|
Journal of Computer Science and Technology ›› 2019, Vol. 34 ›› Issue (4): 901-923.doi: 10.1007/s11390-019-1949-1
Special Issue: Computer Architecture and Systems
• Regular Paper • Previous Articles Next Articles
Zi-Peng Zhang1, Ming Fu2, Xin-Yu Feng3,*, Member, CCF, ACM
[1] Arzt S, Rasthofer S, Fritz C, Bodden E, Bartel A, Klein J, le Traon Y, Octeau D, McDaniel P. FlowDroid:Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In Proc. the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, June 2014, pp.259-269. [2] Enck W, Gilbert P, Chun B G, Cox L P, Jung J, McDaniel P, Sheth A N. TaintDroid:An information-flow tracking system for realtime privacy monitoring on smartphones. In Proc. the 9th USENIX Conference on Operating Systems Design and Implementation, October 2010, pp.393-407. [3] Gibler C, Crussell J, Erickson J, Chen H. AndroidLeaks:Automatically detecting potential privacy leaks in Android applications on a large scale. In Proc. the 5th International Conference on Trust and Trustworthy Computing, June 2012, pp.291-307. [4] Sakamoto S, Okuda K, Nakatsuka R, Yamauchi T. DroidTrack:Tracking information diffusion and preventing information leakage on Android. In Proc. the 2013 Multimedia and Ubiquitous Engineering, May 2013, pp.243-251. [5] Sun M, Wei T, Lui J C S. TaintART:A practical multilevel information-flow tracking system for Android runtime. In Proc. the 2016 ACM SIGSAC Conference on Computer and Communications Security, October 2016, pp.331-342. [6] Xia M, Gong L, Lyu Y, Qi Z, Liu X. Effective real-time Android application auditing. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.899-914. [7] Yang Z, Yang M, Zhang Y, Gu G, Ning P, Wang X S. AppIntent:Analyzing sensitive data transmission in Android for privacy leakage detection. In Proc. the 2013 ACM SIGSAC Conference on Computer and Communications Security, November 2013, pp.1043-1054. [8] Zhao Z, Colon O F C. "TrustDroidTM":Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking. In Proc. the 7th International Conference on Malicious and Unwanted Software, October 2012, pp.135-143. [9] Octeau D, McDaniel P, Jha S, Bartel A, Bodden E, Klein J, le Traon Y. Effective inter-component communication mapping in Android with Epicc:An essential step towards holistic security analysis. In Proc. the 22nd USENIX Conference on Security, August 2013, pp.543-558. [10] Volpano D M, Smith G. Probabilistic noninterference in a concurrent language. In Proc. the 11th IEEE Computer Security Foundations Workshop, June 1998, pp.34-43. [11] Smith G, Volpano D M. Secure information flow in a multi-threaded imperative language. In Proc. the 25th ACMSIGPLAN-SIGACT Symposium on Principles of Programming Languages, January 1998, pp.355-364. [12] Sabelfeld A, Sands D. Probabilistic noninterference for multi-threaded programs. In Proc. the 13th IEEE Computer Security Foundations Workshop, July 2000, pp.200-214. [13] Zdancewic S, Myers A C. Observational determinism for concurrent program security. In Proc. the 16th IEEE Computer Security Foundations Workshop, June 2003, pp.29-43. [14] Mantel H, Sudbrock H. Flexible scheduler-independent security. In Proc. the 15th European Symposium on Research in Computer Security, September 2010, pp.116-133. [15] Mantel H, Sands D, Sudbrock H. Assumptions and guarantees for compositional noninterference. In Proc. the 24th IEEE Computer Security Foundations Symposium, June 2011, pp.218-232. [16] Goguen J A, Meseguer J. Security policies and security models. In Proc. the 1982 