{"id":"https://openalex.org/W2603277549","doi":"https://doi.org/10.1145/3052973.3053018","title":"Breaking Ad-hoc Runtime Integrity Protection Mechanisms in Android Financial Apps","display_name":"Breaking Ad-hoc Runtime Integrity Protection Mechanisms in Android Financial Apps","publication_year":2017,"publication_date":"2017-03-31","ids":{"openalex":"https://openalex.org/W2603277549","doi":"https://doi.org/10.1145/3052973.3053018","mag":"2603277549"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3052973.3053018","pdf_url":null,"source":{"id":"https://openalex.org/S4363609011","display_name":"Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100387018","display_name":"Taehun Kim","orcid":"https://orcid.org/0000-0002-8869-892X"},"institutions":[{"id":"https://openalex.org/I139264467","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542","country_code":"KR","type":"education","lineage":["https://openalex.org/I139264467"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Taehun Kim","raw_affiliation_strings":["Seoul National University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Seoul National University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I139264467"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072880323","display_name":"Hyeonmin Ha","orcid":null},"institutions":[{"id":"https://openalex.org/I139264467","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542","country_code":"KR","type":"education","lineage":["https://openalex.org/I139264467"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Hyeonmin Ha","raw_affiliation_strings":["Seoul National University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Seoul National University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I139264467"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010213027","display_name":"Seoyoon Choi","orcid":null},"institutions":[],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Seoyoon Choi","raw_affiliation_strings":["SAP Labs, Korea, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"SAP Labs, Korea, Seoul, Republic of Korea","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066707136","display_name":"Jaeyeon Jung","orcid":"https://orcid.org/0000-0002-9294-2948"},"institutions":[{"id":"https://openalex.org/I2250650973","display_name":"Samsung (South Korea)","ror":"https://ror.org/04w3jy968","country_code":"KR","type":"company","lineage":["https://openalex.org/I2250650973"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Jaeyeon Jung","raw_affiliation_strings":["Samsung Electronics, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Samsung Electronics, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I2250650973"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083084972","display_name":"Byung-Gon Chun","orcid":"https://orcid.org/0000-0002-9863-7186"},"institutions":[{"id":"https://openalex.org/I139264467","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542","country_code":"KR","type":"education","lineage":["https://openalex.org/I139264467"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Byung-Gon Chun","raw_affiliation_strings":["Seoul National University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Seoul National University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I139264467"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.617,"has_fulltext":true,"fulltext_origin":"ngrams","cited_by_count":12,"citation_normalized_percentile":{"value":0.731417,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":87,"max":88},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.993,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9823,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.47729838},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.42859936}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.85271955},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8201933},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.60853064},{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.47729838},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.4400782},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.42859936},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.32924893},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2462332},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.10243258},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3052973.3053018","pdf_url":null,"source":{"id":"https://openalex.org/S4363609011","display_name":"Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, justice, and strong institutions","score":0.74,"id":"https://metadata.un.org/sdg/16"}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":27,"referenced_works":["https://openalex.org/W1437814062","https://openalex.org/W1438616768","https://openalex.org/W1464836909","https://openalex.org/W1542792105","https://openalex.org/W1865564993","https://openalex.org/W1912565424","https://openalex.org/W1973548319","https://openalex.org/W1985752637","https://openalex.org/W1987221145","https://openalex.org/W1994588724","https://openalex.org/W2008810193","https://openalex.org/W2050053627","https://openalex.org/W2060692877","https://openalex.org/W2061075220","https://openalex.org/W2079224655","https://openalex.org/W2103370348","https://openalex.org/W2113115074","https://openalex.org/W2114275288","https://openalex.org/W2116669623","https://openalex.org/W2125011234","https://openalex.org/W2145994642","https://openalex.org/W2160353010","https://openalex.org/W2166743230","https://openalex.org/W2175259180","https://openalex.org/W3020113666","https://openalex.org/W3136699861","https://openalex.org/W81879861"],"related_works":["https://openalex.org/W3045828559","https://openalex.org/W2942010890","https://openalex.org/W2898697275","https://openalex.org/W2887633424","https://openalex.org/W2796028780","https://openalex.org/W2734812495","https://openalex.org/W2404825107","https://openalex.org/W2290452149","https://openalex.org/W2060629665","https://openalex.org/W1565885216"],"abstract_inverted_index":{"To":[0,99],"protect":[1],"customers'":[2],"sensitive":[3],"information,":[4],"many":[5,189],"mobile":[6],"financial":[7,43],"applications":[8],"include":[9],"steps":[10],"to":[11,25,58,118,128,144],"probe":[12],"the":[13,21,33,47,101,106,109,183,206,214],"runtime":[14,91],"environment":[15,22],"and":[16,70,114,122,125,171],"abort":[17],"their":[18,66,197],"execution":[19],"if":[20],"is":[23],"deemed":[24],"have":[26],"been":[27],"tampered":[28],"with.":[29],"This":[30],"paper":[31],"investigates":[32],"security":[34,194,209],"of":[35,49,65,94,135,164,174,205,216],"such":[36],"self-defense":[37,86,147,159,184,198],"mechanisms":[38,160],"used":[39,117,127],"in":[40,46,153,161],"76":[41,136],"popular":[42],"Android":[44,61],"apps":[45,62,137,166,176,190],"Republic":[48],"Korea.":[50],"Our":[51,133,211],"investigation":[52],"found":[53,187],"that":[54,139,167,177,188],"existing":[55],"tools":[56],"fail":[57],"analyze":[59],"these":[60],"effectively":[63],"because":[64],"highly":[67],"obfuscated":[68],"code":[69],"complex,":[71],"non-traditional":[72],"control":[73],"flows.":[74],"We":[75,156],"overcome":[76],"this":[77],"challenge":[78],"by":[79],"extracting":[80],"a":[81,85,89,95,146,150,217],"call":[82,102],"graph":[83,152],"with":[84],"mechanism,":[87],"from":[88],"detailed":[90],"trace":[92],"record":[93],"target":[96],"app's":[97,131],"execution.":[98,132],"generate":[100],"graph,":[103],"we":[104,140,186,201],"identify":[105],"causality":[107,151],"between":[108],"system":[110,115],"APIs":[111,113],"(Android":[112],"calls)":[116],"check":[119,168,178],"device":[120,169],"rooting":[121,170],"app":[123,179],"integrity,":[124],"those":[126],"stop":[129],"an":[130],"analysis":[134],"shows":[138],"can":[141],"pinpoint":[142],"methods":[143],"bypass":[145],"mechanism":[148],"using":[149],"most":[154],"cases.":[155],"successfully":[157],"bypassed":[158],"67":[162],"out":[163,173],"73":[165],"39":[172],"44":[175],"integrity.":[180],"While":[181],"analyzing":[182],"mechanisms,":[185],"rely":[191],"on":[192],"third-party":[193],"libraries":[195],"for":[196,220],"mechanisms.":[199],"Thus":[200],"present":[202],"in-depth":[203],"studies":[204],"top":[207],"five":[208],"libraries.":[210],"results":[212],"demonstrate":[213],"necessity":[215],"platform-level":[218],"solution":[219],"integrity":[221],"checks.":[222]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W2603277549","counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2}],"updated_date":"2024-12-07T12:57:24.707970","created_date":"2017-04-07"}