Journal
2015 IEEE TRUSTCOM/BIGDATASE/ISPA, VOL 1
Volume -, Issue -, Pages 1014-1021Publisher
IEEE
DOI: 10.1109/Trustcom.2015.477
Keywords
-
Categories
Funding
- National Science Council of Taiwan [NSC 102-2218-E-011-010 MY3, 102-2218-E-011-011 MY3]
Ask authors/readers for more resources
Smartphones have become more and more popular recently. There are many different smartphone systems, such as Android, iOS, etc. Based on HTML5, now developers can have a convenient framework to develop cross-platform HTML5-based mobile apps. Unfortunately, HTML5-based apps are also susceptible to cross-site scripting attacks like most web applications. Attackers can inject malicious scripts from many different injection channels. In this paper, we propose a new way to detect a known malicious script injected by using HTML5 text box input type along with document. getElementById(TagID). value. This new text box injection channel was not detected by other researchers so far because they only analyzed JavaScript APIs, but overlooked HTML files which captured text box input type information. Later, we applied this new method to a vulnerable app set with 8303 cases obtained from Google Play. We detected a total of 351 vulnerable apps with accuracy 99%, which included 347 detected also by other researchers as well as 4 extra vulnerable apps that belonged to this text box injection channel. We also implemented a Code Injection Attack detection tool named DroidCIA that automated the drawing of JavaScript API call graph and the combination of API with HTML information.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available