[1] BUGIEL S, DAVI L, DMITRIENKO A, et al. Towards taming privilege-escalation attacks on Android[EB/OL].[2012-07-20]. http://www.trust.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/NDSS_2012_Towards_Taming_Privilege-Escalation_Attacks_on_Android.pdf.[2] DAVI L, DMITRIENKO A, SADEGHI A R, et al. Privilege escalation attacks on Android[C]// Proceedings of the 13th International Conference on Information Security. Berlin: Springer-Verlag, 2011:346-360.[3] ROMAN S, ZHANG K H, ZHOU X Y, et al. Soundcomber: A stealthy and context-aware sound trojan for smartphones[C/OL].[2011-05-15].http://www.isoc.org/isoc/conferen-ces/ndss/11/pdf/1_1.pdf.[4] KLEIDERMACHER D. Bringing security to Android-based devices[EB/OL]. [2010-10-22]. http://www. igmagazineonline.com/current/pdf/Pg56-58_IQ_32-Bringing_Security_to_Android-based_Devices.pdf.[5] NIGHTINGALE A, MIJAT R. Virtualization is coming to a platform near you[EB/OL]. [2011-10-11]. http://www.arm.com/files/pdf/System-MMU-Whitepaper-v8.0.pdf.[6] MATTHIAS L, STEFFEN L, LACKORZYNSKI A, et al. L4Android: A generic operating system framework for secure smartphones[C]// Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. New York:ACM,2011:39-50.[7] SHABTAI A, FLEDEL Y, ELOVICI Y. Securing Android-powered mobile devices using SELinux[J]. IEEE Security and Privacy, 2010, 8(3): 36-44.[8] 刘昌平,范明钰,王光卫,等. Android手机的轻量级访问控制[J]. 计算机应用研究,2010,27(7):2611-2613, 2628.[9] NAUMAN M, KHAN S, ZHANG X W. Apex: Extending Android permission model and enforcement with user-defined runtime constraints[C]// Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. New York: ACM, 2010: 328-332.[10] ENCK W, ONGTANG M,MCDANIEL P. On lightweight mobile phone application certification[C]// ACM Conference on Computer and Communications Security. New York: ACM, 2009: 235-245.[11] FELT A P, WANG H J, MOSHCHUK A, et al. Permission re-delegation: Attacks and defenses[C]// Proceedings of the 20th USENIX Security Symposium. Berkeley, CA:USENIX Association, 2011: 22-37.[12] ONGTANG M, MCLAUGHLIN S, ENCK W, et al. Semantically rich application-centric security in Android[J]. Security and Communication Networks, 2011, 5(6): 658-673.[13] DIETZ M, SHEKHAR S, PISETSKY Y, et al. QUIRE: light-weight provenance for smart phone operating systems[C]// Proceedings of the 20th USENIX Conference on Security. Berkeley, CA:USENIX Association,2011: 23-34.[14] ENCK W, OCTEAU D, MCDANIEL P, et al. A study of Android application security[C]// Proceedings of the 20th USENIX Conference on Security. Berkeley, CA:USENIX Association, 2011: 21-44.[15] CHIN E, FELT A P, GREENWOOD K, et al. Analyzing inter-application communication in Android[C]// Proceedings of the 9th International Conference on Mobile Systems, Applications, and Service. New York:ACM, 2011:239-252.[16] FUCHS A P, CHAUDHURI A, FOSTER J S. SCanDroid: Automated security certification of Android applications[J/OL].[2012-06-20]. http://www.cs.umd.edu/~avik/projects/scandroidascaa.pdf.[17] BUGIEL S, DAVI L, DMITRIENKO A, et al. XManDroid: A new Android evolution to mitigate privilege escalation attacks[R]. Darmstadt: Technische University Darmstadt, System Security Lab, 2011. |