Skip to content

Latest commit

 

History

History
632 lines (582 loc) · 53.7 KB

AndroidLiteratureReview.md

File metadata and controls

632 lines (582 loc) · 53.7 KB

@impillar

Malware Detection

  • Static Analysis

    • SCanDroid: Automated Security Certification of Android Applications, Technical Report, 2009
    • Static Analysis of Executables for Collaborative Malware Detection on Android, ICC 2009
    • RiskRanker: Scalable and Accurate Zero-day Android Malware Detection, MobiSys 2012
    • Static Analysis of Android Programs, Information and Software Technolog, 2012
    • Systematic Detection of Capability Leaks in Stock Android Smartphones, NDSS 2012
    • CHEX: Statically VetDroidSieveting Android Apps for Component Hijacking Vulnerabilities, CCS 2012
    • SCADAL: Static Analyzer for Detecting Privacy Leaks in Android Applications, MoST 2012
    • Structural Detection of Android Malware Using Embedded Call Graphs, AISec 2013 (tool: Adagio)
    • Targeted and Depth-first Exploration for Systematic Testing of Android Apps, OOPSLA 2013 (tool: A3E)
    • Detecting Passive Content Leaks and Pollution in Android Applications, NDSS 2013
    • Slicing Droids: Program Slicing for Smali Code, SAC 2013 (tool: SAAF)
    • Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation, SPSM 2013 (tool: Anadroid)
    • FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, PLDI 2014
    • Apposcopy: Semantics-based Detection of Android Malware Through Static Analysis, FSE 2014
    • Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps, CCS 2014
    • AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Contexts, ICSE 2014
    • AsDroid: Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Constradiction, ICSE 2014
    • Android Taint Flow Analysis for App Sets, SOAP 2014
    • Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale, USENIX Security 2015 (tool: MassVet)
    • Information Flow Analysis of Android Applications in DroidSafe, NDSS 2015
    • EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework, NDSS 2015
    • IccTA: Detecting Inter-Component Privacy Leaks in Android Apps, ICSE 2015
    • Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, ICSE 2015
    • DroidJust: Automated Functionality-Aware Privacy Leakage Analysis for Android Applications, WiSec 2015 (tool: DroidJust)
    • DroidEagle: Seamless Detection of Visually Similar Android Apps, WiSec 2015 (tool: DroidEagle)
    • Profiling User-Trigger Dependence for Android Malware Detection, Computer&Security 2015
    • Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques, NDSS 2016 (tool: HARVESTER)
    • HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving, Euro S&P 2016
    • StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework, ICSE 2016
    • Toward a Framework for Detecting Privacy Policy Violation in Android Application Code, ICSE 2016
    • R-Droid: Leveraging Android App Analysis with Static Slice Optimization, AsiaCCS 2016 (tool: R-Droid)
    • Semantic Modelling of Android Malware for Effective Malware Comprehension, Detection and Classification, ISSTA 2016 (tool: SMART)
    • DroidRA: Taming Reflection to Support Whole-Program Analysis of Android Apps, ISSTA 2016 (tool: DroidRA)
    • TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime, CCS 2016 (tool: TaintART)
    • ICCDetector: ICC-Based Malware Detection on Android, TIFS 2016 (tool: ICCDetector)
    • Software Architectural Principles in Contemporary Mobile Software: from Conception to Practice, Journal of Systems and Software, 2016
    • Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis, NDSS 2017
    • MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models, NDSS 2017 (tool: MaMaDroid)
    • A SEALANT for Inter-App Security Holes in Android, ICSE 2017 (tool: SEALANT)
    • Adaptive Unpacking of Android Apps, ICSE 2017 (tool: PackerGrind)
    • An Efficient, Robust, and Scalable Approach for Analyzing Interacting Android Apps, ICSE 2017 (tool: JITANA)
    • LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications, arxiv 2017 (tool: LeakSemantic)
    • TriFlow: Triaging Android Applications using Speculative Information Flows, AsiaCCS 2017 (tool: TriFlow)
    • Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications, AsiaCCS 2017 (tool: DIALDroid)
    • A Monte Carlo Tree Search approach to Active Malware Analysis, IJCAI 2017
    • Android Malware Clustering through Malicious Payload Mining, RAID 2017
    • Detection of Repackaged Android Malware with Code-Heterogeneity Features, TDSC 2017 (tool: DR-Droid)
    • JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code, CCS 2018 (tool: JN-SAF)
    • FraudDroid: Automated Ad Fraud Detection for Android Apps, ESEC/FSE 2019 (tool: FraudDroid)
    • Towards Large-Scale Hunting for Android Negative-Day Malware, RAID 2019 (tool: Lshand)
    • Discovering Flaws in Security-Focused Static Analysis Tools for Android using Systematic Mutation, USENIX Security 2019
    • FlowCog: Context-aware Semantics Extraction and Analysis of Information Flow Leaks in Android Apps, USENIX Security 2019
  • Dynamic Analysis

    • TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones, OSDI 2010
    • Crowdroid: Behavior-based Malware Detection System for Android, SPSM 2011
    • XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks, Technical Report, 2011
    • DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis, USENIX Security 2012
    • AndroTotal: A Flexible, Scalable Toolbox and Service for Testing Mobile Malware Detector, SPSM 2013
    • PUMA: Programmable UI-automation for Large-scale Dynamic Analysis of Mobile Apps, MobiSys 2014 (tool: PUMA)
    • Checking Interation-Based Declassification Policies for Android Using Symbolic Execution, ESORICS 2015 (tool: ClickRelease)
    • BareDroid: Large-Scale Analysis of Android Apps on Real Devices, ACSAC 2015 (tool: BareDroid)
    • CopperDroid: Automatic Reconstruction of Android Malware Behaviors, NDSS 2015
    • Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques, NDSS 2016 (tool: HARVESTER)
    • IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware, NDSS 2016
    • DroidScribe: Classifying Android Malware Based on Runtime Behavior, MoST 2016 (tool: DroidScribe)
    • LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications, arxiv 2017 (tool: LeakSemantic)
    • DroidForensics: Accurate Reconstruction of Android Attacks via Multi-layer Forensic Logging, AsiaCCS 2017 (tool: DroidForensics)
    • Exploring Syscall-Based Semantics Reconstruction of Android Applications, RAID 2019
    • DroidScraper: A Tool for Android In-Memory Object Recovery and Reconstruction, RAID 2019 (tool: DroidScraper)
    • Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems, USENIX Security 2019 (tool: Charm)
  • Machine Learning

