{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T11:29:06Z","timestamp":1740137346694,"version":"3.37.3"},"reference-count":25,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,3,6]],"date-time":"2020-03-06T00:00:00Z","timestamp":1583452800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,3,6]],"date-time":"2020-03-06T00:00:00Z","timestamp":1583452800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"name":"European Commission under the Horizon 2020 Programme","award":["832735","832735"],"award-info":[{"award-number":["832735","832735"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2021,2]]},"DOI":"10.1007\/s10207-020-00491-x","type":"journal-article","created":{"date-parts":[[2020,3,9]],"date-time":"2020-03-09T13:30:42Z","timestamp":1583760642000},"page":"39-58","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Do not let Next-Intent Vulnerability be your next nightmare: type system-based approach to detect it in Android apps"],"prefix":"10.1007","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5208-124X","authenticated-orcid":false,"given":"Mohamed A.","family":"El-Zawawy","sequence":"first","affiliation":[]},{"given":"Eleonora","family":"Losiouk","sequence":"additional","affiliation":[]},{"given":"Mauro","family":"Conti","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,3,6]]},"reference":[{"key":"491_CR1","unstructured":"G DATA Blog: Some 343 new android malware samples every hour in 2017. https:\/\/www.gdatasoftware.com\/blog\/2018\/02\/30491-some-343-new-android-malware-samples-every-hour-in-2017. Accessed Mar 2019"},{"key":"491_CR2","unstructured":"\u00d6zkan, S.: CVE details: the ultimate security vulnerabilities datasource. https:\/\/www.cvedetails.com\/index.php. Accessed 4 2019"},{"issue":"1","key":"491_CR3","first-page":"21","volume":"52","author":"P Parnika","year":"2019","unstructured":"Parnika, P., Dutta, K.: A survey on various threats and current state of security in android platform. ACM Comput. Surv. 52(1), 21 (2019)","journal-title":"ACM Comput. Surv."},{"key":"491_CR4","doi-asserted-by":"crossref","unstructured":"Wang, R., Xing, L., FengWang, X., Chen, S.: Unauthorized origin crossing on mobile platforms: threats and mitigation. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 635\u2013646. ACM (2013)","DOI":"10.1145\/2508859.2516727"},{"key":"491_CR5","doi-asserted-by":"crossref","unstructured":"Tang, J., Cui, X., Zhao, Z., Guo, S., Xu, X., Hu, C., Ban, T., Mao, B.: Nivanalyzer: a tool for automatically detecting and verifying next-intent vulnerabilities in android apps. In: IEEE International Conference on Software Testing, Verification and Validation, pp. 492\u2013499 (2017)","DOI":"10.1109\/ICST.2017.56"},{"key":"491_CR6","doi-asserted-by":"crossref","unstructured":"Chin, E., Porter Felt, A., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239\u2013252. ACM (2011)","DOI":"10.1145\/1999995.2000018"},{"issue":"6","key":"491_CR7","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1145\/2666356.2594299","volume":"49","author":"S Arzt","year":"2014","unstructured":"Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. Acm Sigplan Not. 49(6), 259\u2013269 (2014)","journal-title":"Acm Sigplan Not."},{"issue":"2","key":"491_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 1\u201329 (2014)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"491_CR9","doi-asserted-by":"crossref","unstructured":"Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of android malware through static analysis. In: ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 576\u2013587 (2014)","DOI":"10.1145\/2635868.2635869"},{"key":"491_CR10","unstructured":"Android Developers: Developer guides: intents and intent filters. https:\/\/developer.android.com\/guide\/components\/intents-filters.html. Accessed in 2018"},{"key":"491_CR11","unstructured":"Desnos, A.: Android-androguard: a full python tool to play with android files (2011). https:\/\/github.com\/androguard\/androguard\/. Accessed in 2018"},{"key":"491_CR12","unstructured":"Configure an Android Device: Dalvik bytecode. https:\/\/source.android.com\/devices\/tech\/dalvik\/dalvik-bytecode. Accessed in 2019"},{"issue":"3","key":"491_CR13","first-page":"14","volume":"21","author":"F Wei","year":"2018","unstructured":"Wei, F., Roy, S., Ou, X.: Amandroid: a precise and general inter-component data flow analysis framework for security vetting of android apps. ACM Trans. Privacy Secur. (TOPS) 21(3), 14 (2018)","journal-title":"ACM Trans. Privacy Secur. (TOPS)"},{"key":"491_CR14","doi-asserted-by":"crossref","unstructured":"Xiong, B., Xiang, G., Du, T., He, J.S., Ji, S.: Static taint