3

Fine-grained Code Coverage Measurement in Automated Black-box Android Testing

Today, there are millions of third-party Android applications. Some of them are buggy or even malicious. To identify such applications, novel frameworks for automated black-box testing and dynamic analysis are being developed by the Android …

StaDART: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

Dynamic code update techniques, such as dynamic class loading and reflection, enable Android apps to extend their functionality at runtime. At the same time, these techniques are misused by malware developers to transform a seemingly benign app into …

A Survey on Malicious Domains Detection Through DNS Data Analysis

Malicious domains are one of the major resources required for adversaries to run attacks over the Internet. Due to the important role of the Domain Name System (DNS), extensive research has been conducted to identify malicious domains based on their …

Security in the Firefox OS and Tizen Mobile Platforms

Existing mobile platforms landscape evolves very quickly, as the big players in the field and the research community are challenged to develop novel solutions with minimal costs of application development and possibility to support natively mobile …

MOSES: Supporting and Enforcing Security Profiles on Smartphones

Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. …

CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android

Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing …