Proceedings of the Ninth IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis
RiskMon: continuous and automated risk assessment of mobile applications
Proceedings of the 4th ACM conference on Data and application security and privacy
Systematic audit of third-party android phones
Proceedings of the 4th ACM conference on Data and application security and privacy
DIVILAR: diversifying intermediate language for anti-repackaging on android platform
Proceedings of the 4th ACM conference on Data and application security and privacy
Compac: enforce component-level access control in android
Proceedings of the 4th ACM conference on Data and application security and privacy
DroidBarrier: know what is executing on your android
Proceedings of the 4th ACM conference on Data and application security and privacy
Load time code validation for mobile phone Java Cards
Journal of Information Security and Applications
Information leakage through mobile analytics services
Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
Detecting mobile malware threats to homeland security through static analysis
Journal of Network and Computer Applications
Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help?
Proceedings of the 23rd international conference on World wide web
Quantifying and Classifying Covert Communications on Android
Mobile Networks and Applications
A taxonomy of privilege escalation attacks in Android applications
International Journal of Security and Networks
Unified security enhancement framework for the Android operating system
The Journal of Supercomputing
On the energy overhead of mobile storage systems
FAST'14 Proceedings of the 12th USENIX conference on File and Storage Technologies
Automatic detection of inter-application permission leaks in Android applications
IBM Journal of Research and Development
DECAF: detecting and characterizing ad fraud in mobile apps
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
ipShield: a framework for enforcing context-aware privacy
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.02 |
Today's smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Android's virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users' private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.