    • Crowdroid: Behavior-based Malware Detection System for Android, SPSM 2011
    • "Andromaly": a Behavioral Malware Detection Framework for Android Devices, Journal of Intelligent Information Systems 2012
    • A Machine Learning Approach to Android Malware Detection, EISIC 2012
    • DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android, Security and Privacy in Communication Networks, 2013
    • MAST: Triage for Market-scale Mobile Malware Analysis, 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2013
    • Machine Learning for Android Malware Detection Using Permission and API Calls, ICTAI 2013
    • Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis, CCS 2013
    • Structural Detection of Android Malware Using Embedded Call Graphs, AISec 2013 (tool: Adagio)
    • Rapid Permissions-Based Detection and Analysis of Mobile Malware Using Random Decision Forests, MILCOM 2013
    • DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications, ESORICS 2014
    • Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs, CCS 2014
    • Drebin: Effective and Explainable Detection of Android Malware in Your Pocket, NDSS 2014
    • AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Contexts, ICSE 2014
    • RiskMon: Continuous and Automated Risk Assessment of Mobile Applications, CODASPY 2014 (tool: RiskMon)
    • Machine Learning-Based Malware Detection for Android Applications: History Matters! Technical Report, 2014
    • Linear SVM-Based Android Malware Detection, Frontier and Innovation in Future Computing and Communications 2014
    • Mining Apps for Abnormal Usage of Sensitive Data, ICSE 2015
    • Obfuscation-Resilient, Efficient, and Accurate Detection and Family Identification of Android Malware, Technical Report, 2015 (tool: RevealDroid)
    • Heldroid: Fast and Efficient Linguistic-Based Ransomware Detection, UIC Master Disseration, 2015 (tool: Heldroid)
    • StormDroid: A Streaminglized Machine Learning-based System for Detecting Android Malware, AsiaCCS 2016
    • Effective detection of android malware based on the usage of data flow APIs and machine learning,2016 Information and Software Technology
    • DroidScribe: Classifying Android Malware Based on Runtime Behavior, MoST 2016 (tool: DroidScribe)
    • LUNA: Quantifying and Leveraging Uncertainy in Android Malware Analysis through Bayesian Machine Learning, Euro S&P 2017 (tool: LUNA)
    • Dark Hazard: Learning-based, Large-Scale Discovery of Hidden Sensitive Operations in Android Apps, NDSS 2017
    • LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications, arxiv 2017 (tool: LeakSemantic
    • HinDroid: An Intelligent Android Malware Detection System Based on Structured Heterogeneous Information Network, KDD 2017 (tool: HinDroid)
    • Detection of Repackaged Android Malware with Code-Heterogeneity Features, TDSC 2017 (tool: DR-Droid)
    • SecureDroid: Enhancing Security of Machine Learning-based Detection against Adversarial Android Malware Attacks, ACSAC 2017 (SecureDroid)
    • TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time, USENIX Security 2019 (tool: TESSERACT)
    • SEdroid: A Robust Android Malware Detector using Selective Ensemble Learning, CCS 2019 (not quite sure) (tool: SEdroid)
    • DroidEvolver: Self-Evolving Android Malware Detection System, Euro S&P 2019
    • Neurlux: Dynamic Malware Analysis Without Feature Engineering, ACSAC 2019 (tool: Neurlux)
    • A Multi-modal Neural Embeddings Approach for Detecting Mobile Counterfeit Apps, WWW 2019
  • Fingerprint & matching

    • Get Off of My Market: Detecting Malcious Apps in Official and ALternative Android Markets, NDSS 2012 (tool: DroidRanger)
    • DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware, TRUSTCOM 2013
    • AppInk: Watermarking Android Apps for Repacking Deterrence, AsiaCCS 2013
  • Formal Method & Symoblic Execution

    • New Privacy Issues in Mobile Telephony: Fix and Verification, CCS 2012
    • Contextual Policy Enforcement in Android Applications with Permission Event Graphs, NDSS 2012
    • Efficient Runtime Monitoring with Metric Temporal Logic: A Case Study in the Android Operating System, FM 2013
    • Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation, SPSM 2013 (tool: Anadroid)
    • AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, CCS 2013
    • Checking Interation-Based Declassification Policies for Android Using Symbolic Execution, ESORICS 2015 (tool: ClickRelease)
    • HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving, Euro S&P 2016
    • Practical, Formal Synthesis and Autonomic Enforcement of Security Policies for Android, DSN 2016
    • Towards Model Checking Android Applications, TSE 2017 (tool: DroidPF)
  • Realtime Monitoring

    • On Lightweight Mobile Phone Application Certification, CCS 2009 (tool: Kirin)
    • "Andromaly": a Behavioral Malware Detection Framework for Android Devices, Journal of Intelligent Information Systems 2012
    • Efficient Runtime Monitoring with Metric Temporal Logic: A Case Study in the Android Operating System, FM 2013
    • AppsPlayground: Automatic Security Analysis of Smartphone Applications, CODASPY 2013 (tool: AppsPlayground)
    • ARTist: The Android Runtime Instrumentation and Security Toolkit, Euro S&P 2017 (tool: ARTist)
  • Testing

    • A GUI Crawling-based technique for Android Mobile Application Testing, ICSTW 2011
    • Experiences of System-Level Model-based GUI Testing of an Android Application, ICST 2011
    • Using GUI Ripping for Automated Testing of Android Applications, ASE 2012 (tool: AndroidRipper)
    • Testing Android Apps Through Symbolic Execution, ACM SIGSOFT Software Engineering Notes 2012
    • Automated Concolic Testing of Smartphone Apps, FSE 2012
    • Systematic Testing for Resource Leaks in Android Applications, ISSRE 2013
    • Automated Testing with Targeted Event Sequence Generation, ISSTA 2013 (tool: Collider)
    • Dynodroid: An Input Generation System for Android Apps, ESEC/FSE 2013 (tool: Dynodroid)
    • Automated Test Input Generation for Android: Are We There Yet? ASE 2015
    • Systematic Execution of Android Test Suites in Adverse Conditions, ISSTA 2015
    • Reducing Combinatorics in GUI Testing of Android Applications, ICSE 2016 (tool: TrimDroid)
    • Sapienz: Multi-objective Automated Testing for Android Applications, ISSTA 2016 (tool: Sapienz)
    • Energy-Aware Test-Suite Minimization for Android Apps, ISSTA 2016
    • Lifecycle and Event-based Testing for Android Applications, Ph.D Dissertation (author: GRAZIUSSI, SIMONE)
    • Automatic Input Generation for Mobile Testing, ICSE 2017
    • Guided, Stochastic Model-Based GUI Testing of Android Apps, FSE 2017 (tool: Stoat)
    • µDroid: An Energy-Aware Mutation Testing Framework for Android, FSE 2017 (tool: µDroid)
    • PATDroid: Permission-Aware GUI Testing of Android, FSE 2017 (tool: PATDroid)
    • Enabling Mutation Testing for Android Apps, FSE 2017 (tool: MDroid+)
    • Continuous, Evolutionary and Large-Scale: A New Perspective for Automated Mobile App Testing, ICSME 2017
    • Systematically Testing Background Services of Mobile Apps, ASE 2017 (tool: Snowdrop)
    • Crowd Intelligence Enhances Automated Mobile Testing, ASE 2017 (tool: Polariz)
    • EHBDroid: Beyond GUI Testing for Android Applications, ASE 2017 (tool: EHBDroid)
    • Sketch-guided GUI test generation for mobile applications, ASE 2017
    • SimplyDroid: efficient event sequence simplification for Android application, ASE 2017 (tool: DimplyDroid)
    • Automated cross-platform inconsistency detection for mobile apps, ASE 2017 (tool: DiffDroid)
    • DetReduce: Minimizing Android GUI Test Suites for Regression Testing, ICSE 2018
    • Efficiently Manifesting Asynchronous Programming Errors in Android Apps, ASE 2018 (tool: APEChecker)
    • An Empirical Study of Android Test Generation Tools in Industrial Cases, ASE 2018
    • Practical GUI testing of Android applications via model abstraction and refinement, ICSE 2019
    • Mimic: UI Compatibility Testing System for Android Apps, ICSE 2019 (tool: Mimic)

