{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T04:14:28Z","timestamp":1773375268086,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,3,13]],"date-time":"2019-03-13T00:00:00Z","timestamp":1552435200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["580512"],"award-info":[{"award-number":["580512"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,3,13]]},"DOI":"10.1145\/3292006.3300023","type":"proceedings-article","created":{"date-parts":[[2019,3,21]],"date-time":"2019-03-21T12:22:04Z","timestamp":1553170924000},"page":"25-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["ACMiner"],"prefix":"10.1145","author":[{"given":"Sigmund Albert","family":"Gorski","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"Benjamin","family":"Andow","sequence":"additional","affiliation":[{"name":"North Carolina State Univeristy, Raleigh, NC, USA"}]},{"given":"Adwait","family":"Nadkarni","sequence":"additional","affiliation":[{"name":"William &amp; Mary, Williamsburg, VA, USA"}]},{"given":"Sunil","family":"Manandhar","sequence":"additional","affiliation":[{"name":"William &amp; Mary, Williamsburg, VA, USA"}]},{"given":"William","family":"Enck","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"Eric","family":"Bodden","sequence":"additional","affiliation":[{"name":"Paderborn University, Paderborn, Germany"}]},{"given":"Alexandre","family":"Bartel","sequence":"additional","affiliation":[{"name":"University of Luxembourg, Luxembourg City, Luxembourg"}]}],"member":"320","published-online":{"date-parts":[[2019,3,13]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2019. ACMiner Project Website. https:\/\/wspr.csc.ncsu.edu\/acminer.  2019. ACMiner Project Website. https:\/\/wspr.csc.ncsu.edu\/acminer."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23121"},{"key":"e_1_3_2_1_3_1","volume-title":"Accessed","year":"2019","unstructured":"AndroidXref. 2019 . WRITE_SETTINGS permission in AndroidManifest.xml. http:\/\/androidxref.com\/7.1.1_r6\/xref\/frameworks\/base\/core\/res\/AndroidManif est.xml#1865 . Accessed Jan. 10, 2019. AndroidXref. 2019. WRITE_SETTINGS permission in AndroidManifest.xml. http:\/\/androidxref.com\/7.1.1_r6\/xref\/frameworks\/base\/core\/res\/AndroidManif est.xml#1865. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the ISOC Network and Distributed Systems Symposium (NDSS).","author":"Arzt Steven","year":"2014","unstructured":"Steven Arzt , Siegfried Rasthofer , and Eric Bodden . 2014 . A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks . In Proceedings of the ISOC Network and Distributed Systems Symposium (NDSS). Steven Arzt, Siegfried Rasthofer, and Eric Bodden. 2014. A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks. In Proceedings of the ISOC Network and Distributed Systems Symposium (NDSS)."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Backes Michael","year":"2016","unstructured":"Michael Backes , Sven Bugiel , Erik Derr , Patrick D McDaniel , Damien Octeau , and Sebastian Weisgerber . 2016 . On Demystifying the Android Application Framework: Re-Visiting Android Permission Speciication Analysis . In Proceedings of the USENIX Security Symposium. Michael Backes, Sven Bugiel, Erik Derr, Patrick D McDaniel, Damien Octeau, and Sebastian Weisgerber. 2016. On Demystifying the Android Application Framework: Re-Visiting Android Permission Speciication Analysis. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_7_1","volume-title":"USENIX Security Symposium.","author":"Backes Michael","year":"2015","unstructured":"Michael Backes , Sven Bugiel , Christian Hammer , Oliver Schranz , and Philipp von Styp-Rekowsky . 2015 . Boxify: Full-ledged App Sandboxing for Stock Android .. In USENIX Security Symposium. Michael Backes, Sven Bugiel, Christian Hammer, Oliver Schranz, and Philipp von Styp-Rekowsky. 2015. Boxify: Full-ledged App Sandboxing for Stock Android.. In USENIX Security Symposium."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2322867"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1999995.2000018"},{"key":"e_1_3_2_1_10_1","volume-title":"Accessed","author":"Dalton Andrew","year":"2019","unstructured":"Andrew Dalton . 2019 . Android powers 2 billion devices around the world. https: \/\/www.engadget.com\/2017\/05\/17\/android-powers-2-billion-devices-around-t he-world\/ . Accessed Jan. 10, 2019. Andrew Dalton. 2019. Android powers 2 billion devices around the world. https: \/\/www.engadget.com\/2017\/05\/17\/android-powers-2-billion-devices-around-t he-world\/. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/646153.679523"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586141"},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation.","author":"Enck William","unstructured":"William Enck , Peter Gilbert , Byung-Gon Chun , Landon P. Cox , Jaeyeon Jung , Patrick McDaniel , and Anmol N. Sheth . 2010. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones . In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2010. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation."},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Enck William","year":"2011","unstructured":"William Enck , Damien Octeau , Patrick McDaniel , and Swarat Chaudhuri . 