ID | 60839 |
フルテキストURL | |
著者 |
Yu, Jing
Graduate School of Natural Science and Technology, Okayama University
Yamauchi, Toshihiro
Graduate School of Natural Science and Technology, Okayama University
ORCID
Kaken ID
publons
researchmap
|
抄録 | Android applications that using WebView can load and display web pages. Interaction with web pages allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal information in the device. To address these threats, we propose an access control on the security-sensitive APIs at the Java object level. The proposed access control uses static analysis to identify these security-sensitive APIs, detects threats at runtime, and notifies the user if threats are detected, thereby preventing attacks from web pages.
|
キーワード | Android
WebView
static analysis
access control
|
発行日 | 2015
|
出版物タイトル |
IEICE Transactions on Information and Systems
|
巻 | E98D巻
|
号 | 4号
|
出版者 | The Institute of Electronics, Information and Communication Engineers
|
開始ページ | 807
|
終了ページ | 811
|
ISSN | 1745-1361
|
資料タイプ |
学術雑誌論文
|
言語 |
英語
|
OAI-PMH Set |
岡山大学
|
著作権者 | © 2015 The Institute of Electronics, Information and Communication Engineers
|
論文のバージョン | publisher
|
DOI | |
Web of Science KeyUT | |
関連URL | isVersionOf https://doi.org/10.1587/transinf.2014ICL0001
|