analysis method for intent injection vulnerability in android applications. In: International Symposium on Cyberspace Safety and Security, pp. 16\u201331 (2017)","DOI":"10.1007\/978-3-319-69471-9_2"},{"key":"491_CR15","doi-asserted-by":"crossref","unstructured":"Meng, X., Qian, K., Lo, D., Bhattachrya, P.: Detectors for intent ICC security vulnerability with android IDE. In: International Conference on Ubiquitous and Future Networks, pp. 355\u2013357 (2018)","DOI":"10.1109\/ICUFN.2018.8436802"},{"key":"491_CR16","doi-asserted-by":"crossref","unstructured":"Joshi, J., Parekh, C.: Android smartphone vulnerabilities: a survey. In: International Conference on Advances in Computing, Communication, and Automation, pp. 1\u20135 (2016)","DOI":"10.1109\/ICACCA.2016.7578857"},{"key":"491_CR17","doi-asserted-by":"crossref","unstructured":"Davi, L., Dmitrienko, A., Sadeghi, A., Winandy, M.: Privilege escalation attacks on android. In: International Conference on Information Security, pp. 346\u2013360 (2010)","DOI":"10.1007\/978-3-642-18178-8_30"},{"key":"491_CR18","doi-asserted-by":"crossref","unstructured":"Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: Chex: statically vetting android apps for component hijacking vulnerabilities. In: ACM Conference on Computer and Communications Security, pp. 229\u2013240 (2012)","DOI":"10.1145\/2382196.2382223"},{"key":"491_CR19","doi-asserted-by":"crossref","unstructured":"Li, L., Bartel, A., Bissyand\u00e9, T., Klein, J., Traon, Y., Arzt, S., Rasthofer, S., Bodden, E., Octeau, D., McDaniel, P.: Iccta: detecting inter-component privacy leaks in android apps. In: The 37th International Conference on Software Engineering-Volume 1, pp. 280\u2013291 . IEEE Press (2015)","DOI":"10.1109\/ICSE.2015.48"},{"key":"491_CR20","doi-asserted-by":"crossref","unstructured":"Zhang, M., Yin, H.: Appsealer: automatic generation of vulnerability-specific patches for preventing component hijacking attacks in android applications. IN: Network and Distributed System Security Symposium (2014)","DOI":"10.14722\/ndss.2014.23255"},{"key":"491_CR21","doi-asserted-by":"crossref","unstructured":"Ahmad, M., Costamagna, V., Crispo, B., Bergadano, F.: Teicc: targeted execution of inter-component communications in android. In: ACM Symposium on Applied Computing, pp. 1747\u20131752 (2017)","DOI":"10.1145\/3019612.3019797"},{"key":"491_CR22","doi-asserted-by":"crossref","unstructured":"Gallingani, D., Gjomemo, R., Venkatakrishnan, V., Zanero, S.: Practical exploit generation for intent message vulnerabilities in android. In: ACM Conference on Data and Application Security and Privacy, pp. 155\u2013157 (2015)","DOI":"10.1145\/2699026.2699132"},{"key":"491_CR23","doi-asserted-by":"crossref","unstructured":"Wu, S., Zhang, Y., Jin, B., Cao, W.: Practical static analysis of detecting intent-based permission leakage in android application. In: IEEE 17th International Conference on Communication Technology, pp. 1953\u20131957 (2017)","DOI":"10.1109\/ICCT.2017.8359970"},{"key":"491_CR24","doi-asserted-by":"crossref","unstructured":"Zhang, J., Yao, Y., Li, X., Xie, J., Wu, G.: An android vulnerability detection system. In: International Conference on Network and System Security, pp. 169\u2013183 (2017)","DOI":"10.1007\/978-3-319-64701-2_13"},{"issue":"2","key":"491_CR25","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/s10009-014-0303-8","volume":"17","author":"S Salva","year":"2015","unstructured":"Salva, S., Zafimiharisoa, S.: Apset, an android application security testing tool for detecting intent-based vulnerabilities. Int. J. Softw. Tools Technol. Transf. 17(2), 201\u2013221 (2015)","journal-title":"Int. J. Softw. Tools Technol. Transf."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-020-00491-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10207-020-00491-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-020-00491-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,3,6]],"date-time":"2021-03-06T00:32:36Z","timestamp":1614990756000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10207-020-00491-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,3,6]]},"references-count":25,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,2]]}},"alternative-id":["491"],"URL":"https:\/\/doi.org\/10.1007\/s10207-020-00491-x","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"type":"print","value":"1615-5262"},{"type":"electronic","value":"1615-5270"}],"subject":[],"published":{"date-parts":[[2020,3,6]]},"assertion":[{"value":"6 March 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}},{"value":"All authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}