{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:17:14Z","timestamp":1750306634580,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,6,4]],"date-time":"2014-06-04T00:00:00Z","timestamp":1401840000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N000141310102"],"award-info":[{"award-number":["N000141310102"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,6,4]]},"DOI":"10.1145\/2590296.2590335","type":"proceedings-article","created":{"date-parts":[[2014,5,30]],"date-time":"2014-05-30T18:18:31Z","timestamp":1401473911000},"page":"459-470","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["VirtualSwindle"],"prefix":"10.1145","author":[{"given":"Collin","family":"Mulliner","sequence":"first","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}]},{"given":"William","family":"Robertson","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA, USA"}]}],"member":"320","published-online":{"date-parts":[[2014,6,4]]},"reference":[{"unstructured":"Apktool Developers. android-apktool - A tool for reverse engineering Android apk files. http:\/\/code.google.com\/p\/android-apktool\/ November 2012.  Apktool Developers. android-apktool - A tool for reverse engineering Android apk files. http:\/\/code.google.com\/p\/android-apktool\/ November 2012.","key":"e_1_3_2_1_1_1"},{"key":"e_1_3_2_1_2_1","volume-title":"17th ISOC Network and Distributed System Security Symposium (NDSS)","author":"Bethea D.","year":"2010","unstructured":"Bethea , D. , Cochran , R. A. , and Reiter , M. K . Server-side verification of client behavior in online games . In 17th ISOC Network and Distributed System Security Symposium (NDSS) ( 2010 ). Bethea, D., Cochran, R. A., and Reiter, M. K. Server-side verification of client behavior in online games. In 17th ISOC Network and Distributed System Security Symposium (NDSS) (2010)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_3_1","DOI":"10.1109\/SP.2011.28"},{"key":"e_1_3_2_1_4_1","volume-title":"November","author":"Chainfire SU.","year":"2012","unstructured":"Chainfire . Super SU. https:\/\/play.google.com\/store\/apps\/details?id=eu.chainfire.supersu&hl=en , November 2012 . Chainfire. SuperSU. https:\/\/play.google.com\/store\/apps\/details?id=eu.chainfire.supersu&hl=en, November 2012."},{"unstructured":"Clowes S. injectso - Modifying and Spying on running processes under Linux and Solaris. http:\/\/www.blackhat.com\/presentations\/bh-europe-01\/shaun-clowes\/bh-europe-01-clowes.ppt 2001.  Clowes S. injectso - Modifying and Spying on running processes under Linux and Solaris. http:\/\/www.blackhat.com\/presentations\/bh-europe-01\/shaun-clowes\/bh-europe-01-clowes.ppt 2001.","key":"e_1_3_2_1_5_1"},{"key":"e_1_3_2_1_6_1","volume-title":"November","author":"ShortFuse","year":"2012","unstructured":"CL ShortFuse . SuperOneClick. http:\/\/forum.xda-developers.com\/showthread.php?t=803682 , November 2012 . CLShortFuse. SuperOneClick. http:\/\/forum.xda-developers.com\/showthread.php?t=803682, November 2012."},{"key":"e_1_3_2_1_7_1","volume-title":"November","author":"CyanogenMod Developers","year":"2012","unstructured":"CyanogenMod Developers . CyanogenMod. http:\/\/www.cyanogenmod.org\/ , November 2012 . CyanogenMod Developers. CyanogenMod. http:\/\/www.cyanogenmod.org\/, November 2012."},{"key":"e_1_3_2_1_8_1","volume-title":"I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications. In Workshop on Mobile Security Technologies (MoST) (May","author":"Davis B.","year":"2012","unstructured":"Davis , B. , Sanders , B. , Khodaverdian , A. , and Chen , H . I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications. In Workshop on Mobile Security Technologies (MoST) (May 2012 ). Davis, B., Sanders, B., Khodaverdian, A., and Chen, H. I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications. In Workshop on Mobile Security Technologies (MoST) (May 2012)."