{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T21:53:16Z","timestamp":1775339596594,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1223477, 1223495, 1527141, 1618493"],"award-info":[{"award-number":["CNS-1223477, 1223495, 1527141, 1618493"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"strategic priority research program of CAS","award":["XDA06010701"],"award-info":[{"award-number":["XDA06010701"]}]},{"name":"Youth Innovation Promotion Association CAS"},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF1610127"],"award-info":[{"award-number":["W911NF1610127"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1536106, 61728209, 61402125"],"award-info":[{"award-number":["U1536106, 61728209, 61402125"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key Research and Development Program of China","award":["2016QY04W0805, 2016YFB0801302"],"award-info":[{"award-number":["2016QY04W0805, 2016YFB0801302"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3134021","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"829-844","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":34,"title":["Unleashing the Walking Dead"],"prefix":"10.1145","author":[{"given":"Tongxin","family":"Li","sequence":"first","affiliation":[{"name":"Peking University & Indiana University, Bloomington, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xueqiang","family":"Wang","sequence":"additional","affiliation":[{"name":"Indiana University, Bloomington, Bloomington, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mingming","family":"Zha","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Chen","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"XiaoFeng","family":"Wang","sequence":"additional","affiliation":[{"name":"Indiana University, Bloomington, Bloomington, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Luyi","family":"Xing","sequence":"additional","affiliation":[{"name":"Indiana University, Bloomington, Bloomington, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaolong","family":"Bai","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nan","family":"Zhang","sequence":"additional","affiliation":[{"name":"Indiana University, Bloomington, Bloomington, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xinhui","family":"Han","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"crossref","unstructured":"Yousra Aafer Nan Zhang Zhongwen Zhang Xiao Zhang Kai Chen XiaoFeng Wang Xiaoyong Zhou Wenliang Du and Michael Grace 2015. Hare hunting in the wild android: A study on the threat of hanging attribute references Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security. ACM 1248--1259.","DOI":"10.1145\/2810103.2813648"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594299"},{"key":"e_1_3_2_2_3_1","volume-title":"What the app is that? deception and countermeasures in the android user interface 2015 IEEE Symposium on Security and Privacy","author":"Bianchi Antonio","unstructured":"Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna 2015. What the app is that? deception and countermeasures in the android user interface 2015 IEEE Symposium on Security and Privacy. IEEE, 931--948."},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"crossref","unstructured":"Kai Chen Tongxin Li Bin Ma Peng Wang XiaoFeng Wang and Peiyuan Zong. 2017. Filtering for Malice through the Data Ocean: Large-Scale PHA Install Detection at the Communication Service Provider Level International Symposium on Research in Attacks Intrusions and Defenses.","DOI":"10.1007\/978-3-319-66332-6_8"},{"key":"e_1_3_2_2_5_1","unstructured":"Kai Chen Peng Wang Yeonjoon Lee XiaoFeng Wang Nan Zhang Heqing Huang Wei Zou and Peng Liu. 2015. Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale USENIX Security Symposium. 659--674."},{"key":"e_1_3_2_2_6_1","volume-title":"Peeking into your app without actually seeing it: UI state inference and novel android attacks 23rd USENIX Security Symposium (USENIX Security 14). 1037--1052","author":"Chen Qi Alfred","unstructured":"Qi Alfred Chen, Zhiyun Qian, and Z Morley Mao. 2014. Peeking into your app without actually seeing it: UI state inference and novel android attacks 23rd USENIX Security Symposium (USENIX Security 14). 1037--1052."},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813652"},{"key":"e_1_3_2_2_8_1","volume-title":"Adrienne Porter Felt","author":"Chin Erika","year":"2011","unstructured":"Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner 2011. Analyzing inter-application communication in Android Proceedings of the 9th international conference on Mobile systems, applications, and services. ACM, 239--252."