{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:08:46Z","timestamp":1750306126734,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,4,2]],"date-time":"2017-04-02T00:00:00Z","timestamp":1491091200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Research Foundation of Korea(NRF)","award":["21A20151113068"],"award-info":[{"award-number":["21A20151113068"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,4,2]]},"DOI":"10.1145\/3052973.3053018","type":"proceedings-article","created":{"date-parts":[[2017,3,31]],"date-time":"2017-03-31T12:22:54Z","timestamp":1490962974000},"page":"179-192","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["Breaking Ad-hoc Runtime Integrity Protection Mechanisms in Android Financial Apps"],"prefix":"10.1145","author":[{"given":"Taehun","family":"Kim","sequence":"first","affiliation":[{"name":"Seoul National University, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hyeonmin","family":"Ha","sequence":"additional","affiliation":[{"name":"Seoul National University, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Seoyoon","family":"Choi","sequence":"additional","affiliation":[{"name":"SAP Labs, Korea, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jaeyeon","family":"Jung","sequence":"additional","affiliation":[{"name":"Samsung Electronics, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Byung-Gon","family":"Chun","sequence":"additional","affiliation":[{"name":"Seoul National University, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,4,2]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"android - Determine if running on a rooted device - StackOverflow. http:\/\/stackoverflow.com\/questions\/1101380\/determine-if-running-on-a-rooted-device.  android - Determine if running on a rooted device - StackOverflow. http:\/\/stackoverflow.com\/questions\/1101380\/determine-if-running-on-a-rooted-device."},{"key":"e_1_3_2_1_2_1","unstructured":"Android Developers. https:\/\/developer.android.com.  Android Developers. https:\/\/developer.android.com."},{"key":"e_1_3_2_1_3_1","unstructured":"App security for banking & payment apps - Promon SHIELD. https:\/\/promon.co\/industries\/app-security-banking-payment\/.  App security for banking & payment apps - Promon SHIELD. https:\/\/promon.co\/industries\/app-security-banking-payment\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Application Fundamentals | Android Developers. https:\/\/developer.android.com\/guide\/components\/fundamentals.html.  Application Fundamentals | Android Developers. https:\/\/developer.android.com\/guide\/components\/fundamentals.html."},{"key":"e_1_3_2_1_5_1","unstructured":"ART and Dalvik | Android Open Source Project. https:\/\/source.android.com\/devices\/tech\/dalvik\/.  ART and Dalvik | Android Open Source Project. https:\/\/source.android.com\/devices\/tech\/dalvik\/."},{"key":"e_1_3_2_1_6_1","unstructured":"Checking Device Compatibility with SafetyNet | Android Developers. http:\/\/developer.android.com\/intl\/ko\/training\/safetynet\/index.html.  Checking Device Compatibility with SafetyNet | Android Developers. http:\/\/developer.android.com\/intl\/ko\/training\/safetynet\/index.html."},{"key":"e_1_3_2_1_7_1","unstructured":"Dashboard | Android Developers. http:\/\/developer.android.com\/intl\/ko\/about\/dashboards\/index.html.  Dashboard | Android Developers. http:\/\/developer.android.com\/intl\/ko\/about\/dashboards\/index.html."},{"key":"e_1_3_2_1_8_1","unstructured":"FRB\n  : CM: 2016 Introduction. http:\/\/www.federalreserve.gov\/econresdata\/mobile-devices\/2016-Introduction.htm.  FRB: CM: 2016 Introduction. http:\/\/www.federalreserve.gov\/econresdata\/mobile-devices\/2016-Introduction.htm."},{"key":"e_1_3_2_1_9_1","unstructured":"Graphviz | Graphviz - Graph Visualization Software. http:\/\/www.graphviz.org\/.  Graphviz | Graphviz - Graph Visualization Software. http:\/\/www.graphviz.org\/."},{"key":"e_1_3_2_1_10_1","unstructured":"How secure the mobile payments are? https:\/\/storify.com\/williamjohn005\/how-secure-the-mobile-payments-are.  How secure the mobile payments are? https:\/\/storify.com\/williamjohn005\/how-secure-the-mobile-payments-are."},{"key":"e_1_3_2_1_11_1","unstructured":"IDA Debugger. https:\/\/www.hex-rays.com\/.  IDA Debugger. https:\/\/www.hex-rays.com\/."},{"key":"e_1_3_2_1_12_1","unstructured":"Java Decompiler. http:\/\/jd.benow.ca\/.  Java Decompiler. http:\/\/jd.benow.ca\/."