A methodology for empirical analysis of permission-based security models and its application to android, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.73-84, 2010. ,
DOI : 10.1145/1866307.1866317
Asm 3.0, a java bytecode engineering library, 2007. ,
Xmandroid: A new android evolution to mitigate privilege escalation attacks, 2011. ,
Role-Based access control consistency validation, Proceedings of the 2006 international symposium on Software testing and analysis , ISSTA'06, pp.121-132 ,
DOI : 10.1145/1146238.1146253
CRePE: Context-Related Policy Enforcement for Android, Proceedings of the 13th International Conference on Information security, 2011. ,
DOI : 10.1007/978-3-642-18178-8_29
Privilege Escalation Attacks on Android, Proceedings of the 13th International Conference on Information Security, 2011. ,
DOI : 10.1007/978-3-642-18178-8_30
Quire: Lightweight provenance for smart phone operating systems, 20th USENIX Security Symposium, 2011. ,
On lightweight mobile phone application certification, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.235-245, 2009. ,
DOI : 10.1145/1653662.1653691
Understanding Android Security, IEEE Security & Privacy Magazine, vol.7, issue.1, 2009. ,
DOI : 10.1109/MSP.2009.26
The effectiveness of application permissions, Proceedings of the 2nd USENIX conference on Web application development, pp.7-7, 2011. ,
Permission re-delegation: Attacks and defenses, Proceedings of the 20th USENIX Security Symposium, 2011. ,
Gartner says sales of mobile devices grew 5.6 percent in third quarter of 2011; smartphone sales increased 42 percent, 2012. ,
Modular string-sensitive permission analysis with demand-driven precision, 2009 IEEE 31st International Conference on Software Engineering, pp.177-187, 2009. ,
DOI : 10.1109/ICSE.2009.5070519
Androidleaks detecting privacy leaks in android applications [16] Google. The android developer's guide, last-accessed, pp.2011-2020, 2011. ,
Zeus banking trojan variant attacks android smartphones. CRN, 2011. ,
Access rights analysis for Java, ACM SIGPLAN Notices, vol.37, issue.11, pp.359-372, 2002. ,
DOI : 10.1145/583854.582452
Scaling Java Points-to Analysis Using Spark, 12th International Conference on Compiler Construction, 2003. ,
DOI : 10.1007/3-540-36579-6_12
An Attack Surface Metric, IEEE Transactions on Software Engineering, vol.37, issue.3, pp.371-386, 2011. ,
DOI : 10.1109/TSE.2010.60
Application collusion attack on the permission-based security model and its implications for modern smartphone systems, 2011. ,
Apex, Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, 2010. ,
DOI : 10.1145/1755688.1755732
Semantically rich application-centric security in android, Journal of Security and Communication Networks, 2011. ,
When Role Models Have Flaws: Static Validation of Enterprise Security Policies, 29th International Conference on Software Engineering (ICSE'07), 2007. ,
DOI : 10.1109/ICSE.2007.98
Interprocedural Analysis for Privileged Code Placement and Tainted Variable Detection, ECOOP, 2005. ,
DOI : 10.1007/11531142_16
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems, 2012 IEEE Symposium on Security and Privacy, 2011. ,
DOI : 10.1109/SP.2012.24
The protection of information in computer systems, Proceedings of the IEEE, 1975. ,
DOI : 10.1109/PROC.1975.9939
Google android: A state-of-the-art review of security mechanisms, 2009. ,
Soot -a java optimization framework, Proceedings of CASCON 1999, pp.125-135, 1999. ,