[2]
L. Davi, A. Dmitrienko, A. R. Sadeghi, and M. Winandy, Privilege escalation attacks on android, in Proc. 13th Int. Conf. Information Security, Boca Raton, FL, USA, 2010, pp. 346-360.
[3]
E. Chin, A. P. Felt, K. Greenwood, and D. Wagner, Analyzing inter-application communication in android, in Proc. 9th Int. Conf. Mobile Systems, Applications, and Services, Bethesda, MD, USA, 2011, pp. 239-252.
[4]
A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin, Permission re-delegation: Attacks and defenses, in Proc. 20th USENIX Conf. Security, San Francisco, CA, USA, 2011, pp. 19-31.
[5]
Y. J. Zhou and X. X. Jiang, Detecting passive content leaks and pollution in android applications, in Proc. 20th Network and Distributed System Security Symp., San Diego, CA, USA, 2013, pp. 434-443.
[6]
L. Lu, Z. C. Li, Z. Y. Wu, W. Lee, and G. F. Jiang, CHEX: Statically vetting android apps for component hijacking vulnerabilities, in Proc. 2012 ACM Conf. Computer and Communications Security, Raleigh, NC, USA, 2012, pp. 229-240.
[7]
Z. R. Fang, W. L. Han, D. Li, Z. Q. Guo, D. H. Guo, X. S. Wang, Z. Y. Qian, and H. Chen, revDroid: Code analysis of the side effects after dynamic permission revocation of android apps, in Proc. 11th ACM on Asia Conf. Computer and Communications Security, Xi’an, China, 2016, pp.747-758.
[8]
Y. J. Hu and I. Neamtiu, Static detection of event-based races in android apps, in Proc. 23rd Int. Conf. Architectural Support for Programming Languages and Operating Systems, Williamsburg, VA, USA, 2018, pp. 257-270.
[9]
W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, A study of android application security, in Proc. 20th USENIX Conf. Security, San Francisco, CA, USA, 2011, pp. 64-80.
[10]
K. Fan, H. Li, W. Jiang, C. S. Xiao, and Y. T. Yang, Secure authentication protocol for mobile payment. Tsinghua Sci. Technol., vol. 23, no. 5, pp. 610-620, 2018.
[11]
S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bodden, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel, FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps, in Proc. 35th ACM SIGPLAN Conf. Programming Language Design and Implementation, vol. 49, no. 6, pp. 259-269, 2014.
[12]
C. Fritz, S. Arzt, S. Rasthofer, E. Bodden, A. Bartel, J. Klein, Y. le Traon, D. Octeau, and P. McDaniel, Highly precise taint analysis for Android applications, Tech. Rep. Nr. TUD-CS-2013-0113, Technische Universitat Darmstadt, Darmstadt, Germany, 2013.
[13]
R. Vallée-Rai, E. Gagnon, L. Hendren, P. Lam, P. Pominville, and V. Sundaresan, Optimizing Java bytecode using the Soot framework: Is it feasible? in Proc. 9th Int. Conf. Compiler Construction, Berlin, Germany, 2000, pp. 18-34.
[14]
M. Sagiv, T. Reps, and S. Horwitz, Precise interprocedural dataflow analysis with applications to constant propagation, Theor. Comput. Sci., vol. 167, nos. 1&2, pp. 131-170, 1996.
[15]
T. Reps, S. Horwitz, and M. Sagiv, Precise interprocedural dataflow analysis via graph reachability, in Proc. 22nd ACM SIGPLAN-SIGACT Symp. Principles of Programming Languages, San Francisco, CA, USA, 1995, pp. 49-61.
[16]
D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. Le Traon, Effective inter-component communication mapping in Android with Epicc: An essential step towards holistic security analysis, in Proc. 22nd USENIX Conf. Security, Washington, DC, USA, 2013, pp. 543-558.
[17]
M. C. Grace, W. Zhou, X. X. Jiang, and A. R. Sadeghi, Unsafe exposure analysis of mobile in-app advertisements, in Proc. 5th ACM Conf. Security and Privacy in Wireless and Mobile Networks, Tucson, AZ, USA, 2012, pp. 101-112.
[18]
F. G. Wei, S. Roy, X. M. Ou, and Robby, Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps, in Proc. 2014 ACM SIGSAC Conf. Computer and Communications Security, Scottsdale, AZ, USA, 2014, pp. 1329-1341.
[19]
W. Enck, P. Gilbert, S. Han, V. Tendulkar, B. G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones, ACM Trans. Comput. Syst., vol. 32, no. 2, p. 5, 2014.
[20]
P. Gilbert, B. G. Chun, L. P. Cox, and J. Jung, Vision: Automated security validation of mobile apps at app markets, in Proc. 2nd Int. Workshop on Mobile Cloud Computing and Services, Bethesda, MD, USA, 2011, pp. 21-26.
[21]
C. Zheng, S. X. Zhu, S. F. Dai, G. F. Gu, X. R. Gong, X. H. Han, and W. Zou, SmartDroid: An automatic system for revealing UI-based trigger conditions in android applications, in Proc. 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Raleigh, NC, USA, 2012, pp.93-104.
[22]
W. Klieber, L. Flynn, A. Bhosale, L. M. Jia, and L. Bauer, Android taint flow analysis for app sets, in Proc. 3rd ACM SIGPLAN Int. Workshop on the State of the Art in Java Program Analysis, Edinburgh, UK, 2014, pp. 1-6.
[23]
L. Wu, M. Grace, Y. J. Zhou, C. Wu, and X. X. Jiang, The impact of vendor customizations on android security, in Proc. 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin, Germany, 2013, pp. 623-634.
[24]
M. Zhang and H. Yin, AppSealer: Automatic generation of vulnerability-specific patches for preventing component hijacking attacks in android applications, in Proc. 21st Annu. Network and Distributed System Security Symp., San Diego, CA, USA, 2014, pp. 1-15.
[25]
H. Bagheri, A. Sadeghi, R. Jabbarvand, and S. Malek, Automated dynamic enforcement of synthesized security policies in Android, Tech. Rep. GMU-CS-TR-2015-5, George Mason University, Fairfax, VA, USA, 2015.
[26]
K. O. Elish, D. D. Yao, and B. G. Ryder, On the need of precise inter-app ICC classification for detecting android malware collusions, in Proc. IEEE Mobile Security Technologies, San Jose, CA, USA, 2015.
[27]
H. Bagheri, A. Sadeghi, J. Garcia, and S. Malek, COVERT: Compositional analysis of Android inter-app vulnerabilities, Tech. Rep. GMU-CS-TR-2015-1, George Mason University, Fairfax, VA, USA, 2015.
[28]
F. Nielson, H. R. Nielson, and C. Hankin, Principles of Program Analysis. Springer, 2015.