},{"key":"e_1_3_2_2_9_1","volume-title":"Bifocals: Analyzing webview vulnerabilities in android applications International Workshop on Information Security Applications","author":"Chin Erika","unstructured":"Erika Chin and David Wagner 2013. Bifocals: Analyzing webview vulnerabilities in android applications International Workshop on Information Security Applications. Springer, 138--159."},{"key":"e_1_3_2_2_10_1","volume-title":"Support Universal Links. https:\/\/developer.apple.com\/library\/content\/documentation\/General\/Conceptual\/AppSearch\/UniversalLinks.html. (May","author":"Developer Apple","year":"2017","unstructured":"Apple Developer. 2017. Support Universal Links. https:\/\/developer.apple.com\/library\/content\/documentation\/General\/Conceptual\/AppSearch\/UniversalLinks.html. (May 2017)."},{"key":"e_1_3_2_2_11_1","volume-title":"https:\/\/developer.android.com\/guide\/topics\/manifest\/activity-element.html. (May","author":"Developers Android","year":"2017","unstructured":"Android Developers. 2017. Activity Element. https:\/\/developer.android.com\/guide\/topics\/manifest\/activity-element.html. (May 2017)."},{"key":"e_1_3_2_2_12_1","volume-title":"Android Debug Bridge. https:\/\/developer.android.com\/studio\/command-line\/adb.html. (May","author":"Developers Android","year":"2017","unstructured":"Android Developers. 2017. Android Debug Bridge. https:\/\/developer.android.com\/studio\/command-line\/adb.html. (May 2017)."},{"key":"e_1_3_2_2_13_1","volume-title":"Tasks and Back Stack. https:\/\/developer.android.com\/guide\/components\/tasks-and-back-stack.html. (May","author":"Developers Android","year":"2017","unstructured":"Android Developers. 2017. Tasks and Back Stack. https:\/\/developer.android.com\/guide\/components\/tasks-and-back-stack.html. (May 2017)."},{"key":"e_1_3_2_2_14_1","volume-title":"http:\/\/developer.android.com\/tools\/help\/monkey.html. (May","author":"Developers Android","year":"2017","unstructured":"Android Developers. 2017. UI\/Application Exerciser Monkey. http:\/\/developer.android.com\/tools\/help\/monkey.html. (May 2017)."},{"key":"e_1_3_2_2_15_1","volume-title":"https:\/\/developers.facebook.com\/docs\/applinks. (November","author":"Developers Facebook","year":"2016","unstructured":"Facebook Developers. 2016. App Links. https:\/\/developers.facebook.com\/docs\/applinks. (November 2016)."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"crossref","unstructured":"Rachna Dhamija and J Doug Tygar 2005. The battle against phishing: Dynamic security skins Proceedings of the 2005 symposium on Usable privacy and security. ACM 77--88.","DOI":"10.1145\/1073001.1073009"},{"key":"e_1_3_2_2_17_1","unstructured":"Alon Even. 2016. How to Grow Your Mobile App Retention. http:\/\/www.apptamin.com\/blog\/grow-app-rentention\/. (2016)."},{"key":"e_1_3_2_2_18_1","unstructured":"Adrienne Porter Felt and David Wagner 2011. Phishing on mobile devices. na."},{"key":"e_1_3_2_2_19_1","volume-title":"USENIX Security Symposium","volume":"6","author":"Felt Adrienne Porter","year":"2011","unstructured":"Adrienne Porter Felt, Helen J Wang, Alexander Moshchuk, Steve Hanna, and Erika Chin. 2011. Permission Re-Delegation: Attacks and Defenses.. USENIX Security Symposium, Vol. Vol. 6. 12--16."},{"key":"e_1_3_2_2_20_1","volume-title":"Android UI Deception Revisited: Attacks and Defenses Proceedings of the 20th International Conference on Financial Cryptography and Data Security.","author":"Fernandes Earlence","year":"2016","unstructured":"Earlence Fernandes, Qi Alfred Chen, Justin Paupore, Georg Essl, J Alex Halderman, Z Morley Mao, and Atul Prakash. 2016. Android UI Deception Revisited: Attacks and Defenses Proceedings of the 20th International Conference on Financial Cryptography and Data Security."},{"key":"e_1_3_2_2_21_1","volume-title":"https:\/\/ibotpeaches.github.io\/Apktool\/. (May","year":"2017","unstructured":"iBotPeaches. 2017. Apktool. https:\/\/ibotpeaches.github.io\/Apktool\/. (May 2017)."},{"key":"e_1_3_2_2_22_1","volume-title":"2017 47th Annual IEEE\/IFIP International Conference on. IEEE.","author":"Lee Yeonjoon","year":"2017","unstructured":"Yeonjoon Lee, Tongxin Li, Nan Zhang, Soteris Demetriou, Mingming Zha, XiaoFeng Wang, Kai Chen, Xiaoyong Zhou, Xinhui Han, and Michael Grace. 2017. Ghost Installer in the Shadow: Security Analysis of App Installation on Android Dependable Systems and Networks (DSN), 2017 47th Annual IEEE\/IFIP International Conference on. IEEE."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660302"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076781"},{"key":"e_1_3_2_2_25_1","volume-title":"Touchjacking attacks on web in android, ios, and windows phone International Symposium on Foundations and Practice of Security","author":"Luo Tongbo","unstructured":"Tongbo Luo, Xing Jin, Ajai Ananthanarayanan, and Wenliang Du 2012. Touchjacking attacks on web in android, ios, and windows phone International Symposium on Foundations and Practice of Security. Springer, 227--243."