{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T13:38:38Z","timestamp":1758807518344},"publisher-location":"Berlin, Heidelberg","reference-count":19,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642410970"},{"type":"electronic","value":"9783642410987"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-41098-7_5","type":"book-chapter","created":{"date-parts":[[2013,9,4]],"date-time":"2013-09-04T09:16:01Z","timestamp":1378286161000},"page":"65-81","source":"Crossref","is-referenced-by-count":20,"title":["MITHYS: Mind The Hand You Shake - Protecting Mobile Devices from SSL Usage Vulnerabilities"],"prefix":"10.1007","author":[{"given":"Mauro","family":"Conti","sequence":"first","affiliation":[]},{"given":"Nicola","family":"Dragoni","sequence":"additional","affiliation":[]},{"given":"Sebastiano","family":"Gottardo","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","unstructured":"Freier, P.K.A., Karlton, P.: The Secure Sockets Layer (SSL) Protocol Version 3.0 (2001), \n                    \n                      http:\/\/tools.ietf.org\/html\/rfc6101"},{"key":"5_CR2","unstructured":"Amazon.com, Inc. Amazon Elastic Compute Cloud (Amazon EC2), \n                    \n                      http:\/\/aws.amazon.com\/ec2\/"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Becher, M., Freiling, F., Hoffmann, J., Holz, T., Uellenbeck, S., Wolf, C.: Mobile security catching up? revealing the nuts and bolts of the security of mobile devices. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 96\u2013111 (2011)","DOI":"10.1109\/SP.2011.29"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Benton, K., Jo, J., Kim, Y.: Signaturecheck: a protocol to detect man-in-the-middle attack in ssl. In: Proceedings of CSIIRW 2011. ACM (2011)","DOI":"10.1145\/2179298.2179365"},{"key":"5_CR5","unstructured":"Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R.: Xmandroid: A new android evolution to mitigate privilege escalation attacks. Technische Universit\u00e4t Darmstadt, Technical Report TR-2011-04 (2011)"},{"key":"5_CR6","unstructured":"Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: Proceedings of NDSS 2012 (2012)"},{"issue":"5","key":"5_CR7","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1145\/1941487.1941504","volume":"54","author":"A. Charland","year":"2011","unstructured":"Charland, A., Leroux, B.: Mobile application development: web vs. native. Commun. ACM\u00a054(5), 49\u201353 (2011)","journal-title":"Commun. ACM"},{"key":"5_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1007\/978-3-642-18178-8_29","volume-title":"Information Security","author":"M. Conti","year":"2011","unstructured":"Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: Context-related policy enforcement for android. In: Burmester, M., Tsudik, G., Magliveras, S., Ili\u0107, I. (eds.) ISC 2010. LNCS, vol.\u00a06531, pp. 331\u2013345. Springer, Heidelberg (2011)"},{"key":"5_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1007\/978-3-642-18178-8_30","volume-title":"Information Security","author":"L. Davi","year":"2011","unstructured":"Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ili\u0107, I. (eds.) ISC 2010. LNCS, vol.\u00a06531, pp. 346\u2013360. Springer, Heidelberg (2011)"},{"key":"5_CR10","first-page":"50","volume-title":"Proceedings of CCS 2012","author":"S. Fahl","year":"2012","unstructured":"Fahl, S., Harbach, M., Muders, T., Baumg\u00e4rtner, L., Freisleben, B., Smith, M.: Why eve and mallory love android: an analysis of android ssl (in)security. In: Proceedings of CCS 2012, pp. 50\u201361. ACM, New York (2012)"},{"key":"5_CR11","first-page":"38","volume-title":"Proceedings of CCS 2012","author":"M. Georgiev","year":"2012","unstructured":"Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating ssl certificates in non-browser software. In: Proceedings of CCS 2012, pp. 38\u201349. ACM, New York (2012)"},{"key":"5_CR12","unstructured":"Google Inc. logcat, \n                    \n                      http:\/\/developer.android.com\/tools\/help\/logcat.html"},{"key":"5_CR13","unstructured":"Google Inc. monkeyrunner, \n                    \n                      http:\/\/developer.android.com\/tools\/help\/monkeyrunner_concepts.html"},{"key":"5_CR14","unstructured":"Path Inc. Path - We are sorry, \n                    \n                      http:\/\/blog.path.com\/post\/17274932484\/we-are-sorry"},{"key":"5_CR15","unstructured":"Russello, G., Conti, M., Crispo, B., Fernandes, E.: Moses: supporting operation modes on smartphones. In: Proceedings of SACMAT 2012, pp. 3\u201312. ACM (2012)"},{"issue":"2","key":"5_CR16","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/MSP.2010.2","volume":"8","author":"A. Shabtai","year":"2010","unstructured":"Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: A comprehensive security assessment. IEEE Security Privacy\u00a08(2), 35\u201344 (2010)","journal-title":"IEEE Security Privacy"},{"key":"5_CR17","doi-asserted-by":"crossref","unstructured":"Shetty, S., Song, M., Ma, L.: Rogue access point detection by analyzing network traffic characteristics. In: MILCOM 2007, pp. 1\u20137. IEEE (2007)","DOI":"10.1109\/MILCOM.2007.4455018"},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"Dierks, C.A.T.: The TLS Protocol Version 1.0 (1999), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc2246.txt","DOI":"10.17487\/rfc2246"},{"key":"5_CR19","unstructured":"Thampi, A.: Path uploads your entire iPhone address book to its servers, \n                    \n                      http:\/\/mclov.in\/2012\/02\/08\/path-uploads-your-entire-address-book-to-their-servers.html"}],"container-title":["Lecture Notes in Computer Science","Security and Trust Management"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-41098-7_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,16]],"date-time":"2019-05-16T21:47:58Z","timestamp":1558043278000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-41098-7_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642410970","9783642410987"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-41098-7_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}