CHEX: statically vetting Android apps for component hijacking vulnerabilities

  title={CHEX: statically vetting Android apps for component hijacking vulnerabilities},
  author={Long Lu and Zhichun Li and Zhenyu Wu and Wenke Lee and Guofei Jiang},
  booktitle={ACM Conference on Computer and Communications Security},
An enormous number of apps have been developed for Android in recent years, making it one of the most popular mobile operating systems. However, the quality of the booming apps can be a concern [4]. Poorly engineered apps may contain security vulnerabilities that can severally undermine users' security and privacy. In this paper, we study a general category of vulnerabilities found in Android apps, namely the component hijacking vulnerabilities. Several types of previously reported app… CONTINUE READING
Highly Influential
This paper has highly influenced 66 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 690 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 375 extracted citations

Android Database Attacks Revisited

View 6 Excerpts
Highly Influenced

Android inter-app communication threats and detection techniques

Computers & Security • 2017
View 11 Excerpts
Highly Influenced

Vulnerable Implicit Service: A Revisit

ACM Conference on Computer and Communications Security • 2017
View 20 Excerpts
Highly Influenced

Android Application Security

SpringerBriefs in Computer Science • 2016
View 7 Excerpts
Method Support
Highly Influenced

Rethinking Permission Enforcement Mechanism on Mobile Systems

IEEE Transactions on Information Forensics and Security • 2016
View 8 Excerpts
Highly Influenced

StubDroid: Automatic Inference of Precise Data-Flow Summaries for the Android Framework

2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE) • 2016
View 5 Excerpts
Highly Influenced

690 Citations

Citations per Year
Semantic Scholar estimates that this publication has 690 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-5 of 5 references

Pixy: a static analysis tool for detecting Web application vulnerabilities

2006 IEEE Symposium on Security and Privacy (S&P'06) • 2006
View 4 Excerpts
Highly Influenced

A study of android application security

USENIX Security Symposium • 2011
View 3 Excerpts
Highly Influenced

Interprocedural Slicing Using Dependence Graphs

ACM Trans. Program. Lang. Syst. • 1990
View 3 Excerpts
Highly Influenced