Native Code Analysis

  • Finding Bugs in Java Native Interface Programs, ISSTA 2008
  • Robusta: Taming the Native Beast of the JVM, CCS 2010
  • Native Code Execution Control for Attack Mitigation on Android, SPSM 2013
  • NativeGuard: Protecting Android Applicaions from Third-Party Native Libraries, WiSec 2014
  • Towards Bridging the Gap Between Dalvik Bytecode and Native Code During Static Analysis of Android Applications, IWCMC 2015
  • Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy, NDSS 2016
  • DroidNative: Semantic-Based Detection of Android, arXiv 2016 (tool: DroidNative)

Clone Analysis

  • Juxtapp: A Scalable System for Detecting Code Resuse Among Android Applications, DIMVA 2012
  • Attack of the Clones: Detecting Cloned Applications on Android Markets, ESORICS 2012
  • Detecting Repackaged Smartphone Applications in Third-party Android Marketplaces, 2nd ACM Conference on Data and Application Security and Privacy, 2012 (tool: DroidMOSS)
  • Plagiarizing Smartphone Applications: Attack Strategies and Defense Techniques, ESSoS 2012
  • Fast, Scalable Detection of "Piggybacked" Mobile Applications, 3rd ACM Conference on Data and Application Security and Privacy, 2013
  • Achieving Accuracy and Scalability Simultaneously in Detecting Application Clones on Android Markets, ICSE 2014
  • ViewDoird: Towards Obfuscation-Resilient Mobile Application Repackaging Detection, WiSec 2014
  • WuKong: A Scalable and Accurate Two-Phase Approach to Android App Clone Detection, ISSTA 2015
  • CodeMatch: Obfuscation Won’t Conceal Your Repackaged App, FSE 2017 (tool: CodeMatch)
  • Detecting Plagiarized Mobile Apps using API Birthmarks, ASE 2017

Network Traffic Analysis

  • NetworkProfiler: Towards Automatic Fingerprinting of Android Apps, INFOCOM 2013
  • AndroGenerator: An Automated and Configurable Android App Network Traffic Generation System, Security and Communication Networks 2015 (tool: AndroGenerator)
  • I Know What You Did on Your Smartphone: Inferring App Usage Over Encrypted Data Traffic, CNS 2015
  • Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile Devices, RAID 2019

Ads & Libraries Analysis

  • Unsafe Exposure Analysis of Mobile In-App Advertisements, WISEC 2012 (tool: AdRisk)
  • AdSplit: Separating Smartphone Advertising from Applications, USENIX Security 2012 (tool: AdSplit)
  • AdDroid: Privilege Separation for Applications and Advertisers in Android, AsiaCCS 2012 (tool: AdDroid)
  • DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps, NSDI 2014 (tool: DECAF)
  • An Investigation into the Use of Common Libraries in Android Apps, arXir 2015
  • An Empirical Study of Mobile Ad Targeting, arXir 2015
  • MAdScope: Characterizing Mobile In-App Targeted Ads, MobiSys 2015 (tool: MAdScope)
  • Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces, NDSS 2016
  • The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads, NDSS 2016
  • Free for All! Assessing User Data Exposure to Advertising Libraries on Android, NDSS 2016 (tool: Pluto)
  • Following Devil’s Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS, S&P 2016 (tool: PhaLib)
  • Reliable Third-Party Library Detection in Android and its Security Applications, CCS 2016
  • LibD: Scalable and Precise Third-party Library Detection in Android Markets, ICSE 2017 (tool: LibD)
  • Revisiting Mobile Advertising Threats with MAdLife, WWW 2019 (tool: MAdLife)

Inter-Component Communication Analysis

  • Analyzing Inter-Application Communication in Android, MobiSys 2011 (tool: ComDroid)
  • Effective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis, USENIX Security 2013
  • An Empirical Study of the Robustness of Intercomponent Commmunication in Android, DSN 2012
  • Scippa: System-Centric IPC Provenance on Android, ACSAC 2014 (tool: Scippa)
  • Combining Static Analysis with Probabilistic Models to Enable Market-Scale Android Inter-component Analysis, POPL 2016 (tool: PRIMO [http://siis.cse.psu.edu/primo/])
  • DroidDisintegrator: Intra-Application Information Flow Control in Android Apps, AsiaCCS 2016
  • Checking Intent-based Communication in Android with Intent Space Analysis, AsiaCCS 2016