},{"key":"e_1_3_2_1_9_1","volume-title":"Network and Distirbuted Systems Security Symposium (NDSS) (2","author":"Egele M.","year":"2011","unstructured":"Egele , M. , Kruegel , C. , Kirda , E. , and Vigna , G . PiOS: Detecting Privacy Leaks in iOS Applications . In Network and Distirbuted Systems Security Symposium (NDSS) (2 2011 ). Egele, M., Kruegel, C., Kirda, E., and Vigna, G. PiOS: Detecting Privacy Leaks in iOS Applications. In Network and Distirbuted Systems Security Symposium (NDSS) (2 2011)."},{"key":"e_1_3_2_1_10_1","volume-title":"TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Symposium on Operating Systems Design and Implementation (OSDI)","author":"Enck W.","year":"2010","unstructured":"Enck , W. , Gilbert , P. , Chun , B. , Cox , L. P. , Jung , J. , McDaniel , P. , and Sheth , A. N . TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Symposium on Operating Systems Design and Implementation (OSDI) ( 2010 ). Enck, W., Gilbert, P., Chun, B., Cox, L. P., Jung, J., McDaniel, P., and Sheth, A. N. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Symposium on Operating Systems Design and Implementation (OSDI) (2010)."},{"unstructured":"Freeman J. Cydia Substrate for Android. http:\/\/www.cydiasubstrate.com\/.  Freeman J. Cydia Substrate for Android. http:\/\/www.cydiasubstrate.com\/.","key":"e_1_3_2_1_11_1"},{"key":"e_1_3_2_1_12_1","volume-title":"November","author":"Google","year":"2012","unstructured":"Google . In-app Billing. http:\/\/developer.android.com\/guide\/google\/play\/billing\/ , November 2012 . Google. In-app Billing. http:\/\/developer.android.com\/guide\/google\/play\/billing\/, November 2012."},{"unstructured":"Google. In-app Billing Security and Design. http:\/\/developer.android.com\/guide\/google\/play\/billing\/billing_best_practices.html November 2012.  Google. In-app Billing Security and Design. http:\/\/developer.android.com\/guide\/google\/play\/billing\/billing_best_practices.html November 2012.","key":"e_1_3_2_1_13_1"},{"key":"e_1_3_2_1_14_1","volume-title":"November","author":"Unlock Bootloader","year":"2012","unstructured":"HTC. Unlock Bootloader . http:\/\/htcdev.com\/bootloader\/ , November 2012 . HTC. Unlock Bootloader. http:\/\/htcdev.com\/bootloader\/, November 2012."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_15_1","DOI":"10.1109\/MSP.2009.78"},{"unstructured":"Oracle. The Reflection API. http:\/\/docs.oracle.com\/javase\/tutorial\/reflect\/index.html November 2012.  Oracle. The Reflection API. http:\/\/docs.oracle.com\/javase\/tutorial\/reflect\/index.html November 2012.","key":"e_1_3_2_1_16_1"},{"key":"e_1_3_2_1_17_1","volume-title":"USENIX Security Symposium","author":"Petroni N.","year":"2006","unstructured":"Petroni Jr , N. , Fraser , T. , Walters , A. , and Arbaugh , W . An architecture for specification-based detection of semantic integrity violations in kernel dynamic data . In USENIX Security Symposium ( 2006 ). Petroni Jr, N., Fraser, T., Walters, A., and Arbaugh, W. An architecture for specification-based detection of semantic integrity violations in kernel dynamic data. In USENIX Security Symposium (2006)."},{"key":"e_1_3_2_1_18_1","volume-title":"ISOC Network and Distributed System Security Symposium (NDSS) (February","author":"Reynaud D.","year":"2012","unstructured":"Reynaud , D. , Song , D. , Tom Magrino , E. W. , and Shin , R . POSTER: FreeMarket: Shopping for free in Android applications . In ISOC Network and Distributed System Security Symposium (NDSS) (February 2012 ). Reynaud, D., Song, D., Tom Magrino, E. W., and Shin, R. POSTER: FreeMarket: Shopping for free in Android applications. In ISOC Network and Distributed System Security Symposium (NDSS) (February 2012)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1145\/1095810.1095812"},{"key":"e_1_3_2_1_20_1","volume-title":"Informatica","author":"Spalka A.","year":"2002","unstructured":"Spalka , A. , Cremers , A. , and Langweg , H . Trojan Horse Attacks on Software for Electronic Signatures . In Informatica ( 2002 ). Spalka, A., Cremers, A., and Langweg, H. Trojan Horse Attacks on Software for Electronic Signatures. In Informatica (2002)."