, A methodology for empirical analysis of permission-based security models and its application to android, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.73-84, 2010.
DOI : 10.1145/1866307.1866317
, Asm 3.0, a java bytecode engineering library, 2007.
, Xmandroid: A new android evolution to mitigate privilege escalation attacks, 2011.
, Role-Based access control consistency validation, Proceedings of the 2006 international symposium on Software testing and analysis , ISSTA'06, pp.121-132
DOI : 10.1145/1146238.1146253
, CRePE: Context-Related Policy Enforcement for Android, Proceedings of the 13th International Conference on Information security, 2011.
DOI : 10.1007/978-3-642-18178-8_29
, Privilege Escalation Attacks on Android, Proceedings of the 13th International Conference on Information Security, 2011.
DOI : 10.1007/978-3-642-18178-8_30
, Quire: Lightweight provenance for smart phone operating systems, 20th USENIX Security Symposium, 2011.
, On lightweight mobile phone application certification, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.235-245, 2009.
DOI : 10.1145/1653662.1653691
, Understanding Android Security, IEEE Security & Privacy Magazine, vol.7, issue.1, 2009.
DOI : 10.1109/MSP.2009.26
, The effectiveness of application permissions, Proceedings of the 2nd USENIX conference on Web application development, pp.7-7, 2011.
, Permission re-delegation: Attacks and defenses, Proceedings of the 20th USENIX Security Symposium, 2011.
, Gartner says sales of mobile devices grew 5.6 percent in third quarter of 2011; smartphone sales increased 42 percent, 2012.
, Modular string-sensitive permission analysis with demand-driven precision, 2009 IEEE 31st International Conference on Software Engineering, pp.177-187, 2009.
DOI : 10.1109/ICSE.2009.5070519
, Androidleaks detecting privacy leaks in android applications [16] Google. The android developer's guide, last-accessed, pp.2011-2020, 2011.
, Zeus banking trojan variant attacks android smartphones. CRN, 2011.
, Access rights analysis for Java, ACM SIGPLAN Notices, vol.37, issue.11, pp.359-372, 2002.
DOI : 10.1145/583854.582452
, Scaling Java Points-to Analysis Using Spark, 12th International Conference on Compiler Construction, 2003.
DOI : 10.1007/3-540-36579-6_12
, An Attack Surface Metric, IEEE Transactions on Software Engineering, vol.37, issue.3, pp.371-386, 2011.
DOI : 10.1109/TSE.2010.60
, Application collusion attack on the permission-based security model and its implications for modern smartphone systems, 2011.
, Apex, Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, 2010.
DOI : 10.1145/1755688.1755732
, Semantically rich application-centric security in android, Journal of Security and Communication Networks, 2011.
, When Role Models Have Flaws: Static Validation of Enterprise Security Policies, 29th International Conference on Software Engineering (ICSE'07), 2007.
DOI : 10.1109/ICSE.2007.98
, Interprocedural Analysis for Privileged Code Placement and Tainted Variable Detection, ECOOP, 2005.
DOI : 10.1007/11531142_16
, User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems, 2012 IEEE Symposium on Security and Privacy, 2011.
DOI : 10.1109/SP.2012.24
, The protection of information in computer systems, Proceedings of the IEEE, 1975.
DOI : 10.1109/PROC.1975.9939
, Google android: A state-of-the-art review of security mechanisms, 2009.
, Soot -a java optimization framework, Proceedings of CASCON 1999, pp.125-135, 1999.