Android OS Enhancement

  • Enhancing Security of Linux-based Android Devices, 15th international linux system technology conference, 2008
  • Semantically Rich Application-CEntric Security in Android, ACSAC 2009 (tool: Saint)
  • Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints, AsiaCCS 2011 (tool: Apex)
  • YAASE: Yet Another Android Security Extension, IEEE International Conference on Privacy, Security, Risk and Trust, and IEEE International Conference on Social Computing 2011
  • MockDroid: Trading Privacy for Application Functionality on Smartphones, HotMobile 2011 (tool: MockDroid)
  • "These Aren't the Droids You're Looking For" Retrofitting Android to Protect Data from Imperious Applications, CCS 2011 (tool: AppFence)
  • Aurasium: Practical Policy Enforcement for Android Applications, USENIX Security 2012
  • RetroSkeleton: Retrofitting Android Apps, MobiSys 2013 (tool: RetroSkeleton)
  • Flexible and Fine-grained Mandatory Access Control on Android for Devices Security and Privacy Policies, USENIX Security 2013 (tool: FlaskDroid)
  • Security Enhanced (SE) Android: Bringing Flexible MAC to Android, NDSS 2013
  • Android Security Framework: Extensible Multi-Layered Access Control on Android, ACSAC 2014 (framework: ASF)
  • ASM: A Programmable Interface for Extending Android Security, USENIX Security, 2014
  • A Bayesian Approach to Privacy Enforcement in Smartphones, USENIX Security 2014 (tool: BayesDroid)
  • Surveying the Development of Biometric User Authentication on Mobile Phones, IEEE Communications Surveys & Tutorials, 2015
  • DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices, NDSS 2015
  • Boxify: Full-fledged App Sandboxing for Stock Android, USENIX Security 2015
  • EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning, USENIX 2015
  • FLEXDROID: Enforcing In-App Privilege Separation in Android, NDSS 2016
  • Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices, ICSE 2016 (prototype: PatchMan, ControlMan and TaintMan)
  • Automated Partitioning of Android Applications for Trusted Execution Environments, ICSE 2016
  • FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization, AsiaCCS 2016
  • WindowGuard: Systematic Protection of GUI Security in Android, NDSS 2017 (tool: WindowGuard)
  • Adaptive Android Kernel Live Patching, USENIX Security 2017
  • SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android, AsiaCCS 2017
  • InstaGuard: Instantly Deployable Hot-patches for Vulnerable System Programs on Android, NDSS 2018 (tool: InstaGuard)
  • A Temporal Permission Analysis and Enforcement Framework for Android, ICSE 2018
  • DroidCap: OS Support for Capability-based Permissions in Android, NDSS 2019 (tool: DroidCap)
  • Automatic Generation of Non-intrusive Updates for Third-Party Libraries in Android Applications, RAID 2019

Android Permission System

  • A Formal Model to Analyze the Permission Authorization and Enforcement in the Android Framework, IEEE International Conference on Social Computing/IEEE International Conferene on Privacy, Security, Risk and Turst 2010
  • Permission Re-Delegation: Attacks and Defenses, USENIX Security 2011
  • Curbing Android Permission Creep, W2SP 2011
  • Android Permissions Demystified, CCS 2011
  • Is this App Safe? A Large Scale Study on Application Permissions and Risk Signals, WWW 2012
  • Android Security Permissions - Can we trust them? S&P 2012
  • PScout: Analyzing the Android Permission Specification, CCS 2012
  • Permission based Android security: Issues and Countermeasures, Computers&Security 2014
  • Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection, TIFS 2014
  • Android Permission Remystified: A Field Study on Contextual Integrity, USENIX Security 2015
  • Detection of Design Flaws in the Android Permission Protocol through Bounded Verification, FM 2015
  • revDroid: Code Analysis of the Side Effects after Dynamic Permission Revocation of Android Apps, AsiaCCS 2016
  • Small Changes, Big Changes: An Updated View on the Android Permission System, RAID 2016
  • A Formal Approach for Detection of Security Flaws in the Android Permission System, Journal on Formal Aspects of Computing 2016
  • Resolving the Predicament of Android Custom Permissions, NDSS 2018
  • A Temporal Permission Analysis and Enforcement Framework for Android, ICSE 2018
  • Precise Android API Protection Mapping Derivation and Reasoning, CCS 2018 (tool: Arcade)
  • DroidCap: OS Support for Capability-based Permissions in Android, NDSS 2019 (tool: DroidCap)

Anti-Malware Tool Auditing

  • DroidChameleon: Evaluating Android Anti-malware Against Transformation Attacks, AsiaCCS 2013
  • ADAM: An Automatic and Extensible Platform to Stree Test Android Anti-virus Systems, DIMVA 2013
  • Enter Sandbox: Android Sandbox Comparison, IEEE Mobile Security Technologies (MoST) 2014
  • Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks, IEEE TIFS 2014
  • Towards Discovering and Understanding Unexpected Hazards in Tailoring Antivirus Software for Android, AsiaCCS 2015
  • Uncovering the Dilemmas on Antivirus Software Design in Modern Mobile Platforms, ICST 2015
  • How Current Android Malware Seeks to Evade Automated Code Analysis, Information Security Theory and Practice, 2016
  • Mystique: Evolving Android Malware for Auditing Anti-Malware Tools, AsiaCCS 2016 (tool: Mystique)
  • Auditing Anti-Malware Tools by Evolving Android Malware and Dynamic Loading Technique, TIFS 2017 (tool: Mystique-S)
  • A Large-Scale Empirical Study on the Effects of Code Obfuscations on Android Apps and Anti-Malware Products, ICSE 2018

Characterization and Evolution

  • Understanding Android Security, S&P 2009
  • Language-Based Security on Android, PLAS 2009
  • A Study of Android Application Security, USENIX Security 2011
  • All Your Droid Are Belong To Us: A Survey of Current Android Attacks, USENIX WOOT 2011
  • ProfileDroid: Multi-layer Profiling of Android Applications, MobiCom 2012
  • Dissecting Android Malware: Characterization and Evoluation, S&P 2012
  • An Empirical Study of API Stability and Adoption in the Android Ecosystem, ICSM 2013
  • The Impact of Vendor Customizations on Android Security, CCS 2013
  • An Empirical Study of Cryptographic Misuse in Android Applications, CCS 2013
  • AndroSAT: Security Analysis Tool for Android Application, 8th International Conference on Emerging Security Information, System and Technologies, 2014
  • A Taxonomy of Privilege Escalation Attacks in Android Applications, International Journal of Security and Networks 2014
  • A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks, NDSS 2014
  • Andrubis -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors, BADGERS 2014 (tool: Andrubis)
  • DroidRay: A Security Evaluation System for Customized Android Firmwares, AsiaCCS 2014 (tool: DroidRay)
  • Securing Android: A Survey, Taxonomy, and Challenges, CSUR 2015
  • Collaborative Security: A Survey and Taxonomy, CSUR 2015
  • Android Malware Static Analysis Techniques, CISR 2015
  • PRADA: Prioritizing Android Devices for Apps by Mining Large-Scale Usage Data, ICSE 2016 (It finds the prioritized devices for apps)
  • SoK: Lessons Learned From Android Security Research For Appified Software Platforms, IEEE S&P 2016 (framework: SoK)
  • A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android Software, TSE 2016
  • FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature, CCS 2016 (tool: FeatureSmith)
  • *droid: Assessment and Evaluation of Android Application Analysis Tools, CSUR 2016 (tool: *droid)
  • Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques, CSUR 2016
  • The Evolution of Android Malware and Android Analysis Techniques, CSUR 2017
  • Analysis of SEAndroid Policies: Combining MAC and DAC in Android, ACSAC 2017
  • Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting, TIFS 2017
  • To Update or Not to Update: Insights From a Two-Year Study of Android App Evolution, AsiaCCS 2017
  • Measuring the Insecurity of Mobile Deep Links of Android, USENIX Security 2017
  • Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole-System Emulation, NDSS 2018
  • Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps, NDSS 2018
  • Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem, NDSS 2018
  • Resolving the Predicament of Android Custom Permissions, NDSS 2018
  • The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators, IEEE S&P 2018
  • EnMobile: Entity-based Characterization and Analysis of Mobile Malware, ICSE 2018
  • Large-Scale Analysis of Framework-Specific Exceptions in Android Apps, ICSE 2018
  • Self-Hiding Behavior in Android Apps: Detection and Characterization, ICSE 2018
  • A Large Scale Investigation of Obfuscation Use in Google Play, arXiv 2018
  • ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem, USENIX Security 2019
  • Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones, ACSAC 2019
  • Understanding the Evolution of Mobile App Ecosystems: A Longitudinal Measurement Study of Google Play, WWW 2019

