{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:17:25Z","timestamp":1763468245530,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,4,14]],"date-time":"2015-04-14T00:00:00Z","timestamp":1428969600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"US National Science Foundation","award":["0855036","0952640"],"award-info":[{"award-number":["0855036","0952640"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,4,14]]},"DOI":"10.1145\/2714576.2714598","type":"proceedings-article","created":{"date-parts":[[2015,4,3]],"date-time":"2015-04-03T16:27:14Z","timestamp":1428078434000},"page":"19-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":21,"title":["Hybrid User-level Sandboxing of Third-party Android Apps"],"prefix":"10.1145","author":[{"given":"Yajin","family":"Zhou","sequence":"first","affiliation":[{"name":"North Carolina State University & Qihoo 360, Raleigh, NC, USA"}]},{"given":"Kunal","family":"Patel","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"Lei","family":"Wu","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"Zhi","family":"Wang","sequence":"additional","affiliation":[{"name":"Florida State University, Tallahassee, FL, USA"}]},{"given":"Xuxian","family":"Jiang","sequence":"additional","affiliation":[{"name":"North Carolina State University & Qihoo 360, Raleigh, NC, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,4,14]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Android Security Analysis Challenge: Tampering Dalvik Bytecode During Runtime. https:\/\/bluebox.com\/technical\/android-security-analysis-challenge-tampering-dalvik-bytecode-during-runtime\/.  Android Security Analysis Challenge: Tampering Dalvik Bytecode During Runtime. https:\/\/bluebox.com\/technical\/android-security-analysis-challenge-tampering-dalvik-bytecode-during-runtime\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Binder. http:\/\/developer.android.com\/reference\/android\/os\/Binder.html.  Binder. http:\/\/developer.android.com\/reference\/android\/os\/Binder.html."},{"key":"e_1_3_2_1_3_1","unstructured":"DroidKungFu Malware. http:\/\/www.csc.ncsu.edu\/faculty\/jiang\/DroidKungFu.html.  DroidKungFu Malware. http:\/\/www.csc.ncsu.edu\/faculty\/jiang\/DroidKungFu.html."},{"key":"e_1_3_2_1_4_1","unstructured":"Googler: App Ops Was Never Meant For End Users Used For Internal Testing And Debugging Only. http:\/\/www.androidpolice.com\/2013\/12\/11\/googler-app-ops-was-never-meant-for-end-users-used-for-internal-testing-and-debugging-only\/.  Googler: App Ops Was Never Meant For End Users Used For Internal Testing And Debugging Only. http:\/\/www.androidpolice.com\/2013\/12\/11\/googler-app-ops-was-never-meant-for-end-users-used-for-internal-testing-and-debugging-only\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Hidden Permissions Manager Found in Android 4.3 Lets You Set the Rules. http:\/\/www.engadget.com\/2013\/07\/26\/hidden-permissions-manager-android-4-3\/.  Hidden Permissions Manager Found in Android 4.3 Lets You Set the Rules. http:\/\/www.engadget.com\/2013\/07\/26\/hidden-permissions-manager-android-4-3\/."},{"key":"e_1_3_2_1_6_1","unstructured":"JNI Tips. http:\/\/developer.android.com\/training\/articles\/perf-jni.html.  JNI Tips. http:\/\/developer.android.com\/training\/articles\/perf-jni.html."},{"key":"e_1_3_2_1_7_1","unstructured":"Linux\/Unix nbench. http:\/\/www.tux.org\/~mayer\/linux\/bmark.html.  Linux\/Unix nbench. http:\/\/www.tux.org\/~mayer\/linux\/bmark.html."},{"key":"e_1_3_2_1_8_1","unstructured":"Mobile Malware Minidump. http:\/\/contagiominidump.blogspot.com\/.  Mobile Malware Minidump. http:\/\/contagiominidump.blogspot.com\/."},{"key":"e_1_3_2_1_9_1","unstructured":"PLT and GOT - the Key to Code Sharing and Dynamic Libraries. https:\/\/www.technovelty.org\/linux\/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html.  PLT and GOT - the Key to Code Sharing and Dynamic Libraries. https:\/\/www.technovelty.org\/linux\/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html."},{"key":"e_1_3_2_1_10_1","first-page":"Q2","year":"2014","unstructured":"Smartphone OS Market Share , Q2 2014 . http:\/\/www.idc.com\/prodserv\/smartphone-os-market-share.jsp. Smartphone OS Market Share, Q2 2014. http:\/\/www.idc.com\/prodserv\/smartphone-os-market-share.jsp.","journal-title":"Smartphone OS Market Share"},{"key":"e_1_3_2_1_11_1","unstructured":"The Java Virtual Machine Specification. http:\/\/docs.oracle.com\/javase\/specs\/jvms\/se7\/html\/.  