},{"key":"e_1_3_2_1_13_1","unstructured":"Linux Manual Page. http:\/\/man7.org\/.  Linux Manual Page. http:\/\/man7.org\/."},{"key":"e_1_3_2_1_14_1","unstructured":"Mobile Banking Security Internet Banking App Security. https:\/\/www.whitecryption.com\/mobile-banking\/.  Mobile Banking Security Internet Banking App Security. https:\/\/www.whitecryption.com\/mobile-banking\/."},{"key":"e_1_3_2_1_15_1","unstructured":"Shrink Your Code and Resources | Android Studio. https:\/\/developer.android.com\/studio\/build\/shrink-code.html.  Shrink Your Code and Resources | Android Studio. https:\/\/developer.android.com\/studio\/build\/shrink-code.html."},{"key":"e_1_3_2_1_16_1","unstructured":"smali - An assembler\/disassembler for Android's dex format. https:\/\/github.com\/JesusFreke\/smali.  smali - An assembler\/disassembler for Android's dex format. https:\/\/github.com\/JesusFreke\/smali."},{"key":"e_1_3_2_1_17_1","unstructured":"Trusted Computing Group | Open Standards for Security Technology. http:\/\/www.trustedcomputinggroup.org\/.  Trusted Computing Group | Open Standards for Security Technology. http:\/\/www.trustedcomputinggroup.org\/."},{"key":"e_1_3_2_1_18_1","unstructured":"U-Boot Verified Boot. http:\/\/git.denx.de\/cgi-bin\/gitweb.cgi?p=u-boot.git;a=blob;f=doc\/uImage.FIT\/verified-boot.txt.  U-Boot Verified Boot. http:\/\/git.denx.de\/cgi-bin\/gitweb.cgi?p=u-boot.git;a=blob;f=doc\/uImage.FIT\/verified-boot.txt."},{"key":"e_1_3_2_1_19_1","unstructured":"Verified Boot - The Chromium Projects. http:\/\/www.chromium.org\/chromium-os\/chromiumos-design-docs\/verified-boot.  Verified Boot - The Chromium Projects. http:\/\/www.chromium.org\/chromium-os\/chromiumos-design-docs\/verified-boot."},{"key":"e_1_3_2_1_20_1","unstructured":"Verified Boot | Android Open Source Project. https:\/\/source.android.com\/security\/verifiedboot\/.  Verified Boot | Android Open Source Project. https:\/\/source.android.com\/security\/verifiedboot\/."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594299"},{"key":"e_1_3_2_1_22_1","unstructured":"N. Bose. Retailer-backed mobile wallet to rival Apple Pay set for test. http:\/\/www.reuters.com\/article\/2015\/08\/12\/us-currentc-mobile-payment-idUSKCN0QH1RY20150812.  N. Bose. Retailer-backed mobile wallet to rival Apple Pay set for test. http:\/\/www.reuters.com\/article\/2015\/08\/12\/us-currentc-mobile-payment-idUSKCN0QH1RY20150812."},{"key":"e_1_3_2_1_23_1","volume-title":"White-box cryptography: hiding keys in software","author":"Brecht W.","year":"2012","unstructured":"W. Brecht . White-box cryptography: hiding keys in software . NAGRA Kudelski Group , 2012 . W. Brecht. White-box cryptography: hiding keys in software. NAGRA Kudelski Group, 2012."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23140"},{"key":"e_1_3_2_1_25_1","volume-title":"USENIX Security","author":"Chen J.","year":"2015","unstructured":"J. Chen , H. Chen , E. Bauman , Z. Lin , B. Zang , and H. Guan . You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps . In USENIX Security , 2015 . J. Chen, H. Chen, E. Bauman, Z. Lin, B. Zang, and H. Guan. You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps. In USENIX Security, 2015."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1999995.2000018"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516693"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"e_1_3_2_1_29_1","first-page":"2","volume":"2","author":"Enck W.","year":"2011","unstructured":"W. Enck , D. Octeau , P. McDaniel , and S. Chaudhuri . A Study of Android Application Security. In USENIX Security , volume 2 , page 2 , 2011 . W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A Study of Android Application Security. In USENIX Security, volume 2, page 2, 2011.","journal-title":"A Study of Android Application Security. In USENIX Security"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382205"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046779"},{"key":"e_1_3_2_1_32_1","volume-title":"USENIX Security","author":"Felt A. P.","year":"2011","unstructured":"A. P. Felt , H. J. Wang , A. Moshchuk , S. Hanna , and E. Chin . Permission Re-Delegation: Attacks and Defenses . In USENIX Security , 2011 . A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission Re-Delegation: Attacks and Defenses. In USENIX Security, 2011."