{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T19:23:38Z","timestamp":1757618618528,"version":"3.44.0"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031976223"},{"type":"electronic","value":"9783031976230"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-97623-0_7","type":"book-chapter","created":{"date-parts":[[2025,7,10]],"date-time":"2025-07-10T09:34:49Z","timestamp":1752140089000},"page":"103-123","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["More Than You Signed Up For: Exposing Gaps in\u00a0the\u00a0Validation of\u00a0Android\u2019s App Signing"],"prefix":"10.1007","author":[{"given":"Norah","family":"Ridley","sequence":"first","affiliation":[]},{"given":"Enrico","family":"Branca","sequence":"additional","affiliation":[]},{"given":"Natalia","family":"Stakhanova","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,10]]},"reference":[{"key":"7_CR1","unstructured":"Android: Android SDK platform tools (2023). https:\/\/developer.android.com\/tools#tools-build"},{"key":"7_CR2","unstructured":"Android: apksigner (2023). https:\/\/developer.android.com\/tools\/apksigner"},{"key":"7_CR3","unstructured":"Android: Android debug bridge (ADB) (2024). https:\/\/developer.android.com\/tools\/adb"},{"key":"7_CR4","unstructured":"Android: APK signature scheme v2 (2024). https:\/\/source.android.com\/docs\/security\/features\/apksigning\/v2"},{"key":"7_CR5","unstructured":"Android: APK signature scheme v4 (2024). https:\/\/source.android.com\/docs\/security\/features\/apksigning\/v4"},{"key":"7_CR6","unstructured":"Android: Application signing (2024). https:\/\/source.android.com\/docs\/security\/features\/apksigning"},{"issue":"1","key":"7_CR7","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1109\/TDSC.2018.2889486","volume":"18","author":"S Du","year":"2021","unstructured":"Du, S., Zhu, P., Hua, J., Qian, Z., Zhang, Z., Chen, X., Zhong, S.: An empirical analysis of hazardous uses of Android shared storage. IEEE Trans. Dependable Secure Comput. 18(1), 340\u2013355 (2021)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Fahl, S., Dechand, S., Perl, H., Fischer, F., Smrcek, J., Smith, M.: Hey, NSA: stay away from my market! future proofing app markets against powerful attackers. In: 2014 ACM CCS, pp. 1143\u20131155. ACM (2014)","DOI":"10.1145\/2660267.2660311"},{"key":"7_CR9","doi-asserted-by":"publisher","first-page":"1421","DOI":"10.1007\/s11277-013-1258-x","volume":"73","author":"JH Jung","year":"2013","unstructured":"Jung, J.H., Kim, J.Y., Lee, H.C., Yi, J.H.: Repackaging attack on Android banking applications and its countermeasures. Wireless Pers. Commun. 73, 1421\u20131437 (2013)","journal-title":"Wireless Pers. Commun."},{"key":"7_CR10","doi-asserted-by":"crossref","unstructured":"Kar, A., Stakhanova, N.: Exploiting Android browser. In: CANS, pp. 162\u2013185. Springer (2023)","DOI":"10.1007\/978-981-99-7563-1_8"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., Veen, V.V.D., Platzer, C.: ANDRUBIS \u2013 1,000,000 apps later: a view on current Android malware behaviors. In: BADGERS, pp. 3\u201317 (2014)","DOI":"10.1109\/BADGERS.2014.7"},{"key":"7_CR12","unstructured":"NVD: CVE-2013-4787 (2013). https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-4787"},{"key":"7_CR13","unstructured":"NVD: CVE-2017-13156 (2019). https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-13156"},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Poeplau, S., Fratantonio, Y., Bianchi, A., Kruegel, C., Vigna, G.: Execute this! Analyzing unsafe and malicious dynamic code loading in Android applications. In: NDSS, pp. 1\u201316 (2014)","DOI":"10.14722\/ndss.2014.23328"},{"key":"7_CR15","doi-asserted-by":"crossref","unstructured":"Ruggia, A., Possemato, A., Merlo, A., Nisi, D., Aonzo, S.: Android, notify me when it is time to go phishing. In: IEEE EuroS &P, pp. 1\u201317 (2023)","DOI":"10.1109\/EuroSP57164.2023.00010"},{"key":"7_CR16","doi-asserted-by":"crossref","unstructured":"Vidas, T., Christin, N.: Sweetening Android lemon markets: measuring and combating malware in application marketplaces. In: ACM CODASPY, pp. 197\u2013208. ACM (2013)","DOI":"10.1145\/2435349.2435378"},{"key":"7_CR17","unstructured":"Vidas, T., Votipka, D., Christin, N.: All your droid are belong to us: a survey of current Android attacks. In: WOOT, pp. 1\u201310. USENIX Association (2011)"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Wang, H., Liu, H., Xiao, X., Meng, G., Guo, Y.: Characterizing android app signing issues. In: IEEE\/ACM ASE, pp. 280\u2013292. IEEE Press (2019)","DOI":"10.1109\/ASE.2019.00035"},{"key":"7_CR19","unstructured":"Xu, H., Yao, M., Zhang, R., Dawoud, M.M., Park, J., Saltaformaggio, B.: DVa: extracting victims and abuse vectors from Android accessibility malware. In: USENIX, pp. 701\u2013718. USENIX Association (2024)"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Zhang, X., Ying, K., Aafer, Y., Qiu, Z., Du, W.: Life after app uninstallation: are the data still alive? Data residue attacks on android. In: NDSS, pp. 1\u201315 (2016)","DOI":"10.14722\/ndss.2016.23061"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: Characterization and evolution. In: IEEE S &P, pp. 95\u2013109 (2012)","DOI":"10.1109\/SP.2012.16"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-97623-0_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,7]],"date-time":"2025-09-07T01:43:57Z","timestamp":1757209437000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-97623-0_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031976223","9783031976230"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-97623-0_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"10 July 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Graz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Austria","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 July 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 July 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva.org\/dimva2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}