Presentation | 2011/5/5 Threat of Script abuse Android Permissions and Static Analysis Hideaki Kawabata, Takamasa Isohara, Keisuke Takemori, Ayumu Kubota, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | The access permission framework is designed in the Android OS in order to develop useful applications. When the user confirms the access permissions, the application can access confirmed information and/or functions. In addition, the webkit in the Android OS provides a web rendering engine to the application. The Android application using the webkit can execute web applications, e.g., HTML, CSS, JavaScript. When the application using webkit receives and executes the JavaScript, the access permissions are delegated to the JavaScript that can access functions and/or information in the Android phone. Then, threats of the JavaScript should be evaluated. In this paper, we proposed code analysis technique that extracts potential threats from the web rendering application. The information leakage and/or misuse functions are detected, when malicious methods for the JavaScript are described in the Android application. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | |
Paper # | Vol. 2011-CSEC-53 No.3,Vol. 2011-IOT-13 No.3 |
Date of Issue |
Conference Information | |
Committee | ICM |
---|---|
Conference Date | 2011/5/5(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information and Communication Management(ICM) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Threat of Script abuse Android Permissions and Static Analysis |
Sub Title (in English) | |
Keyword(1) | |
1st Author's Name | Hideaki Kawabata |
1st Author's Affiliation | KDDI R&D Laboratories Inc. Network Security Laboratory() |
2nd Author's Name | Takamasa Isohara |
2nd Author's Affiliation | KDDI R&D Laboratories Inc. Network Security Laboratory |
3rd Author's Name | Keisuke Takemori |
3rd Author's Affiliation | KDDI R&D Laboratories Inc. Network Security Laboratory |
4th Author's Name | Ayumu Kubota |
4th Author's Affiliation | KDDI R&D Laboratories Inc. Network Security Laboratory |
Date | 2011/5/5 |
Paper # | Vol. 2011-CSEC-53 No.3,Vol. 2011-IOT-13 No.3 |
Volume (vol) | vol.111 |
Number (no) | 30 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |