{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,23]],"date-time":"2025-04-23T04:20:53Z","timestamp":1745382053896,"version":"3.40.4"},"publisher-location":"Berlin, Heidelberg","reference-count":32,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642353611"},{"type":"electronic","value":"9783642353628"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-35362-8_4","type":"book-chapter","created":{"date-parts":[[2012,11,30]],"date-time":"2012-11-30T03:55:47Z","timestamp":1354247747000},"page":"33-47","source":"Crossref","is-referenced-by-count":16,"title":["Detecting Control Flow in Smarphones: Combining Static and Dynamic Analyses"],"prefix":"10.1007","author":[{"given":"Mariem","family":"Graa","sequence":"first","affiliation":[]},{"given":"Nora","family":"Cuppens-Boulahia","sequence":"additional","affiliation":[]},{"given":"Fr\u00e9d\u00e9ric","family":"Cuppens","sequence":"additional","affiliation":[]},{"given":"Ana","family":"Cavalli","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"4_CR1","unstructured":"Android, http:\/\/www.android.com\/"},{"key":"4_CR2","unstructured":"APPLE, INC.: Apple store downloads top three billion (January 2010), http:\/\/www.apple.com\/pr\/library\/2010\/01\/05Apples-App-Store-Downloads-Top-Three-Billion.html"},{"key":"4_CR3","doi-asserted-by":"crossref","unstructured":"Beres, Y., Dalton, C.: Dynamic label binding at run-time. In: Proceedings of the 2003 Workshop on New Security Paradigms, pp. 39\u201346. ACM (2003)","DOI":"10.1145\/986655.986662"},{"key":"4_CR4","unstructured":"Brown, J., Knight Jr., T.: A minimal trusted computing base for dynamically ensuring secure information flow. Project Aries TM-015 (November 2001)"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Cheng, W., Zhao, Q., Yu, B., Hiroshige, S.: Tainttrace: Efficient flow tracing with dynamic binary rewriting. In: Proceedings of the 11th IEEE Symposium on ISCC 2006, pp. 749\u2013754. IEEE (2006)","DOI":"10.1109\/ISCC.2006.158"},{"issue":"6","key":"4_CR6","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MSP.2004.111","volume":"2","author":"B. Chess","year":"2004","unstructured":"Chess, B., McGraw, G.: Static analysis for security. IEEE Security & Privacy\u00a02(6), 76\u201379 (2004)","journal-title":"IEEE Security & Privacy"},{"issue":"5","key":"4_CR7","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1145\/360051.360056","volume":"19","author":"D. Denning","year":"1976","unstructured":"Denning, D.: A lattice model of secure information flow. Communications of the ACM\u00a019(5), 236\u2013243 (1976)","journal-title":"Communications of the ACM"},{"issue":"7","key":"4_CR8","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1145\/359636.359712","volume":"20","author":"D. Denning","year":"1977","unstructured":"Denning, D., Denning, P.: Certification of programs for secure information flow. Communications of the ACM\u00a020(7), 504\u2013513 (1977)","journal-title":"Communications of the ACM"},{"key":"4_CR9","unstructured":"Denning, D.: Secure information flow in computer systems. Ph.D. thesis, Purdue University (1975)"},{"key":"4_CR10","unstructured":"Derek Bruening, Q.Z.: Dynamorio: Dynamic instrumentation tool platform, http:\/\/dynamorio.org\/"},{"key":"4_CR11","unstructured":"Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 1\u20136. USENIX Association (2010)"},{"issue":"1","key":"4_CR12","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/52.976940","volume":"19","author":"D. Evans","year":"2002","unstructured":"Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Software\u00a019(1), 42\u201351 (2002)","journal-title":"IEEE Software"},{"key":"4_CR13","unstructured":"Fenton, J.: Information protection systems. Ph.D. thesis, University of Cambridge (1973)"},{"issue":"2","key":"4_CR14","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1093\/comjnl\/17.2.143","volume":"17","author":"J. Fenton","year":"1974","unstructured":"Fenton, J.: Memoryless subsystem. Computer Journal\u00a017(2), 143\u2013147 (1974)","journal-title":"Computer Journal"},{"key":"4_CR15","unstructured":"Gat, I., Saal, H.: Memoryless execution: a programmer\u2019s viewpoint. IBM tech. rep. 025, IBM Israeli Scientific Center (1975)"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"George, L., Viet Triem Tong, V., M\u00e9, L.: Blare tools: A policy-based intrusion detection system automatically set by the security policy. In: Recent Advances in Intrusion Detection, pp. 355\u2013356. Springer (2009)","DOI":"10.1007\/978-3-642-04342-0_22"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Haldar, V., Chandra, D., Franz, M.: Dynamic taint propagation for java. In: Proceedings of the 21st Annual Computer Security Applications Conference, pp. 303\u2013311. Citeseer (2005)","DOI":"10.1109\/CSAC.2005.21"},{"key":"4_CR18","unstructured":"Hauser, C., Tronel, F., Reid, J., Fidge, C.: A taint marking approach to confidentiality violation detection. In: Proceedings of the 10th Australasian Information Security Conference (AISC 2012), vol.