{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T09:12:49Z","timestamp":1767863569448,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,6,22]],"date-time":"2015-06-22T00:00:00Z","timestamp":1434931200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,6,22]]},"DOI":"10.1145\/2766498.2766499","type":"proceedings-article","created":{"date-parts":[[2015,6,23]],"date-time":"2015-06-23T13:03:05Z","timestamp":1435064585000},"page":"1-12","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":27,"title":["Harvesting developer credentials in Android apps"],"prefix":"10.1145","author":[{"given":"Yajin","family":"Zhou","sequence":"first","affiliation":[{"name":"North Carolina State University"}]},{"given":"Lei","family":"Wu","sequence":"additional","affiliation":[{"name":"North Carolina State University"}]},{"given":"Zhi","family":"Wang","sequence":"additional","affiliation":[{"name":"Florida State University"}]},{"given":"Xuxian","family":"Jiang","sequence":"additional","affiliation":[{"name":"Qihoo 360"}]}],"member":"320","published-online":{"date-parts":[[2015,6,22]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Aliyun OSS. http:\/\/www.aliyun.com\/product\/oss\/.  Aliyun OSS. http:\/\/www.aliyun.com\/product\/oss\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Android Apps Crawler. https:\/\/github.com\/mssun\/android-apps-crawler\/.  Android Apps Crawler. https:\/\/github.com\/mssun\/android-apps-crawler\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Authenticating Users of AWS Mobile Applications with a Token Vending Machine. https:\/\/aws.amazon.com\/articles\/4611615499399490.  Authenticating Users of AWS Mobile Applications with a Token Vending Machine. https:\/\/aws.amazon.com\/articles\/4611615499399490."},{"key":"e_1_3_2_1_4_1","unstructured":"aws-sdk-android-samples. https:\/\/github.com\/awslabs\/aws-sdk-android-samples.  aws-sdk-android-samples. https:\/\/github.com\/awslabs\/aws-sdk-android-samples."},{"key":"e_1_3_2_1_5_1","unstructured":"AWS SDK for Android. http:\/\/aws.amazon.com\/sdkforandroid\/.  AWS SDK for Android. http:\/\/aws.amazon.com\/sdkforandroid\/."},{"key":"e_1_3_2_1_6_1","unstructured":"BugSense. https:\/\/www.bugsense.com\/.  BugSense. https:\/\/www.bugsense.com\/."},{"key":"e_1_3_2_1_7_1","unstructured":"contagiominidump. http:\/\/contagiominidump.blogspot.com\/.  contagiominidump. http:\/\/contagiominidump.blogspot.com\/."},{"key":"e_1_3_2_1_8_1","unstructured":"DexGuard. https:\/\/www.saikoa.com\/dexguard.  DexGuard. https:\/\/www.saikoa.com\/dexguard."},{"key":"e_1_3_2_1_9_1","unstructured":"Get started with Mobile Services. http:\/\/azure.microsoft.com\/en-us\/documentation\/articles\/mobile-services-android-get-started\/.  Get started with Mobile Services. http:\/\/azure.microsoft.com\/en-us\/documentation\/articles\/mobile-services-android-get-started\/."},{"key":"e_1_3_2_1_10_1","unstructured":"javamail-android. https:\/\/code.google.com\/p\/javamail-android\/.  javamail-android. https:\/\/code.google.com\/p\/javamail-android\/."},{"key":"e_1_3_2_1_11_1","unstructured":"ProGuard. http:\/\/developer.android.com\/tools\/help\/proguard.html.  ProGuard. http:\/\/developer.android.com\/tools\/help\/proguard.html."},{"key":"e_1_3_2_1_12_1","unstructured":"Sending Emails without User Intervention (no Intents) in Android. http:\/\/www.jondev.net\/articles\/Sending_Emails_without_User_Intervention_(no_Intents)_in_Android.  Sending Emails without User Intervention (no Intents) in Android. http:\/\/www.jondev.net\/articles\/Sending_Emails_without_User_Intervention_(no_Intents)_in_Android."},{"key":"e_1_3_2_1_13_1","unstructured":"Smali. https:\/\/code.google.com\/p\/smali\/.  Smali. https:\/\/code.google.com\/p\/smali\/."},{"key":"e_1_3_2_1_14_1","unstructured":"Token Vending Machine for Anonymous Registration - Sample Java Web Application. http:\/\/aws.amazon.com\/code\/8872061742402990.  Token Vending Machine for Anonymous Registration - Sample Java Web Application. http:\/\/aws.amazon.com\/code\/8872061742402990."},{"key":"e_1_3_2_1_15_1","unstructured":"Using ProGuard with the AWS SDK for Android. http:\/\/mobile.awsblog.com\/post\/Tx2OC71PFCTC63E\/Using-ProGuard-with-the-AWS-SDK-for-Android.  Using ProGuard with the AWS SDK for Android. http:\/\/mobile.awsblog.com\/post\/Tx2OC71PFCTC63E\/Using-ProGuard-with-the-AWS-SDK-for-Android."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2184489.2184500"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1999995.2000018"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40203-6_11"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516693"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the 18th Annual Symposium on Network and Distributed System Security, NDSS","author":"Egele M.","year":"2011","unstructured":"M. Egele , C. Kruegel , E. Kirda , and G. Vigna . PiOS: Detecting Privacy Leaks in iOS Applications . In Proceedings of the 18th Annual Symposium on Network and Distributed System Security, NDSS , 2011 . M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Proceedings of the 18th Annual Symposium on Network and Distributed System Security, NDSS, 2011."},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation","author":"Enck W.","year":"2010","unstructured":"W. Enck , P. Gilbert , B. gon Chun , L. P. Cox , J. Jung , P. McDaniel , and A. N. Sheth . TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones . In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation , 2010 . W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, 2010."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382205"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2185448.2185464"},{"key":"e_1_3_2_1_24_1","volume-title":"Proceedings of the 19th Network and Distributed System Security Symposium","author":"Grace M.","year":"2012","unstructured":"M. Grace , Y. Zhou , Z. Wang , and X. Jiang . Systematic Detection of Capability Leaks in Stock Android Smartphones . In Proceedings of the 19th Network and Distributed System Security Symposium , 2012 . M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic Detection of Capability Leaks in Stock Android Smartphones. In Proceedings of the 19th Network and Distributed System Security Symposium, 2012."