Corpus ID: 19810277

Measuring the Insecurity of Mobile Deep Links of Android

@inproceedings{Liu2017MeasuringTI,
  title={Measuring the Insecurity of Mobile Deep Links of Android},
  author={F. Liu and C. Wang and Andres Pico and Danfeng Yao and G. Wang},
  booktitle={USENIX Security Symposium},
  year={2017}
}
  • F. Liu, C. Wang, +2 authors G. Wang
  • Published in USENIX Security Symposium 2017
  • Computer Science
  • Mobile deep links are URIs that point to specific locations within apps, which are instrumental to web-to-app communications. [...] Key Method Second, we identify a new vulnerability in App link’s preference setting, which allows a malicious app to intercept arbitrary HTTPS URLs in the browser without raising any alerts. Third, we identify more hijacking cases on App links than existing scheme URLs among both apps and websites. Many of them are targeting popular sites such as online social networks. Finally…Expand Abstract
    Aladdin: Automating Release of Deep-Link APIs on Android
    • 7
    • PDF
    Automated discovery of privacy violations on the web
    • 5
    • PDF
    Paying the Price for Disruption: How a FinTech Allowed Account Takeover
    • 4
    • PDF

    References

    Publications referenced by this paper.
    SHOWING 1-10 OF 50 REFERENCES
    TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
    • 2,757
    • PDF
    Analyzing inter-application communication in Android
    • 799
    • Highly Influential
    • PDF
    IccTA: Detecting Inter-Component Privacy Leaks in Android Apps
    • 419
    • PDF
    Privilege Escalation Attacks on Android
    • 436
    • PDF
    Do security toolbars actually prevent phishing attacks?
    • 554
    • PDF
    Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones
    • 416
    • PDF
    XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks
    • 263
    • PDF