IEEE Symposium on Security and Privacy, April 1982, pp.11-20. [17] Goguen J A, Meseguer J. Unwinding and inference control. In Proc. the 1984 IEEE Symposium on Security and Privacy, April 1984, pp.75-87. [18] Liang H, Feng X, Fu M. A rely-guarantee-based simulation for verifying concurrent program transformations. In Proc. the 39th ACMSIGPLAN-SIGACT Symposium on Principles of Programming Languages, January 2012, pp.455-468. [19] Liang H, Feng X. Modular verification of linearizability with non-fixed linearization points. In Proc. the 2013 ACM SIGPLAN Conference on Programming Language Design and Implementation, June 2013, pp.459-470. [20] Zhang Z, Feng X. AndroidLeaker:A hybrid checker for collusive leak in Android applications. In Proc. the 3rd International Symposium on Dependable Software Engineering Theories, Tools, and Applications, October 2017, pp.164-180. [21] Xiao X, Tillmann N, Fähndrich M, de Halleux J, Moskal M. User-aware privacy control via extended static-informationflow analysis. In Proc. the 2012 IEEE/ACM International Conference on Automated Software Engineering, September 2012, pp.80-89. [22] Mann C, Starostin A. A framework for static detection of privacy leaks in Android applications. In Proc. the 27th Annual ACM Symposium on Applied Computing, March 2012, pp.1457-1462. [23] Kim J, Yoon Y, Yi K, Shin J. ScanDal:Static analyzer for detecting privacy leaks in Android applications. In Proc. the 2012 Mobile Security Technologies, May 2012. [24] Lu L, Li Z, Wu Z, Lee W, Jiang G. CHEX:Statically vetting Android apps for component hijacking vulnerabilities. In Proc. the 2012 ACM Conference on Computer and Communications Security, October 2012, pp.229-240. [25] Xu R, Saïdi H, Anderson R. Aurasium:Practical policy enforcement for Android applications. In Proc. the 21st USENIX Conference on Security Symposium, August 2012, pp.539-552. [26] Yang Z, Yang M. LeakMiner:Detect information leakage on Android with static taint analysis. In Proc. the 3rd World Congress on Software Engineering, November 2012, pp.101-104. [27] Chin E, Felt A P, Greenwood K, Wagner D. Analyzing inter-application communication in Android. In Proc. the 9th International Conference on Mobile Systems, Applications, and Services, June 2011, pp. 239-252. [28] Nadkarni A, Enck W. Preventing accidental data disclosure in modern operating systems. In Proc. the 2013 ACM Conference on Computer and Communications Security, November 2013, pp.1029-1042. [29] Felt A P, Wang H J, Moshchuk A, Hanna S, Chin E. Permission re-delegation:Attacks and defenses. In Proc. the 20th USENIX Conference on Security, August 2011, Article No. 22. [30] Chaudhuri A. Language-based security on Android. In Proc. the 2009 Workshop on Programming Languages and Analysis for Security, June 2009, pp.1-7. [31] Russo A, Sabelfeld A. Securing interaction between threads and the scheduler. In Proc. the 19th IEEE Computer Security Foundations Workshop, July 2006, pp.177-189. [32] Russo A, Sabelfeld A. Securing interaction between threads and the scheduler in the presence of synchronization. The Journal of Logic and Algebraic Programming, 2009, 78(7):593-618. [33] Askarov A, Chong S, Mantel H. Hybrid monitors for concurrent noninterference. In Proc. the 28th IEEE Computer Security Foundations Symposium, July 2015, pp.137-151. [34] Russo A, Sabelfeld A. Security for multithreaded programs under cooperative scheduling. In Proc. the 6th International Andrei Ershov Memorial Conference on Perspectives of Systems Informatics, June 2006, pp.474-480. [35] Costanzo D, Shao Z, Gu R. End-to-end verification of information-flow security for C and assembly programs. In Proc. the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, June 2016, pp.648-664. |
