@inproceedings{7befb01d8853455e830ab73edd803d73,
title = "SoProtector: securing native C/C++ libraries for mobile applications",
abstract = "Java code is easy to be decompiled, and third-party SO files are used frequently by developers to improve development efficiency. Therefore, more and more core functions of Android applications are implemented in the native layer. However, there is neither comprehensive security research work nor automated security analysis tools on Android native layer, especially for third-party SO files that are dynamically loaded within the applications. To solve this problem, SoProtector, a novel and effective system is proposed to defend against the privacy leaks, which mainly analyzes the data stream between two levels: application and Native layers. In addition, SoProtector includes a real-time monitor to detect malicious functions in binary code. Our evaluation using 3400 applications has demonstrated that SoProtector can detect more sources, sinks and smudges than most static analysis tools; And it detects and effectively blocks more than 82% of applications that dynamically load malicious third-party SO files with low performance overhead.",
keywords = "Android, Mobile privacy, Mobile security, Native C/C++ libraries",
author = "Ning Zhang and Guangquan Xu and Guozhu Meng and Xi Zheng",
year = "2018",
month = jan,
day = "1",
doi = "10.1007/978-3-030-05057-3_32",
language = "English",
isbn = "9783030050566",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-VDI-Verlag GmbH & Co. KG",
pages = "417--431",
editor = "Jaideep Vaidya and Jin Li",
booktitle = "Algorithms and Architectures for Parallel Processing",
address = "Germany",
note = "18th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2018 ; Conference date: 15-11-2018 Through 17-11-2018",
}