},{"key":"e_1_3_2_2_26_1","unstructured":"Andre Moulu. 2014. Abusing Samsung KNOX to remotely install a malicious application: story of a half patched vulnerability. https:\/\/blog.quarkslab.com\/abusing-samsung-knox-to-remotely-install-a-malicious-application-story-of-a-half-patched-vulnerability.html. (November 2014)."},{"key":"e_1_3_2_2_27_1","volume-title":"Proceedings of the Mobile Security Technologies Workshop (MoST).","author":"Mutchler Patrick","year":"2015","unstructured":"Patrick Mutchler, Adam Doup\u00e9, John Mitchell, Chris Kruegel, and Giovanni Vigna 2015. A Large-Scale Study of Mobile Web App Security. In Proceedings of the Mobile Security Technologies Workshop (MoST)."},{"key":"e_1_3_2_2_28_1","volume-title":"Ui redressing attacks on android devices. Black Hat Abu Dhabi","author":"Niemietz Marcus","year":"2012","unstructured":"Marcus Niemietz and J\u00f6rg Schwenk 2012. Ui redressing attacks on android devices. Black Hat Abu Dhabi (2012)."},{"key":"e_1_3_2_2_29_1","volume-title":"WindowGuard: Systematic Protection of GUI Security in Android Proc. of the Annual Symposium on Network and Distributed System Security (NDSS).","author":"Ren Chuangang","year":"2017","unstructured":"Chuangang Ren, Peng Liu, and Sencun Zhu 2017. WindowGuard: Systematic Protection of GUI Security in Android Proc. of the Annual Symposium on Network and Distributed System Security (NDSS)."},{"key":"e_1_3_2_2_30_1","volume-title":"Towards discovering and understanding task hijacking in android 24th USENIX Security Symposium (USENIX Security 15). 945--959","author":"Ren Chuangang","unstructured":"Chuangang Ren, Yulong Zhang, Hui Xue, Tao Wei, and Peng Liu 2015. Towards discovering and understanding task hijacking in android 24th USENIX Security Symposium (USENIX Security 15). 945--959."},{"key":"e_1_3_2_2_31_1","unstructured":"rovo89 2017. Xposed Module Repository. http:\/\/repo.xposed.info. (May 2017)."},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.4236\/jis.2015.63021"},{"key":"e_1_3_2_2_33_1","volume-title":"User Retention: Yes, But Which One? http:\/\/www.applift.com\/blog\/user-retention.html. (February","author":"Sommer Thomas","year":"2014","unstructured":"Thomas Sommer. 2014. User Retention: Yes, But Which One? http:\/\/www.applift.com\/blog\/user-retention.html. (February 2014)."},{"key":"e_1_3_2_2_34_1","volume-title":"The Lifetime of Android API Vulnerabilities: Case Study on the JavaScript-to-Java Interface Security Protocols XXIII: 23rd International Workshop","author":"Sutcliffe Tom","year":"2015","unstructured":"Tom Sutcliffe and Adrian Taylor 2015. The Lifetime of Android API Vulnerabilities: Case Study on the JavaScript-to-Java Interface Security Protocols XXIII: 23rd International Workshop, Cambridge, UK, March 31-April 2, 2015, Revised Selected Papers, Vol. Vol. 9379. Springer, 126."},{"key":"e_1_3_2_2_35_1","volume-title":"Android ransomware variant uses clickjacking to become device administrator. https:\/\/www.symantec.com\/connect\/blogs\/android-ransomware-variant-uses-clickjacking-become-device-administrator. (January","author":"Symantec","year":"2016","unstructured":"Symantec 2016. Android ransomware variant uses clickjacking to become device administrator. https:\/\/www.symantec.com\/connect\/blogs\/android-ransomware-variant-uses-clickjacking-become-device-administrator. (January 2016)."},{"key":"e_1_3_2_2_36_1","unstructured":"Mitsui Bussan Takeshi Terada. 2014. Whitepaper -- Attacking Android browsers via intent scheme URLs. http:\/\/www.mbsd.jp\/Whitepaper\/IntentScheme.pdf. (March 2014)."},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"crossref","unstructured":"Rui Wang Luyi Xing XiaoFeng Wang and Shuo Chen. 2013. Unauthorized origin crossing on mobile platforms: Threats and mitigation Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM 635--646.","DOI":"10.1145\/2508859.2516727"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813609"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134021","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134021","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134021","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:02Z","timestamp":1750212662000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134021"}},"subtitle":["Understanding Cross-App Remote Infections on Mobile WebViews"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":38,"alternative-id":["10.1145\/3133956.3134021","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3134021","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}