Jianjun Huang scite author profile

Android smartphones are becoming increasingly popular. The open nature of Android allows users to install miscellaneous applications, including the malicious ones, from third-party marketplaces without rigorous sanity checks. A large portion of existing malwares perform stealthy operations such as sending short messages, making phone calls and HTTP connections, and installing additional malicious components. In this paper, we propose a novel technique to detect such stealthy behavior. We model stealthy behavior as the program behavior that mismatches with user interface, which denotes the user's expectation of program behavior. We use static program analysis to attribute a top level function that is usually a user interaction function with the behavior it performs. Then we analyze the text extracted from the user interface component associated with the top level function. Semantic mismatch of the two indicates stealthy behavior. To evaluate AsDroid, we download a pool of 182 apps that are potentially problematic by looking at their permissions. Among the 182 apps, AsDroid reports stealthy behaviors in 113 apps, with 28 false positives and 11 false negatives.

show abstract

Enzyme-assisted extraction of flavonoids from Ginkgo biloba leaves: Improvement effect of flavonol transglycosylation catalyzed by Penicillium decumbens cellulase

Chen

Xing

Huang

et al. 2011

Enzyme and Microbial Technology

143

View full text Add to dashboard Cite

ProFuzzer: On-the-fly Input Type Probing for Better Zero-Day Vulnerability Discovery

You¹,

Wang

Ma³

et al. 2019

View full text Add to dashboard Cite

Existing mutation based fuzzers tend to randomly mutate the input of a program without understanding its underlying syntax and semantics. In this paper, we propose a novel onthe-fly probing technique (called ProFuzzer) that automatically recovers and understands input fields of critical importance to vulnerability discovery during a fuzzing process and intelligently adapts the mutation strategy to enhance the chance of hitting zero-day targets. Since such probing is transparently piggybacked to the regular fuzzing, no prior knowledge of the input specification is needed. During fuzzing, individual bytes are first mutated and their fuzzing results are automatically analyzed to link those related together and identify the type for the field connecting them; these bytes are further mutated together following typespecific strategies, which substantially prunes the search space. We define the probe types generally across all applications, thereby making our technique application agnostic. Our experiments on standard benchmarks and real-world applications show that ProFuzzer substantially outperforms AFL and its optimized version AFLFast, as well as other state-of-art fuzzers including VUzzer, Driller and QSYM. Within two months, it exposed 42 zero-days in 10 intensively tested programs, generating 30 CVEs.

show abstract

(101)-Exposed Anatase TiO₂ Nanosheets

Peng

Brohan

et al. 2008

Chem. Mater.

View full text Add to dashboard Cite

AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection

Aafer

Huang

Sun

et al. 2018

View full text Add to dashboard Cite

Abstract-The Android framework has raised increased security concerns with regards to its access control enforcement. Particularly, existing research efforts successfully demonstrate that framework security checks are not always consistent across appaccessible APIs. However, existing efforts fall short in addressing peculiarities that characterize the complex Android access control and the diversity introduced by the heavy vendor customization. In this paper, we develop a new analysis framework AceDroid that models Android access control in a path-sensitive manner and normalizes diverse checks to a canonical form. We applied our proposed modeling to perform inconsistency analysis for 12 images. Our tool proved to be quite effective, enabling to detect a significant number of inconsistencies introduced by various vendors and to suppress substantial false alarms. Through investigating the results, we uncovered high impact attacks enabling to write a key logger, send premium sms messages, bypass user restrictions, perform a major denial of services and other critical operations.

show abstract

IGF2-AS affects the prognosis and metastasis of gastric adenocarcinoma via acting as a ceRNA of miR-503 to regulate SHOX2

2019

View full text Add to dashboard Cite

Boosting charge separation and broadening NIR light response over defected WO3 quantum dots coupled g-C3N4 nanosheets for photocatalytic degrading antibiotics

Huang

Wang

Hao

et al. 2021

Chemical Engineering Journal

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jianjun Huang

Characterization of collagen gel solutions and collagen matrices for cell culture

AsDroid: detecting stealthy behaviors in Android applications by user interface and program behavior contradiction

Enzyme-assisted extraction of flavonoids from Ginkgo biloba leaves: Improvement effect of flavonol transglycosylation catalyzed by Penicillium decumbens cellulase

ProFuzzer: On-the-fly Input Type Probing for Better Zero-Day Vulnerability Discovery

(101)-Exposed Anatase TiO₂ Nanosheets

AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection

IGF2-AS affects the prognosis and metastasis of gastric adenocarcinoma via acting as a ceRNA of miR-503 to regulate SHOX2

Boosting charge separation and broadening NIR light response over defected WO3 quantum dots coupled g-C3N4 nanosheets for photocatalytic degrading antibiotics

Contact Info

Product

Resources

About

Jianjun Huang

Characterization of collagen gel solutions and collagen matrices for cell culture

AsDroid: detecting stealthy behaviors in Android applications by user interface and program behavior contradiction

Enzyme-assisted extraction of flavonoids from Ginkgo biloba leaves: Improvement effect of flavonol transglycosylation catalyzed by Penicillium decumbens cellulase

ProFuzzer: On-the-fly Input Type Probing for Better Zero-Day Vulnerability Discovery

(101)-Exposed Anatase TiO2 Nanosheets

AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection

IGF2-AS affects the prognosis and metastasis of gastric adenocarcinoma via acting as a ceRNA of miR-503 to regulate SHOX2

Boosting charge separation and broadening NIR light response over defected WO3 quantum dots coupled g-C3N4 nanosheets for photocatalytic degrading antibiotics

Contact Info

Product

Resources

About

(101)-Exposed Anatase TiO₂ Nanosheets