Reference : Profiling Android Vulnerabilities
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/28093
Profiling Android Vulnerabilities
English
Jimenez, Matthieu mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Papadakis, Mike mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Bissyande, Tegawendé François D Assise mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Klein, Jacques mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC) >]
Aug-2016
2016 IEEE International Conference on Software Quality, Reliability and Security (QRS 2016)
IEEE Computer Society
222-229
Yes
No
International
978-1-5090-4127-5
2016 IEEE International Conference on Software Quality, Reliability and Security
from 01-08-2016 to 03-08-2016
Vienna
Austria
[en] Software Security ; Complexity ; Android ; Vulnerabilities ; Common Vulnerability Exposure
[en] In widely used mobile operating systems a single vulnerability can threaten the security and privacy of billions of users. Therefore, identifying vulnerabilities and fortifying software systems requires constant attention and effort. However, this is costly and it is almost impossible to analyse an entire code base. Thus, it is necessary to prioritize efforts towards the most likely vulnerable areas. A first step in identifying these areas is to profile vulnerabilities based on previously reported ones. To investigate this, we performed a manual analysis of Android vulnerabilities, as reported in the National Vulnerability Database for the period 2008 to 2014. In our analysis, we identified a comprehensive list of issues leading to Android vulnerabilities. We also point out characteristics of the locations where vulnerabilities reside, the complexity of these locations and the complexity to fix the vulnerabilities. To enable future research, we make available all of our data.
http://hdl.handle.net/10993/28093
10.1109/QRS.2016.34

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
ProfilingAndroidVulnerabilities.pdfAuthor preprint292.06 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.