Automatic Malware Generation

  • Automatic Generation of Mobile Malware Using Genetic Programming, Applications of Evolutionary Computation, 2015
  • Mystique: Evolving Android Malware for Auditing Anti-Malware Tools, AsiaCCS 2016 (tool: Mystique)
  • Auditing Anti-Malware Tools by Evolving Android Malware and Dynamic Loading Technique, TIFS 2017 (tool: Mystique-S)
  • Automatic Generation of Inter-Component Communication Exploits for Android Applications, FSE 2017 (tool: LetterBomb)
  • DroidPill: Pwn Your Daily-Use Apps, AsiaCCS 2017 (tool: DroidPill)

New vulnerabilities & Attacks

  • Fuzzing the Phone in Your Phone, Black Hat USA 2009
  • Privilege Escalation Attacks on Android, Information Security 2010
  • Application Collusion Attack on the Permission-based Security Model and its Implications for Modern Smartphone Systems, REPORT 2011
  • A Stealthy and Context-Aware Sound Trojan for Smartphones, NDSS 2011
  • New Privacy Issues in Mobile Telephony: Fix and Verification, CCS 2012
  • Why Eve and Mallory love Android: An analysis of Android SSL (in) security, CCS 2012
  • UI Redressing Attacks on Android Devices, US BlackHat 2012 (vul: tapjacking)
  • Upgrading Your Android, Elevating My Malware: Priviledge Escalation Through Mobile OS Updating, S&P 2014
  • The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations, S&P 2014
  • From Zygote to Morula: Fortifying Weakened ASLR on Android, S&P 2014
  • Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks, USENIX Security 2014
  • Gyrophone: Recognizing Speech From Gyroscope Signals, USENIX Security 2014
  • Mayhem in the Push Clouds: Understanding and Mitigating Security Hazards in Mobile Push-Messaging Services, CCS 2014
  • Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications, NDSS 2014
  • Divide-and-Conquer: Why Android Malware cannot be Stopped, ARES 2014 (tool:Sand-Finger)
  • Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware, EuroSec 2014
  • Evading Android Runtime Analysis via Sandbox Detection, AsiaCCS 2014
  • Supor: Precise and Scalable Sensitive User Input Detection for Android Apps, USENIX 2014 (tool: Supor)
  • AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, NDSS 2014 (tool: AppSealer)
  • Screenmilker: How to milk your android screen for secrets, NDSS 2014 (tool: ScreenMilker)
  • You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps, USENIX Security 2015
  • COVERT: Compositional Analysis of Android Inter-App Permission Leakage, TSE 2015
  • Grab'n Run: Practical and Safe Dynamic Code Loading in Android, Ph.D Disertation 2015
  • From System Services Freezing to System Server Shutdown in Android: All You Need is a Loop in an App, CCS 2015 (tool: ASV-Hunter, vul:Android Stroke Vulnerabilies)
  • Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References, CCS 2015 (tool: Harehunter, vul: hanging attribute references)
  • Android Root and its Providers: A Double-Edged Sword, CCS 2015
  • Leave Me Alone: App-Level Protection Against Runtime Information Gathering on Android, IEEE S&P 2015 (tool: App Guardian)
  • An Investigation of the Android/BadAccents Malware which Exploits a new Android Tapjacking Attack, TechReport (TUD-CS-2015-0065), 2015
  • Life after App Unistallation: Are the Data Still Alive? Data Residue Attacks on Android, NDSS 2016
  • Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework, NDSS 2016 (tool: Kratos)
  • MobiPlay: A Remote Execution Based Record-and-Replay Tool for Mobile Applications, ICSE 2016
  • CDRep: Automatic Repair of Cryptographic-Misuses in Android Applications, AsiaCCS 2016
  • Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback, CCS 2016
  • Android ION Hazard: the Curse of Customizable Memory Management System, CCS 2016
  • The Misuse of Android Unix Domain Sockets and Security Implications, CCS 2016
  • Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis, USENIX Security 2016
  • Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps, NDSS 2017
  • Semi-Automated Discovery of Server-Based Information Oversharing Vulnerabilities in Android Applications, ISSTA 2017
  • BootStomp: On the Security of Bootloaders in Mobile Devices, USENIX Security 2017 (tool: BootStomp)
  • Detecting Android Root Exploits by Learning from Root Providers, USENIX Security 2017
  • An Autonomic and Permissionless Android Covert Channel, WiSec 2017
  • DroidPill: Pwn Your Daily-Use Apps, AsiaCCS 2017 (tool: DroidPill)
  • Secure Integration of Web Content and Applications on Commodity Mobile Operating Systems, AsiaCCS 2017 (tool: WIREFrame/WIRE)
  • JGRE: An Analysis of JNI Global Reference Exhaustion Vulnerabilities in Android, DSN 2017 (tool: JGRE)
  • System Service Call-oriented Symbolic Execution of Android Framework with Applications to Vulnerability Discovery and Exploit Generation, MobySys 2017 (tool: Centaur)
  • Ghera: A Repository of Android App Vulnerability Benchmarks, PROMISE 2017 (tool: Ghera)
  • Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews, CCS 2017
  • Removing Secrets from Android’s TLS, NDSS 2018
  • Broken Fingers: On the Usage of the Fingerprint API in Android, NDSS 2018
  • ABC: Enabling Smartphone Authentication with Built-in Camera, NDSS 2018
  • “Tipped Off by Your Memory Allocator”: Device-Wide User Activity Sequencing from Android Memory Images, NDSS 2018
  • Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps, NDSS 2018
  • AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection, NDSS 2018 (tool: AceDroid)
  • Characterizing and Identifying Misexposed Activities in Android Applications, ASE 2018
  • A Tale of Two Cities: How WebView Induces Bugs to Android Applications, ASE 2018
  • Dual-Force: Understanding WebView Malware via Cross-language Forced Execution, ASE 2018
  • Self-Protection of Android Systems from Inter-Component Communication Attacks, ASE 2018
  • PatternListener: Cracking Android Pattern Lock Using Acoustic Signals, CCS 2018 (tool: PatternListener)
  • Phishing Attacks on Modern Android, CCS 2018
  • ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android, CCS 2018 (tool: ClickShield)
  • EviHunter: Identifying Digital Evidence in the Permanent Storage of Android Devices via Static Analysis, CCS 2018 (tool: EviHunter)
  • Invetter: Locating Insecure Input Validations in Android Services, CCS 2018 (tool: Invetter)
  • Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers, NDSS 2019
  • Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment, NDSS 2019
  • Total Recall: Persistence of Password in Android, NDSS 2019
  • Nearby Threats: Reversing, Analyzing, and Attacking Google’s “Nearby Connections” on Android, NDSS 2019
  • BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals, NDSS 2019 (tool: BadBluetooth)
  • Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens, IEEE S&P 2019
  • Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps, IEEE S&P 2019
  • Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android, RAID 2019
  • HideMyApp: Hiding the Presence of Sensitive Apps on Android, USENIX Security 2019 (tool: HideMyApp)
  • PatternListener: Cracking Android Pattern Lock Using Acoustic Signals, CCS 2019 (tool: PatternListener)
  • An Empirical Study of the SMS One-Time Password Authentication in Android Apps, ACSAC 2019

