The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Combining Static Code Analysis and Machine Learning for Automatic Detection of Security Vulnerabilities in Mobile Apps
Abstract
Mobile devices have revolutionized many aspects of our lives. Without realizing it, we often run on them programs that access and transmit private information over the network. Integrity concerns arise when mobile applications use untrusted data as input to security-sensitive computations. Program-analysis tools for integrity and confidentiality enforcement have become a necessity. Static-analysis tools are particularly attractive because they do not require installing and executing the program, and have the potential of never missing any vulnerability. Nevertheless, such tools often have high false-positive rates. In order to reduce the number of false positives, static analysis has to be very precise, but this is in conflict with the analysis' performance and scalability, requiring a more refined model of the application. This chapter proposes Phoenix, a novel solution that combines static analysis with machine learning to identify programs exhibiting suspicious operations. This approach has been widely applied to mobile applications obtaining impressive results.
Related Content
|
Subhadip Kowar, Sneha Mukherjee, Shramana Ghosh.
© 2025.
26 pages.
|
|
C. V. Suresh Babu, Mala Raja Sekhar, A. Sachin, Bala Brindha.
© 2025.
26 pages.
|
|
A. D. N. Sarma.
© 2025.
32 pages.
|
|
Muhammad Usman Tariq.
© 2025.
26 pages.
|
|
Maaike Stoops, Pablo Alfonso Aguilar Calderón, Óscar Manuel Peña Bañuelos.
© 2025.
30 pages.
|
|
Pablo Alfonso Aguilar Calderón, José Alfonso Aguilar-Calderón, Dominik Morales-Silva, Carolina Tripp-Barba, Pedro Alfonso Aguilar-Calderón, Aníbal Zaldívar-Colado, Oscar Manuel Peña-Bañuelos.
© 2025.
30 pages.
|
|
Carlos Villarrubia, David Granada, Juan Manuel Vara.
© 2025.
34 pages.
|
|
|