Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Profiling Android Vulnerabilities
JIMENEZ, Matthieu; PAPADAKIS, Mike; BISSYANDE, Tegawendé François D Assise et al.
2016In 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS 2016)
Peer reviewed
 

Files


Full Text
ProfilingAndroidVulnerabilities.pdf
Author preprint (299.07 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Software Security; Complexity; Android; Vulnerabilities; Common Vulnerability Exposure
Abstract :
[en] In widely used mobile operating systems a single vulnerability can threaten the security and privacy of billions of users. Therefore, identifying vulnerabilities and fortifying software systems requires constant attention and effort. However, this is costly and it is almost impossible to analyse an entire code base. Thus, it is necessary to prioritize efforts towards the most likely vulnerable areas. A first step in identifying these areas is to profile vulnerabilities based on previously reported ones. To investigate this, we performed a manual analysis of Android vulnerabilities, as reported in the National Vulnerability Database for the period 2008 to 2014. In our analysis, we identified a comprehensive list of issues leading to Android vulnerabilities. We also point out characteristics of the locations where vulnerabilities reside, the complexity of these locations and the complexity to fix the vulnerabilities. To enable future research, we make available all of our data.
Disciplines :
Computer science
Author, co-author :
JIMENEZ, Matthieu  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
PAPADAKIS, Mike ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
BISSYANDE, Tegawendé François D Assise  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
KLEIN, Jacques ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
External co-authors :
no
Language :
English
Title :
Profiling Android Vulnerabilities
Publication date :
August 2016
Event name :
2016 IEEE International Conference on Software Quality, Reliability and Security
Event place :
Vienna, Austria
Event date :
from 01-08-2016 to 03-08-2016
Audience :
International
Main work title :
2016 IEEE International Conference on Software Quality, Reliability and Security (QRS 2016)
Publisher :
IEEE Computer Society
ISBN/EAN :
978-1-5090-4127-5
Pages :
222-229
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
Available on ORBilu :
since 02 August 2016

Statistics


Number of views
273 (24 by Unilu)
Number of downloads
818 (19 by Unilu)

Scopus citations®
 
25
Scopus citations®
without self-citations
23
WoS citations
 
16

Bibliography


Similar publications



Contact ORBilu