Performance Analysis

  • Responsiveness Analysis Tool for Android Applications, DeMobile 2014
  • SunCat: Helping Developers Understand and Predict Performance Problems in Smartphone Applications, ISSTA 2014 (tool: SunCat)
  • Characterizing and Detecting Performance Bugs for Smartphone Applications, ICSE 2014 (tool: PerfChecker)
  • How Developers Detect and Fix Performance Bottlenecks in Android Apps, ICSME 2015
  • PersisDroid: Android Performance Diagnosis via Anatomizing Asynchronous Executions, arXiv 2015
  • CLAPP: Characterizing Loops in Android Applications, FSE 2015 (tool: CLAPP)
  • DiagDroid: Android Performance Diagnosis via Anatomizing Asynchronous Executions, FSE 2016 (tool: DiagDroid)
  • Mining Test Repositories for Automatic Detection of UI Performance Regressions in Android Apps (tool: DUNE)
  • Hit by the Bus: QoS Degradation Attack on Android, AsiaCCS 2017
  • Leveraging Program Analysis to Reduce User-Perceived Latency in Mobile Applications, ICSE 2018
  • Remove RATs from your code: automated optimization of resource inefficient database writes for mobile applications, ISSTA 2018
  • Empirically Assessing Opportunities for Prefetching and Caching in Mobile Apps, ASE 2018

Energy Analysis

  • Accurate Online Power Estimation and Automatic Battery Behavior Based Power Model Generation for Smartphones, CODES+ISSS 2010(tool: PowerTutor)
  • Monitoring Energy Consumption of Smartphones, iThings/CPSCom 2011(tool: SEMO)
  • Bootstrapping Energy Debugging on Smartphones: A First Look at Energy Bugs in Mobile Devices, HotNets-X 2011
  • Fine-Grained Power Modeling for Smartphones Using System Call Tracing, EuroSys 2011
  • Where is the energy spent inside my app? Fine Grained Energy Accounting on Smartphones with Eprof, EuroSys 2012
  • eDoctor: Automatically Diagnosing Abnormal Battery Drain Issues on Smartphones, USENIX 2013(tool: eDoctor)
  • Calculating Source Line Level Energy Information for Android Applications, ISSTA 2013 (tool: vLens)
  • GreenDroid: Automated Diagnosis of Energy Inefficiency for Smartphone Applications, TSE 2014
  • Detecting Energy Bugs and Hotspots in Mobile Apps, FSE 2014
  • Retrofitting Concurrency for Android Applications Through Refactoring, FSE 2014 (tool: Asynchronizer)
  • Making Web Applications More Energy Efficient for OLED Smartphones, ICSE 2014 (tool: Nyx)
  • Comparing Energy Profilers for Android, 21st Twente Student Conference on IT 2014
  • Mining Energy-Greedy API Usage Patterns in Android Apps: An Empirical Study, MSR 2014
  • An Empirical Study of the Energy Consumption of Android Applications, ICSME 2014
  • Optimizing Energy of HTTP Requests in Android Applications, DeMobile 2015
  • EnTrack: A System Facility for Analyzing Energy Consumption of Android System Services, UbiComp 2015
  • Runtime Verification of Expected Energy Consumption in Smartphones, Model Checking Software 2015
  • Energy-Aware Test-Suite Minimization for Android Apps, ISSTA 2016
  • Automatically Verifying and Reproducing Event-based Races in Android Apps, ISSTA 2016
  • Battery-Aware Mobile Data Service, TMC 2016 (tool: B-MODS)
  • Automated Energy Optimization of HTTP Requests for Mobile Applications, ICSE 2016 (tool: Bouquet)
  • DefDroid: Towards a More Defensive Mobile OS Against Disruptive App Behavior, MobySys 2016 (tool: DefDroid)
  • Battery State-of-Health Estimation for Mobile Devices, ICCPS 2017 (tool: V-BASH)
  • µDroid: An Energy-Aware Mutation Testing Framework for Android, FSE 2017 (tool: µDroid)
  • EARMO: An Energy-Aware Refactoring Approach for Mobile Apps, TSE 2018 (tool: EARMO)

