Understanding and detecting overlay-based android malware at market scales
As a key UI feature of Android, overlay enables one app to draw over other apps by creating
an extra View layer on top of the host View. While greatly facilitating user interactions with …
an extra View layer on top of the host View. While greatly facilitating user interactions with …
Overlay-based android malware detection at market scales: systematically adapting to the new technological landscape
Android overlay enables one app to draw over other apps by creating an extra View layer
atop the host View, which nevertheless can be exploited by malicious apps (malware) to …
atop the host View, which nevertheless can be exploited by malicious apps (malware) to …
A Systematic Deconstruction of Human-Centric Privacy & Security Threats on Mobile Phones
Mobile phones are most likely the subject of targeted attacks, such as software exploits. The
resources needed to carry out such attacks are becoming increasingly available and, hence …
resources needed to carry out such attacks are becoming increasingly available and, hence …
Scan-and-pay on android is dangerous
Mobile payments have increased significantly in the recent years and one-to-one money
transfers are offered by a wide variety of smartphone applications. These applications …
transfers are offered by a wide variety of smartphone applications. These applications …
Privacy Leakage and Protection of InputConnection Interface in Android
CY Li, HY Wang, WC Wang… - IEEE Transactions on …, 2021 - ieeexplore.ieee.org
Leakage of user credentials has been a conventional security threat for mobile users. In this
work, we discover a new leakage threat caused by a vulnerability of the input method …
work, we discover a new leakage threat caused by a vulnerability of the input method …
[PDF][PDF] Using Context and Interactions to Verify User-Intended Network Requests.
Client-side malware can attack users by tampering with applications or user interfaces to
generate requests that users did not intend. We propose Verified Intention (VInt), which …
generate requests that users did not intend. We propose Verified Intention (VInt), which …