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"e_1_3_2_1_34_1","unstructured":"Google. Method Tracer | Android Studio. https:\/\/developer.android.com\/studio\/profile\/am-methodtrace.html.  Google. Method Tracer | Android Studio. https:\/\/developer.android.com\/studio\/profile\/am-methodtrace.html."},{"key":"e_1_3_2_1_35_1","unstructured":"E. Gruber. Android Root Detection Techniques. https:\/\/blog.netspi.com\/android-root-detection-techniques\/.  E. Gruber. Android Root Detection Techniques. https:\/\/blog.netspi.com\/android-root-detection-techniques\/."},{"key":"e_1_3_2_1_36_1","first-page":"245","volume":"8","author":"Harris A.","year":"2012","unstructured":"A. Harris , S. Goodman , and P. Traynor . Privacy and security concerns associated with mobile money applications in Africa. Wash. JL Tech. & Arts , 8 : 245 , 2012 . A. Harris, S. Goodman, and P. Traynor. Privacy and security concerns associated with mobile money applications in Africa. Wash. JL Tech. & Arts, 8:245, 2012.","journal-title":"Wash. JL Tech. & Arts"},{"key":"e_1_3_2_1_37_1","volume-title":"USENIX Security","author":"Huang J.","year":"2015","unstructured":"J. Huang , Z. Li , X. Xiao , Z. Wu , K. Lu , X. Zhang , and G. Jiang . SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps . In USENIX Security , 2015 . J. Huang, Z. Li, X. Xiao, Z. Wu, K. Lu, X. Zhang, and G. Jiang. SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps. In USENIX Security, 2015."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2614628.2614633"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2014.108"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23165"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590335"},{"key":"e_1_3_2_1_42_1","volume-title":"USENIX Security","author":"Nan Y.","year":"2015","unstructured":"Y. Nan , M. Yang , Z. Yang , S. Zhou , G. Gu , and X. Wang . UIPicker: User-Input Privacy Identification in Mobile Applications . In USENIX Security , 2015 . Y. Nan, M. Yang, Z. Yang, S. Zhou, G. Gu, and X. Wang. UIPicker: User-Input Privacy Identification in Mobile Applications. In USENIX Security, 2015."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/1875652.1875654"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766522"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.40"},{"key":"e_1_3_2_1_46_1","unstructured":"PayPal. PayPal Security Key. https:\/\/www.paypal.com\/webapps\/mpp\/security\/security-protections.  PayPal. PayPal Security Key. https:\/\/www.paypal.com\/webapps\/mpp\/security\/security-protections."},{"key":"e_1_3_2_1_47_1","volume-title":"USENIX Security","author":"Reaves B.","year":"2015","unstructured":"B. Reaves , N. Scaife , A. Bates , P. Traynor , and K. Butler . Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World . In USENIX Security , 2015 . B. Reaves, N. Scaife, A. Bates, P. Traynor, and K. Butler. Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World. In USENIX Security, 2015."},{"key":"e_1_3_2_1_48_1","unstructured":"RSA. RSA SecurID. http:\/\/www.emc.com\/security\/rsa-securid\/index.htm.  RSA. RSA SecurID. http:\/\/www.emc.com\/security\/rsa-securid\/index.htm."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/WorldCIS.2013.6751023"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557560"},{"key":"e_1_3_2_1_51_1","first-page":"569","volume-title":"USENIX Security","author":"Yan L.-K.","year":"2012","unstructured":"L.-K. Yan and H. Yin . DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis . In USENIX Security , pages 569 -- 584 , 2012 . L.-K. Yan and H. Yin. DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In USENIX Security, pages 569--584, 2012."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"}],"event":{"name":"ASIA CCS '17: ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Abu Dhabi United Arab Emirates","acronym":"ASIA CCS '17"},"container-title":["Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3052973.3053018","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3052973.3053018","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:36:58Z","timestamp":1750217818000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3052973.3053018"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,4,2]]},"references-count":52,"alternative-id":["10.1145\/3052973.3053018","10.1145\/3052973"],"URL":"https:\/\/doi.org\/10.1145\/3052973.3053018","relation":{},"subject":[],"published":{"date-parts":[[2017,4,2]]},"assertion":[{"value":"2017-04-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}