Android GUI Analysis

  • Automating GUI Testing for Android Applications, AST 2011
  • SmartDroid: An Automatic System for Revealing UI-based Trigger Conditions in Android Applications, SPSM 2012
  • Finding Errors in Multi-threaded GUI Applications, ISSTA 2012
  • A Grey-Box Approach for Automated GUI-model Generation of Mobile Applications, FASE 2013
  • Guided GUI Testing of Android Apps with Minimal Restart and Approximate learning, OOPSLA 2013 (tool: Swift-Hand)
  • Estimating Mobile Application Energy Consumption using Program Analysis, ICSE 2013 (tool: eLens)
  • Static Window Transition Graphs for Android, ASE 2015
  • What the App is That? Deception and Countermeasures in the Android User Interface, S&P 2015
  • GUITAR: Piecing Together \Android App GUIs from Memory Images, CCS 2015
  • Static Analysis of GUI Behavior in Android Applications, Ph.D Dissetation 2015
  • Detecting Display Energy Hotspots in Android Apps, ICST 2015 (tool: dLens)
  • Reducing Combinatorics in GUI Testing of Android Applications, ICSE 2016 (tool: TrimDroid)
  • Attacks and Defence on Android Free Floating Windows, AsiaCCS 2016
  • Automated Model-Based Android GUI Testing using Multi-level GUI Comparison Criteria, ASE 2016
  • PATDroid: Permission-Aware GUI Testing of Android, FSE 2017 (tool: PATDroid)
  • UI Driven Android Application Reduction, ASE 2017 (tool: TOFU)
  • Automated Reporting of GUI Design Violations for Mobile Apps, ICSE 2018
  • From UI Design Image to GUI Skeleton: A Neural Machine Translator to Bootstrap Mobile GUI Implementation, ICSE 2018
  • GUILeak: Tracing Privacy-Policy Claims on User Input Data for Android Applications, ICSE 2018 (tool: GUILeak)
  • Launch-Mode-Aware Context-Sensitive Activity Transition Analysis for Android Apps, ICSE 2018
  • Detecting and Summarizing GUI Changes in Evolving Mobile Apps, ASE 2018
  • IconIntent: Automatic Identification of Sensitive UI Widgets based on Icon Classification for Android Apps, ICSE 2019 (tool: IconIntent)
  • DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile Apps, CCS 2019 (tool: DeepIntent)

Forensic Analysis

  • WHYPER: Towards Automating Risk Assessment of Mobile Applications, USENIX Security 2013
  • Checking App Behavior Against App Descriptions, ICSE 2014 (tool: CHABADA)
  • A Forensic Analysis of Android Malware - How is Malware Written and How it Could be Detected? COMPSAC 2014
  • "What parts of your apps are loved by users?", ASE 2015 (tool: SURMiner)
  • Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers, CCS 2014
  • VCR: App-Agnostic Recovery of Photographic Evidence from Android Device Memory Images, CCS 2015
  • Towards Automatic Generation of Security-Centric Descriptions for Android Apps, CCS 2015 (tool: DESCRIBEME)
  • AUTOREB: Automatically Understanding the Review-to-Behavior Fidelity in Android Applications, CCS 2015 (tool: AUTOREB)
  • On the Lack of Consensus in Anti-Virus Decisions Metrics and Insights on Building Ground Truths of Android Malware with VirusTotal, DIMVA 2016
  • AVclass: A Tool for Massive Malware Labeling, RAID 2016 (tool: AVClass)
  • Revisiting the Description-to-Behavior Fidelity in Android Applications, SANER 2016 (tool: TAPVerifier)
  • Can We Trust the Privacy Policies of Android Apps? DSN 2016 (tool: PPChecker)
  • Checking App User Interfaces against App Descriptions, WAMA 2016
  • Automated Analysis of Privacy Requirements for Mobile Apps, NDSS 2017
  • Recommending and Localizing Change Requests for Mobile Apps based on User Reviews, ICSE 2017
  • Toward Detecting Collusive Ranking Manipulation Attackers in Mobile App Markets, AsiaCCS 2017
  • Boosting the Guessing Attack Performance on Android Lock Patterns with Smudge Attacks, AsiaCCS 2017
  • Enhancing the Description-to-Behavior Fidelity in Android Apps with Privacy Policy, TSE 2017 (tool: TAPVerifier)
  • OASIS: Prioritizing Static Analysis Warnings for Android Apps Based on App User Reviews, FSE 2017 (tool: OASIS)
  • Online App Review Analysis for Identifying Emerging Issues, ICSE 2018
  • StoryDroid: Automated Generation of Storyboard for Android Apps, ICSE 2019 (tool: StoryDroid)
  • Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy, IEEE S&P 2019
  • The Art and Craft of Fraudulent App Promotion in Google Play, CCS 2019

Obfuscation & Evasion Techniques

  • Evading Android Runtime Analysis via Sandbox Detection, AsiaCCS 2014
  • Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware, EuroSec 2014
  • Stealth Attacks: An Extended Insight into the Obfuscation Effects on Android Malware, Computer & Science 2015
  • Statistical Deobfuscation of Android Applications, CCS 2016
  • Software Protection on the Go: A Large-Scale Empirical Study on Mobile App Obfuscation, ICSE 2018
  • Tackling runtime-based obfuscation in Android with TIRO, USENIX Security 2019

Fuzzing Test for Vulnerabilities

  • Droidfuzzer: Fuzzing the Android Apps with Intent-filter Tag, MoMM 2013 (tool: Droidfuzzer)
  • Intent Fuzzer: Crafting Intents of Death, WODA 2014
  • Fuzzing Android System Services by Binder Call. (url: https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-BinderCall-To-Escalate-Privilege.pdf.)
  • BinderCracker: Assessing the Robustness of Android System Services, arxiv 2016 (tool: BinderCracker)
  • Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments, ICSE 2017 (tool: FuzzDroid)
  • kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, USENIX Security 2017 (tool: kAFL)
  • IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing, NDSS 2018 (tool: IoTFuzzer)
  • What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices, NDSS 2018
  • Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, NDSS 2018

Analysis of Hybrid Android App

  • Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks, NDSS 2014 (tool: NOFRAK)
  • Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation, CCS 2014
  • Reducing Attack Surface on Cordova-based Hybrid Mobile Apps, MobileDeli 2014
  • Attack and Countermeasures for Webview on Mobile System, Dissertations 2014
  • On the Static Analysis of Hybrid Mobile Apps, A Report on the State of Apache Cordova Nation, ESSoS 2016
  • Automatic Permission Inference for Hybrid Mobile Apps, Journal of High Speed Networks 2016
  • HybriDroid: Static Analysis Framework for Android Hybrid Applications, ASE 2016
  • Fine-Grained Access Control for HTML5-Based Mobile Applications in Android, CCS 2016
  • Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android, CCS 2016 (tool: Draco)
  • Automated Generation of Event-Oriented Exploits in Android Hybrid Apps, NDSS 2018

Android Compatibility Issues

  • Understanding Android Fragmentation with Topic Analysis of Vendor-Specific Bugs, WCRE 2012
  • Taming Android Fragmentation: Characterizing and Detecting Compatibility Issues for Android Apps, ASE 2016 (tool: FicFinder)
  • Understanding and Detecting Callback Compatibility Issues for Android Applications, ASE 2018