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307663"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37300-8_4"},{"key":"e_1_3_2_1_27_1","volume":"22","author":"Hardy N.","year":"1998","unstructured":"N. Hardy . The Confused Deputy: (or why capabilities might have been invented). ACM SIGOPS Operating Systems Review , 22 , October 1998 . N. Hardy. The Confused Deputy: (or why capabilities might have been invented). ACM SIGOPS Operating Systems Review, 22, October 1998.","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2480362.2480706"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046780"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382223"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557557"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755688.1755732"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414498"},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the 21th USENIX Security Symposium","author":"Shekhar S.","year":"2012","unstructured":"S. Shekhar , M. Dietz , and D. S. Wallach . Adsplit: Separating smartphone advertising from applications . In Proceedings of the 21th USENIX Security Symposium , 2012 . S. Shekhar, M. Dietz, and D. S. Wallach. Adsplit: Separating smartphone advertising from applications. In Proceedings of the 21th USENIX Security Symposium, 2012."},{"key":"e_1_3_2_1_35_1","volume-title":"Automated Detection of SSL\/TLS Man-in-the-Middle Vulnerabilities in Android Apps. In Proceedings of the 21st Network and Distributed System Security Symposium","author":"Sounthiraraj D.","year":"2014","unstructured":"D. Sounthiraraj , J. Sahs , G. Greenwood , Z. Lin , and L. Khan . SMV-HUNTER: Large Scale , Automated Detection of SSL\/TLS Man-in-the-Middle Vulnerabilities in Android Apps. In Proceedings of the 21st Network and Distributed System Security Symposium , 2014 . D. Sounthiraraj, J. Sahs, G. Greenwood, Z. Lin, and L. Khan. SMV-HUNTER: Large Scale, Automated Detection of SSL\/TLS Man-in-the-Middle Vulnerabilities in Android Apps. In Proceedings of the 21st Network and Distributed System Security Symposium, 2014."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2591971.2592003"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660357"},{"key":"e_1_3_2_1_38_1","volume-title":"Program Slicing. In Proceedings of the 5th international conference on Software engineering","author":"Weiser M.","year":"1981","unstructured":"M. Weiser . Program Slicing. In Proceedings of the 5th international conference on Software engineering , 1981 . M. Weiser. Program Slicing. In Proceedings of the 5th international conference on Software engineering, 1981."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516728"},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the 21th USENIX Security Symposium","author":"Xu R.","year":"2012","unstructured":"R. Xu , H. Saidi , and R. Anderson . Aurasium: Practical Policy Enforcement for Android Applications . In Proceedings of the 21th USENIX Security Symposium , 2012 . R. Xu, H. Saidi, and R. Anderson. Aurasium: Practical Policy Enforcement for Android Applications. In Proceedings of the 21th USENIX Security Symposium, 2012."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23255"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590312"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435377"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2133601.2133640"},{"key":"e_1_3_2_1_45_1","volume-title":"Proceedings of the 20th Network and Distributed System Security Symposium","author":"Zhou Y.","year":"2013","unstructured":"Y. Zhou and X. Jian . Detecting passive content leaks and pollution in android applications . In Proceedings of the 20th Network and Distributed System Security Symposium , 2013 . Y. Zhou and X. Jian. Detecting passive content leaks and pollution in android applications. In Proceedings of the 20th Network and Distributed System Security Symposium, 2013."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714598"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-08593-7_4"},{"key":"e_1_3_2_1_49_1","volume-title":"Proceedings of the 19th Annual Symposium on Network and Distributed System Security, NDSS","author":"Zhou Y.","year":"2012","unstructured":"Y. Zhou , Z. Wang , W. Zhou , and X. Jiang . Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets . In Proceedings of the 19th Annual Symposium on Network and Distributed System Security, NDSS , 2012 . Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proceedings of the 19th Annual Symposium on Network and Distributed System Security, NDSS, 2012."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.5555\/2022245.2022255"}],"event":{"name":"WiSec'15: 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","location":"New York New York","acronym":"WiSec'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","US Army Research Office US Army Research Office","NSF National Science Foundation","SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing"]},"container-title":["Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2766498.2766499","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2766498.2766499","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:07:31Z","timestamp":1750223251000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2766498.2766499"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,6,22]]},"references-count":50,"alternative-id":["10.1145\/2766498.2766499","10.1145\/2766498"],"URL":"https:\/\/doi.org\/10.1145\/2766498.2766499","relation":{},"subject":[],"published":{"date-parts":[[2015,6,22]]},"assertion":[{"value":"2015-06-22","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}