[1] | Jun Ma (马骏), Qing-Wei Sun (孙清伟), Chang Xu (许畅), and Xian-Ping Tao (陶先平). GridDroid---An Effective and Efficient Approach for Android Repackaging Detection Based on Runtime Graphical User Interface [J]. Journal of Computer Science and Technology, 2022, 37(1): 147-181. |
[2] | Zhi Ma, Lei Qiao, Meng-Fei Yang, Shao-Feng Li, Jin-Kun Zhang. Verification of Real Time Operating System Exception Management Based on SPARCv8 [J]. Journal of Computer Science and Technology, 2021, 36(6): 1367-1387. |
[3] | Jingwen Xu, Yanhong Huang, Jianqi Shi, Shengchao Qin. A Multi-Agent Spatial Logic for Scenario-Based Decision Modeling and Verification in Platoon Systems [J]. Journal of Computer Science and Technology, 2021, 36(6): 1231-1247. |
[4] | Zhao-Hui Li, Xin-Yu Feng. Verifying Contextual Refinement with Ownership Transfer [J]. Journal of Computer Science and Technology, 2021, 36(6): 1342-1366. |
[5] | Jun-Peng Zha, Xin-Yu Feng, Lei Qiao. Modular Verification of SPARCv8 Code [J]. Journal of Computer Science and Technology, 2020, 35(6): 1382-1405. |
[6] | Jia-Qi Yin, Hui-Biao Zhu, Yuan Fei. Specification and Verification of the Zab Protocol with TLA+ [J]. Journal of Computer Science and Technology, 2020, 35(6): 1312-1323. |
[7] | Qian-Qian Lin, Shu-Ling Wang, Bo-Hua Zhan, Bin Gu. Modelling and Verification of Real-Time Publish and Subscribe Protocol Using UPPAAL and Simulink/Stateflow [J]. Journal of Computer Science and Technology, 2020, 35(6): 1324-1342. |
[8] | Hui-Na Chao, Hua-Wei Li, Xiaoyu Song, Tian-Cheng Wang, Xiao-Wei Li. Evaluating and Constraining Hardware Assertions with Absent Scenarios [J]. Journal of Computer Science and Technology, 2020, 35(5): 1198-1216. |
[9] | Gökçer Peynirci, Mete Eminaǧaoǧlu, Korhan Karabulut. Feature Selection for Malware Detection on the Android Platform Based on Differences of IDF Values [J]. Journal of Computer Science and Technology, 2020, 35(4): 946-962. |
[10] | Chong Wang, Nasro Min-Allah, Bei Guan, Yu-Qi Lin, Jing-Zheng Wu, Yong-Ji Wang. An Efficient Approach for Mitigating Covert Storage Channel Attacks in Virtual Machines by the Anti-Detection Criterion [J]. Journal of Computer Science and Technology, 2019, 34(6): 1351-1365. |
[11] | Lei Cui, Youyang Qu, Mohammad Reza Nosouhi, Shui Yu, Jian-Wei Niu, Gang Xie. Improving Data Utility Through Game Theory in Personalized Differential Privacy [J]. Journal of Computer Science and Technology, 2019, 34(2): 272-286. |
[12] | Li Li, Tegawendé F. Bissyandé, Hao-Yu Wang, Jacques Klein. On Identifying and Explaining Similarities in Android Apps [J]. Journal of Computer Science and Technology, 2019, 34(2): 437-455. |
[13] | Yifan Wu, Fan Yang, Yong Xu, Haibin Ling. Privacy-Protective-GAN for Privacy Preserving Face De-Identification [J]. Journal of Computer Science and Technology, 2019, 34(1): 47-60. |
[14] | Seilendria A. Hadiwardoyo, Subhadeep Patra, Carlos T. Calafate, Juan-Carlos Cano, Pietro Manzoni. An Intelligent Transportation System Application for Smartphones Based on Vehicle Position Advertising and Route Sharing in Vehicular Ad-Hoc Networks [J]. , 2018, 33(2): 249-262. |
[15] | Yu-Tao Liu, Dong Du, Yu-Bin Xia, Hai-Bo Chen, Bin-Yu Zang, Zhenkai Liang. SplitPass: A Mutually Distrusting Two-Party Password Manager [J]. , 2018, 33(1): 98-115. |
|
|