Large-Scale Android Malware Analysis

  • Dissecting Android Malware: Characterization and Evoluation, S&P 2012
  • AndRadar: Fast Discovery of Android Applications in Alternative Markets, DIMVA 2014 (tool: AndRadar)
  • ANDRUBIS - 1,000,000 Apps Later: A View on Current Android Malware Behaviors, BADGERS 2014 (tool: Andrubis)
  • SherlockDroid: a Research Assistant to Spot Unknown Malware in Android Marketplaces, Journal of Computer Virology and Hacking Techniques 2015 (tool: SherlockDroid)
  • DroidSearch: A Tool for Scaling Android App Triage to Real-world App Stores, SAI 2015 (tool: DroidSearch)
  • Android Malware Development on Public Malware Scanning Platforms: A Large-scale Data-driven Study, IEEE BigData 2016 (tool: AMDHunter)
  • 50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System, USENIX Security 2019
  • A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape, USENIX Security 2019
  • An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications, USENIX Security 2019

Sandbox Evasion

  • Common Weakness of Android Malware Analysis Frameworks, NULL
  • BareDroid: Large-Scale Analysis of Android Apps on Real Devices, ACSAC 2015 (tool: BareDroid)

Android Ransomware

  • Heldroid: Fast and Efficient Linguistic-Based Ransomware Detection, UIC Master Disseration, 2015 (tool: Heldroid)

Financial App Analysis

  • DroydSeuss: A Mobile Banking Trojan Tracker, TechReport? 2014 (tool: DroydSeuss)
  • Mo (bile) money, mo (bile) problems: Analysis of branchless banking applications in the developing world. USENIX Security 2015
  • Security Report of Top 100 Mobile Banking Apps in APAC, AppKnox TechReport 2015
  • An Experimental Evaluation of Vulnerability of Branchless Banking Application in Android Environment, International Journal of Emerging Research in Management & Technology, 2016
  • Mobile money in the australasian region-a technical security perspective, International Conference on Applications and Techniques in Information Security 2016
  • Security Analysis of The Top 500 Global Ecommerce Mobile Apps in USA, AppKnox TechReport 2016
  • Let’stalkmoney: Evaluating the security challenges of mobile money in the developing world, Annual Symposium on Computing for Development 2016.
  • Repackaging Attack on Android Banking Applications and Its Countermeasures, Wireless Personal Communications 2016
  • Breaking Ad-hoc Runtime Integrity Protection Mechanisms in Android Financial Apps, AsiaCCS 2017 (tool: MERCIDroid)
  • Mo (bile) money, mo (bile) problems: analysis of branchless banking applications. ACM Transactions on Privacy and Security (TOPS) 2017
  • Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps, NDSS 2017
  • Forensic analysis and security assessment of Android m-banking apps, Australian Journal of Forensic Sciences 2018
  • DBank: Predictive Behavioral Analysis of Recent Android Banking Trojans, TDSC 2019 (tool: DBank)

Race Condition Analysis

  • Effective Race Detection for Event-Driven Programs, OOPSLA 2013 (tool: EventRacer)
  • Race Detection for Event-Driven Mobile Application, PLDI 2014 (tool: CAFA)
  • SdnRacer: Detecting Concurrency Violations in Software-Defined Networks, SOSR 2015 (tool: SdnRacer)
  • Scalable Race Detection in Android Applications, OOPSLA 2015
  • Automatically Verifying and Reproducing Event-based Races in Android Apps, ISSTA 2016 (tool: ERVA)
  • Efficient Race Detection in the Presence of Programmatic Event Loops, ISSTA 2016 (tool: SparseRacer)
  • Generating Test Cases to Expose Concurrency Bugs in Android Applications, ASE 2016 (tool: RacerDroid)
  • Stateless Model Checking with Data-Race Preemption Points, OOPSLA 2016 (tool: Quicksand)
  • Partial Order Reduction for Event-Driven Multi-threaded Programs, TACAS 2016
  • Precise and Maximal Race Detection from Incomplete Traces, OOPSLA 2016 (tool: RDIT)
  • RDIT: Race Detection from Incomplete Traces, FSE 2016 (tool: RDIT)

IoT Stuff

  • Analysis and Testing of Notifications in Android Wear Applications, ICSE 2017

Knowledge Mining

  • An Empirical Analysis of Bug Reports and Bug Fixing in Open Source Android Apps, CSMR 2013
  • Works For Me! Characterizing Non-reproducible Bug Reports, MSR 2014
  • A Cross-platform Analysis of Bugs and Bug-fixing in Open Source Projects: Desktop vs. Android vs. iOS, EASE 2015
  • An Empirical Study on Bug Reports of Android 3rd Party Libraries

Data & Code Protection

  • Understanding Users’ Requirements for Data Protection in Smartphones, ICDEW 2012
  • Code Protection in Android, MASTER Dissertation 2012
  • AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware, RAID 2015 (tool: AppSpear)
  • DexHunter: Toward Extracting Hidden Code from Packed Android Applications, ESORICS 2015 (tool: DexHunter)
  • Cashtags: Protecting the Input and Display of Sensitive Data, USENIX Security 2015 (tool: Cashtags)
  • SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps, USENIX Security 2015 (tool: SUPOR)
  • UIPicker: User-Input Privacy Identification in Mobile Applications, USENIX Security 2015 (tool: UIPicker)
  • AppShell: Making Data Protection Practical for Lost or Stolen Android Devices, NOMS 2016 (tool: AppShell)
  • SchrodinText: Strong Protection of Sensitive Textual Content of Mobile Applications, MobiSys 2017 (tool: SchrodinText)
  • UiRef: Analysis of Sensitive User Inputs in Android Applications, WiSec 2017 (tool: UiRef)
  • Using Hover to Compromise the Confidentiality of User Input on Android, WiSec 2017 (tool: Hoover)
  • Adaptive Unpacking of Android Apps, ICSE 2017
  • Android Code Protection via Obfuscation Techniques: Past, Present and Future Directions, arXiv 2017

Security Assessment of Android apps

  • Smv-hunter: Large scale, automated detection of ssl/tls man-in-the-middle vulnerabilities in android apps, NDSS 2014 (tool: SMV-Hunter)
  • Modelling analysis and auto-detection of cryptographic misuse in android applications, DASC 2014
  • Measuring the Insecurity of Mobile Deep Links of Android, USENIX Security 2017

Android Crash Analysis and Repair

  • Large-Scale Analysis of Framework-Specific Exceptions in Android Apps, ICSE 2018
  • Repairing Crashes in Android Apps, ICSE 2018

Classification of Obfuscated

  • DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware, CODASPY 2017

Data mining

  • A state‑of‑the‑art survey of malware detection approaches using data mining techniques, HCIS 2018,survey

Malware as a Language

  • Modeling Malware as a Language,(ICC 2018)

Application certification

  • On lightweight mobile phone application certification,CCS(2009)