The Java Virtual Machine Specification. http:\/\/docs.oracle.com\/javase\/specs\/jvms\/se7\/html\/."},{"key":"e_1_3_2_1_12_1","unstructured":"Your Apps Are Watching You. http:\/\/online.wsj.com\/news\/articles\/SB10001424052748704368004576027751867039730.  Your Apps Are Watching You. http:\/\/online.wsj.com\/news\/articles\/SB10001424052748704368004576027751867039730."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36742-7_39"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2184489.2184500"},{"key":"e_1_3_2_1_16_1","volume-title":"Sadeghi. Flexible and Fine-Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies. In Proceedings of the 22nd USENIX Security Symposium","author":"Bugiel S.","year":"2013","unstructured":"S. Bugiel , S. Heuser , and A.- R. Sadeghi. Flexible and Fine-Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies. In Proceedings of the 22nd USENIX Security Symposium , 2013 . S. Bugiel, S. Heuser, and A.-R. Sadeghi. Flexible and Fine-Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies. In Proceedings of the 22nd USENIX Security Symposium, 2013."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2462456.2464462"},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the IEEE Mobile Security Technology","author":"Davis B.","year":"2012","unstructured":"B. Davis , B. Sanders , A. Khodaverdian , and H. Chen . I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications . In Proceedings of the IEEE Mobile Security Technology , 2012 . B. Davis, B. Sanders, A. Khodaverdian, and H. Chen. I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications. In Proceedings of the IEEE Mobile Security Technology, 2012."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation","author":"Enck W.","year":"2010","unstructured":"W. Enck , P. Gilbert , B. gon Chun , L. P. Cox , J. Jung , P. McDaniel , and A. N. Sheth . TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones . In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation , 2010 . W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, 2010."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2335356.2335360"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2381934.2381945"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the USENIX 2008 Annual Technical Conference","author":"Ford B.","year":"2008","unstructured":"B. Ford and R. Cox . Vx32: Lightweight User-level Sandboxing on the x86 . In Proceedings of the USENIX 2008 Annual Technical Conference , 2008 . B. Ford and R. Cox. Vx32: Lightweight User-level Sandboxing on the x86. In Proceedings of the USENIX 2008 Annual Technical Conference, 2008."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2185448.2185464"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307663"},{"key":"e_1_3_2_1_25_1","volume-title":"Quantifying the Effects of Removing Permissions from Android Applications","author":"Gustafson E.","year":"2013","unstructured":"E. Gustafson , K. Kennedy , and H. Chen . Quantifying the Effects of Removing Permissions from Android Applications . In IEEE Mobile Security Technologies , 2013 . E. Gustafson, K. Kennedy, and H. Chen. Quantifying the Effects of Removing Permissions from Android Applications. In IEEE Mobile Security Technologies, 2013."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484317"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046780"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2381934.2381938"},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the 11th USENIX Security Symposium","author":"Kiriansky V.","year":"2001","unstructured":"V. Kiriansky , D. Bruening , and S. Amarasinghe . Secure Execution via Program Shepherding . In Proceedings of the 11th USENIX Security Symposium , 2001 . V. Kiriansky, D. Bruening, and S. Amarasinghe. Secure Execution via Program Shepherding. In Proceedings of the 11th USENIX Security Symposium, 2001."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-007-0031-0"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/2534766.2534777"},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the 15th USENIX Security Symposium","author":"McCamant S.","year":"2006","unstructured":"S. McCamant and G. Morrisett . Evaluating SFI for a CISC Architecture . In Proceedings of the 15th USENIX Security Symposium , 2006 . S. McCamant and G. Morrisett. Evaluating SFI for a CISC Architecture. In Proceedings of the 15th USENIX Security Symposium, 2006."