このエントリーをはてなブックマークに追加
ID 60837
FullText URL
Author
Yu, Jing Graduate School of Natural Science and Technology, Okayama University
Yamauchi, Toshihiro Graduate School of Natural Science and Technology, Okayama University ORCID Kaken ID publons researchmap
Abstract
Android applications that using WebView can load and display web pages. Furthermore, by using the APIs provided in WebView, Android applications can interact with web pages. The interaction allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose a method that performs access control on the security-sensitive APIs at the Java object level. The proposed method uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages.
Keywords
Java
Androids
Humanoid robots
Web pages
Smart phones
Assembly
Browsers
Note
Published in: 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing
Published Date
2013
Publication Title
2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing
Publisher
IEEE
Start Page
1628
End Page
1633
ISBN
978-0-7695-5088-6
Content Type
Conference Paper
Official Url
https://ieeexplore.ieee.org/document/6832111
language
英語
File Version
author
DOI
Web of Science KeyUT