\u00a0125. Australian Computer Society (2012)"},{"key":"4_CR19","volume-title":"Programming ruby: The pragmatic programmer\u2019s guide","author":"A. Hunt","year":"2000","unstructured":"Hunt, A., Thomas, D.: Programming ruby: The pragmatic programmer\u2019s guide, vol.\u00a02. Addison-Wesley Professional, New York (2000)"},{"key":"4_CR20","unstructured":"Kang, M., McCamant, S., Poosankam, P., Song, D.: Dta++: Dynamic taint analysis with targeted control-flow propagation. In: Proc. of the 18th Annual Network and Distributed System Security Symp., San Diego, CA (2011)"},{"issue":"4","key":"4_CR21","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1145\/161494.161501","volume":"1","author":"W. Landi","year":"1992","unstructured":"Landi, W.: Undecidability of static analysis. ACM Letters on Programming Languages and Systems (LOPLAS)\u00a01(4), 323\u2013337 (1992)","journal-title":"ACM Letters on Programming Languages and Systems (LOPLAS)"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Myers, A.: Jflow: Practical mostly-static information flow control. In: Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 228\u2013241. ACM (1999)","DOI":"10.1145\/292540.292561"},{"issue":"1","key":"4_CR23","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1016\/j.entcs.2007.10.010","volume":"197","author":"S. Nair","year":"2008","unstructured":"Nair, S., Simpson, P., Crispo, B., Tanenbaum, A.: A virtual machine based information flow control system for policy enforcement. Electronic Notes in Theoretical Computer Science\u00a0197(1), 3\u201316 (2008)","journal-title":"Electronic Notes in Theoretical Computer Science"},{"issue":"2","key":"4_CR24","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1016\/S1571-0661(04)81042-9","volume":"89","author":"N. Nethercote","year":"2003","unstructured":"Nethercote, N., Seward, J.: Valgrind: A program supervision framework. Electronic Notes in Theoretical Computer Science\u00a089(2), 44\u201366 (2003)","journal-title":"Electronic Notes in Theoretical Computer Science"},{"key":"4_CR25","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. Citeseer (2005)"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Qin, F., Wang, C., Li, Z., Kim, H., Zhou, Y., Wu, Y.: Lift: A low-overhead practical information flow tracking system for detecting security attacks. In: Proceedings of the 39th Annual IEEE\/ACM International Symposium on Microarchitecture, pp. 135\u2013148. IEEE Computer Society (2006)","DOI":"10.1109\/MICRO.2006.29"},{"issue":"1","key":"4_CR27","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/JSAC.2002.806121","volume":"21","author":"A. Sabelfeld","year":"2003","unstructured":"Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications\u00a021(1), 5\u201319 (2003)","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"4_CR28","unstructured":"Shankar, U., Talwar, K., Foster, J., Wagner, D.: Detecting format string vulnerabilities with type qaualifiers. In: Proceedings of the 10th Conference on USENIX Security Symposium, vol.\u00a010, p. 16. USENIX Association (2001)"},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D. Song","year":"2008","unstructured":"Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A New Approach to Computer Security via Binary Analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol.\u00a05352, pp. 1\u201325. Springer, Heidelberg (2008)"},{"key":"4_CR30","unstructured":"Wall, L., Christiansen, T., Orwant, J.: Programming perl. O\u2019Reilly Media (2000)"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 116\u2013127. ACM (2007)","DOI":"10.1145\/1315245.1315261"},{"key":"4_CR32","unstructured":"Zhang, X., Edwards, A., Jaeger, T.: Using cqual for static analysis of authorization hook placement. In: Proceedings of the 11th USENIX Security Symposium, pp. 33\u201348 (2002)"}],"container-title":["Lecture Notes in Computer Science","Cyberspace Safety and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-35362-8_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,23]],"date-time":"2025-04-23T00:18:21Z","timestamp":1745367501000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-35362-8_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642353611","9783642353628"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-35362-8_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}