},{"unstructured":"T. Stracener and E. A. Smith and S. Barnum. So Many Ways to Slap a Yo-Ho: Hacking Facebook and YoVille. http:\/\/www.defcon.org\/images\/defcon-18\/dc-18-presentations\/Stracener-Smith-Barnum\/DEFCON-18-Stracener-Smith-Barnum-So-Many-Ways.pdf August 2010.  T. Stracener and E. A. Smith and S. Barnum. So Many Ways to Slap a Yo-Ho: Hacking Facebook and YoVille. http:\/\/www.defcon.org\/images\/defcon-18\/dc-18-presentations\/Stracener-Smith-Barnum\/DEFCON-18-Stracener-Smith-Barnum-So-Many-Ways.pdf August 2010.","key":"e_1_3_2_1_21_1"},{"unstructured":"Vollmer R. Xposed. http:\/\/repo.xposed.info\/.  Vollmer R. Xposed. http:\/\/repo.xposed.info\/.","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","first-page":"15","volume-title":"USENIX Annual Technical Conference, FREENIX Track","author":"Watson R. N. M.","year":"2001","unstructured":"Watson , R. N. M. Trusted BSD : Adding Trusted Operating System Features to FreeBSD . In USENIX Annual Technical Conference, FREENIX Track ( 2001 ), pp. 15 -- 28 . Watson, R. N. M. TrustedBSD: Adding Trusted Operating System Features to FreeBSD. In USENIX Annual Technical Conference, FREENIX Track (2001), pp. 15--28."},{"key":"e_1_3_2_1_24_1","volume-title":"Aurasium: Practical Policy Enforcement for Android Applications. In USENIX Security Symposium (August","author":"Xu R.","year":"2012","unstructured":"Xu , R. , Saidi , H. , and Anderson , R . Aurasium: Practical Policy Enforcement for Android Applications. In USENIX Security Symposium (August 2012 ). Xu, R., Saidi, H., and Anderson, R. Aurasium: Practical Policy Enforcement for Android Applications. In USENIX Security Symposium (August 2012)."},{"key":"e_1_3_2_1_25_1","volume-title":"DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In USENIX Security Symposium (August","author":"Yan L. K.","year":"2012","unstructured":"Yan , L. K. , and Yin , H . DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In USENIX Security Symposium (August 2012 ). Yan, L. K., and Yin, H. DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In USENIX Security Symposium (August 2012)."},{"unstructured":"ZonD80. Getting started to receive your in-app for free on iOS. http:\/\/system.in-appstore.com\/ Ocrober 2012.  ZonD80. Getting started to receive your in-app for free on iOS. http:\/\/system.in-appstore.com\/ Ocrober 2012.","key":"e_1_3_2_1_26_1"}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"ASIA CCS '14","name":"ASIA CCS '14: 9th ACM Symposium on Information, Computer and Communications Security","location":"Kyoto Japan"},"container-title":["Proceedings of the 9th ACM symposium on Information, computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2590296.2590335","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2590296.2590335","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:55:52Z","timestamp":1750229752000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2590296.2590335"}},"subtitle":["an automated attack against in-app billing on android"],"short-title":[],"issued":{"date-parts":[[2014,6,4]]},"references-count":26,"alternative-id":["10.1145\/2590296.2590335","10.1145\/2590296"],"URL":"https:\/\/doi.org\/10.1145\/2590296.2590335","relation":{},"subject":[],"published":{"date-parts":[[2014,6,4]]},"assertion":[{"value":"2014-06-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}