A multi-party, fine-grained permission and policy enforcement framework for hybrid mobile applications

Phung, Phu H.; Reddy, Rakesh Sunkaralakunta Venkatarama; Cap, Steven; Pierce, Anthony; Mohanty, Abhinav; Sridhar, Meera

doi:10.3233/jcs-191350

Cited by 2 publications

(2 citation statements)

References 48 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Table 3 represents the results of the predicted vulnerable components of classes. The results have been characterized into the following five sections: type of prediction features used, the foundation of the vulnerability data, the kind of prediction technique, the applications used for the validation, and the available performance meters [19], [42]. For the training data collection, we use the 0.7.6 variant of the FBReader and the SVM vector machine to construct the model for predicting the vulnerable classes and components.…”

Section: Resultsmentioning

confidence: 99%

“…When an API invocation is received it will be tested by the stateful policies within a policy manager acting as a monitor. If the API invocation is permitted, then access will be granted as elucidated in Figure 7 [42]. The HybridGuard framework can be useful for developers in the creation of access control policies and metrics to assess security by recording instances of unauthorized access, what data was trying to be accessed, and data exposure by authorized API invocations.…”

Section: Metrics For Access Control Securitymentioning

confidence: 99%

See 1 more Smart Citation

An investigation study for risk calculation of security vulnerabilities on android applications

Abdullah

Abualkishik

Isaacc

et al. 2022

IJEECS

View full text Add to dashboard Cite

Applications within mobile devices, although useful and entertaining, come with security risks to private information stored within the device such as name, address, and date of birth. Standards, frameworks, models, and metrics have been proposed and implemented to combat these security vulnerabilities, but they remain to persist today. In this review, we discuss the risk calculation of android applications which is used to determine the overall security of an application. Besides, we also present and discuss the permission-based access control models that can be used to evaluate application access to user data. The study also focuses on examining the predictive analysis of security risks using machine learning. We conduct a comprehensive review of the leading studies accomplished on investigating the vulnerabilities of the applications for the Android mobile platform. The review examines various well-known vulnerabilities prediction models and highlights the sources of the vulnerabilities, prediction technique, applications and the performance of these models. Some models and frameworks prove to be promising but there is still much more research needed to be done regarding security for Android applications.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Metrics For Access Control Securitymentioning

confidence: 99%