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755688.1755732"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1952682.1952703"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2646584.2646586"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.24"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523678"},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of the 19th USENIX Security Symposium","author":"Sehr D.","year":"2010","unstructured":"D. Sehr , R. Muth , C. L. Biffle , V. Khimenko , E. Pasko , B. S. Yee , K. Schimpf , and B. Chen . Adapting Software Fault Isolation to Contemporary CPU Architectures . In Proceedings of the 19th USENIX Security Symposium , 2010 . D. Sehr, R. Muth, C. L. Biffle, V. Khimenko, E. Pasko, B. S. Yee, K. Schimpf, and B. Chen. Adapting Software Fault Isolation to Contemporary CPU Architectures. In Proceedings of the 19th USENIX Security Symposium, 2010."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866331"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33167-1_48"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2627393.2627396"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/168619.168635"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516727"},{"key":"e_1_3_2_1_44_1","volume-title":"Proceedings of the 15th IEEE Symposium on Security and Privacy","author":"Wang X.","year":"2006","unstructured":"X. Wang , C.-C. Pan , P. Liu , and S. Zhu . SigFree: A Signature-free Buffer Overflow Attack Blocker . In Proceedings of the 15th IEEE Symposium on Security and Privacy , 2006 . X. Wang, C.-C. Pan, P. Liu, and S. Zhu. SigFree: A Signature-free Buffer Overflow Attack Blocker. In Proceedings of the 15th IEEE Symposium on Security and Privacy, 2006."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23164"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516728"},{"key":"e_1_3_2_1_47_1","volume-title":"Proceedings of the 21th USENIX Security Symposium","author":"Xu R.","year":"2012","unstructured":"R. Xu , H. Saidi , and R. Anderson . Aurasium: Practical Policy Enforcement for Android Applications . In Proceedings of the 21th USENIX Security Symposium , 2012 . R. Xu, H. Saidi, and R. Anderson. Aurasium: Practical Policy Enforcement for Android Applications. In Proceedings of the 21th USENIX Security Symposium, 2012."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"key":"e_1_3_2_1_50_1","volume-title":"Proceedings of the 22rd USENIX Security Symposium","author":"Zhang M.","year":"2013","unstructured":"M. Zhang and R. Sekar . Control-Flow Integrity For COTS Binaries . In Proceedings of the 22rd USENIX Security Symposium , 2013 . M. Zhang and R. Sekar. Control-Flow Integrity For COTS Binaries. In Proceedings of the 22rd USENIX Security Symposium, 2013."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2038642.2038687"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660344"},{"key":"e_1_3_2_1_54_1","volume-title":"Proceedings of the 19th Network and Distributed System Security Symposium","author":"Zhou Y.","year":"2012","unstructured":"Y. Zhou , Z. Wang , W. Zhou , and X. Jiang . Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets . In Proceedings of the 19th Network and Distributed System Security Symposium , 2012 . Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proceedings of the 19th Network and Distributed System Security Symposium, 2012."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.5555\/2022245.2022255"}],"event":{"name":"ASIA CCS '15: 10th ACM Symposium on Information, Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Singapore Republic of Singapore","acronym":"ASIA CCS '15"},"container-title":["Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2714576.2714598","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2714576.2714598","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:16:54Z","timestamp":1750227414000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2714576.2714598"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,4,14]]},"references-count":54,"alternative-id":["10.1145\/2714576.2714598","10.1145\/2714576"],"URL":"https:\/\/doi.org\/10.1145\/2714576.2714598","relation":{},"subject":[],"published":{"date-parts":[[2015,4,14]]},"assertion":[{"value":"2015-04-14","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}