DroidCIA: A Novel Detection Method of Code Injection Attacks on HTML5-Based Mobile Apps

  title={DroidCIA: A Novel Detection Method of Code Injection Attacks on HTML5-Based Mobile Apps},
  author={Yen-Lin Chen and Hahn-Ming Lee and Albert B. Jeng and Te-En Wei},
  journal={2015 IEEE Trustcom/BigDataSE/ISPA},
Smartphones have become more and more popular recently. There are many different smartphone systems, such as Android, iOS, etc. Based on HTML5, now developers can have a convenient framework to develop cross-platform HTML5- based mobile apps. Unfortunately, HTML5-based apps are also susceptible to cross-site scripting attacks like most web applications. Attackers can inject malicious scripts from many different injection channels. In this paper, we propose a new way to detect a known malicious… CONTINUE READING


Publications citing this paper.
Showing 1-9 of 9 extracted citations

Scan Code Injection Flaws in HTML5-Based Mobile Applications

2018 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW) • 2018
View 9 Excerpts
Highly Influenced

Let me Join Two Worlds! Analyzing the Integration of Web and Native Technologies in Hybrid Mobile Apps

2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) • 2018
View 2 Excerpts

Evaluation of mobile vulnerabilities in terms of corporate information security

2017 International Conference on Computer Science and Engineering (UBMK) • 2017
View 1 Excerpt


Publications referenced by this paper.
Showing 1-10 of 13 references

Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation

ACM Conference on Computer and Communications Security • 2014
View 13 Excerpts
Highly Influenced

Access Control to Prevent Attacks Exploiting Vulnerabilities of WebView in Android OS

2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing • 2013
View 1 Excerpt

Efficient construction of approximate call graphs for JavaScript IDE services

2013 35th International Conference on Software Engineering (ICSE) • 2013
View 1 Excerpt

Unauthorized origin crossing on mobile platforms: threats and mitigation

ACM Conference on Computer and Communications Security • 2013
View 1 Excerpt

Similar Papers

Loading similar papers…