2011 . A Study of Android Application Security . In Proceedings of the USENIX Security Symposium. William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. 2011. A Study of Android Application Security. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653691"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.26"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660343"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046779"},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Felt Adrienne Porter","year":"2011","unstructured":"Adrienne Porter Felt , Helen J. Wang , Alexander Moshchuk , Steven Hanna , and Erika Chin . 2011 . Permission Re-Delegation: Attacks and Defenses . In Proceedings of the USENIX Security Symposium. Adrienne Porter Felt, Helen J. Wang, Alexander Moshchuk, Steven Hanna, and Erika Chin. 2011. Permission Re-Delegation: Attacks and Defenses. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-30921-2_17"},{"key":"e_1_3_2_1_21_1","volume-title":"Accessed","year":"2019","unstructured":"Google. 2019 . protectionLevel. https:\/\/developer.android.com\/reference\/android\/ R.attr#protectionLevel . Accessed Jan. 10, 2019. Google. 2019. protectionLevel. https:\/\/developer.android.com\/reference\/android\/ R.attr#protectionLevel. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_22_1","volume-title":"Accessed","year":"2019","unstructured":"Google. 2019 . Security Updates and Resources. https:\/\/source.android.com\/secur ity\/overview\/updates-resources . Accessed Jan. 10, 2019. Google. 2019. Security Updates and Resources. https:\/\/source.android.com\/secur ity\/overview\/updates-resources. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_23_1","volume-title":"Accessed","year":"2019","unstructured":"Google. 2019 . Supporting Multiple Users. https:\/\/source.android.com\/devices\/tec h\/admin\/multi-user . Accessed Jan. 10, 2019. Google. 2019. Supporting Multiple Users. https:\/\/source.android.com\/devices\/tec h\/admin\/multi-user. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_24_1","unstructured":"Sigmund Albert Gorski III Benjamin Andow Adwait Nadkarni Sunil Manandhar William Enck Eric Bodden and Alexandre Bartel. 2019. ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware. http:\/\/arxiv.or g\/abs\/1901.03603. (Jan. 2019). arXiv:1901.03603  Sigmund Albert Gorski III Benjamin Andow Adwait Nadkarni Sunil Manandhar William Enck Eric Bodden and Alexandre Bartel. 2019. ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware. http:\/\/arxiv.or g\/abs\/1901.03603. (Jan. 2019). arXiv:1901.03603"},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the ISCO Network and Distributed System Security Symposium (NDSS).","author":"Grace Michael","year":"2012","unstructured":"Michael Grace , Yajin Zhou , Zhi Wang , and Xuxian Jiang . 2012 . Systematic Detection of Capability Leaks in Stock Android Smartphones . In Proceedings of the ISCO Network and Distributed System Security Symposium (NDSS). Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. 2012. Systematic Detection of Capability Leaks in Stock Android Smartphones. In Proceedings of the ISCO Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046780"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568301"},{"key":"e_1_3_2_1_28_1","volume-title":"Mining likely properties of access control policies via association rule mining. Data and Applications Security and Privacy XXIV","author":"Hwang JeeHyun","year":"2010","unstructured":"JeeHyun Hwang , Tao Xie , Vincent Hu , and Mine Altunay . 2010. Mining likely properties of access control policies via association rule mining. Data and Applications Security and Privacy XXIV ( 2010 ), 193--208. JeeHyun Hwang, Tao Xie, Vincent Hu, and Mine Altunay. 2010. Mining likely properties of access control policies via association rule mining. Data and Applications Security and Privacy XXIV (2010), 193--208."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/996943.996944"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the Cetus Users and Compiler Infrastructure Workshop (CETUS).","author":"Lam Patrick","year":"2011","unstructured":"Patrick Lam , Eric Bodden , Ondrej Lhot\u00e1k , and Laurie Hendren . 2011 . The Soot framework for Java Program Analysis: A Retrospective . In Proceedings of the Cetus Users and Compiler Infrastructure Workshop (CETUS). Patrick Lam, Eric Bodden, Ondrej Lhot\u00e1k, and Laurie Hendren. 2011. The Soot framework for Java Program Analysis: A Retrospective. In Proceedings of the Cetus Users and Compiler Infrastructure Workshop (CETUS)."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1251535.1251542"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/1765931.1765948"},{"key":"e_1_3_2_1_33_1","volume-title":"Accessed","author":"McCoy Travis","year":"2019","unstructured":"Travis McCoy . 2019 . How the World Bank is mobilizing their workforce with Android. https:\/\/www.blog.google\/topics\/connected-workspaces\/how-world-b ank-mobilizing-their-workforce-android\/ . Accessed Jan. 10, 2019. Travis McCoy. 2019. How the World Bank is mobilizing their workforce with Android. https:\/\/www.blog.google\/topics\/connected-workspaces\/how-world-b ank-mobilizing-their-workforce-android\/. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_34_1","volume-title":"Accessed","author":"Milian Mark","year":"2019","unstructured":"Mark Milian . 2019 . U.S. government, military to get secure Android phones. http:\/\/www.cnn.com\/2012\/02\/03\/tech\/mobile\/government-android-phones\/in dex.html . Accessed Jan. 10, 2019. Mark Milian. 2019. U.S. government, military to get secure Android phones. http:\/\/www.cnn.com\/2012\/02\/03\/tech\/mobile\/government-android-phones\/in dex.html. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516677"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414498"},{"key":"e_1_3_2_1_37_1","volume-title":"Accessed","author":"Ranger Steve","year":"2019","unstructured":"Steve Ranger . 2019 . The world's most secure smartphones - and why they're all Androids. http:\/\/www.zdnet.com\/article\/the-worlds-most-secure-smartphones -and-why-theyre-all-androids\/ . Accessed Jan. 10, 2019. Steve Ranger. 2019. The world's most secure smartphones - and why they're all Androids. http:\/\/www.zdnet.com\/article\/the-worlds-most-secure-smartphones -and-why-theyre-all-androids\/. Accessed Jan. 10, 2019."},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS).","author":"Shao Yuru","unstructured":"Yuru Shao , Jason Ott , Qi Alfred Chen , Zhiyun Qian , and Z. Morley Mao . 2016. Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework . In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS). Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, and Z. Morley Mao. 2016. Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework. In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the USENIX Operating Systems Design and Implementation (OSDI).","author":"Spahn Riley","year":"2014","unstructured":"Riley Spahn , Jonathan Bell , Michael Lee , Sravan Bhamidipati , Roxana Geambasu , and Gail Kaiser . 2014 . Pebbles: Fine-Grained Data Management Abstractions for Modern Operating Systems . In Proceedings of the USENIX Operating Systems Design and Implementation (OSDI). Riley Spahn, Jonathan Bell, Michael Lee, Sravan Bhamidipati, Roxana Geambasu, and Gail Kaiser. 2014. Pebbles: Fine-Grained Data Management Abstractions for Modern Operating Systems. In Proceedings of the USENIX Operating Systems Design and Implementation (OSDI)."},{"key":"e_1_3_2_1_41_1","volume-title":"Proceedings of the USENIX Security Syposium.","author":"Tan Lin","year":"2008","unstructured":"Lin Tan , Xiaolan Zhang , Xiao Ma , Weiwei Xiong , and Yuanyuan Zhou . 2008 . AutoISES: Automatically Inferring Security Speciication and Detecting Violations . In Proceedings of the USENIX Security Syposium. Lin Tan, Xiaolan Zhang, Xiao Ma, Weiwei Xiong, and Yuanyuan Zhou. 2008. AutoISES: Automatically Inferring Security Speciication and Detecting Violations. In Proceedings of the USENIX Security Syposium."},{"key":"e_1_3_2_1_42_1","volume-title":"Proc. of the Conference of the Centre for Advanced Studies on Collaborative Research.","author":"Vall\u00e9e-Rai Raja","year":"1999","unstructured":"Raja Vall\u00e9e-Rai , Phong Co , Etienne Gagnon , Laurie Hendren , Patrick Lam , and Vijay Sundaresan . 1999 . Soot - A Java Bytecode Optimization Framework . In Proc. of the Conference of the Centre for Advanced Studies on Collaborative Research. Raja Vall\u00e9e-Rai, Phong Co, Etienne Gagnon, Laurie Hendren, Patrick Lam, and Vijay Sundaresan. 1999. Soot - A Java Bytecode Optimization Framework. In Proc. of the Conference of the Centre for Advanced Studies on Collaborative Research."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516728"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.32"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1137\/1.9781611972726.27"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.720279"},{"key":"e_1_3_2_1_48_1","volume-title":"Proceedings of the Grace Hopper Celebration of Women in Computing Conference (GHC).","author":"Zhang Xiaolan","year":"2004","unstructured":"Xiaolan Zhang , Trent Jaeger , and Larry Koved . 2004 . Applying Static Analysis to Verifying Security Properties . In Proceedings of the Grace Hopper Celebration of Women in Computing Conference (GHC). Xiaolan Zhang, Trent Jaeger, and Larry Koved. 2004. Applying Static Analysis to Verifying Security Properties. In Proceedings of the Grace Hopper Celebration of Women in Computing Conference (GHC)."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.33"}],"event":{"name":"CODASPY '19: Ninth ACM Conference on Data and Application Security and Privacy","location":"Richardson Texas USA","acronym":"CODASPY '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3292006.3300023","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3292006.3300023","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3292006.3300023","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:02:02Z","timestamp":1750208522000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3292006.3300023"}},"subtitle":["Extraction and Analysis of Authorization Checks in Android's Middleware"],"short-title":[],"issued":{"date-parts":[[2019,3,13]]},"references-count":48,"alternative-id":["10.1145\/3292006.3300023","10.1145\/3292006"],"URL":"https:\/\/doi.org\/10.1145\/3292006.3300023","relation":{},"subject":[],"published":{"date-parts":[[2019,3,13]]},"assertion":[{"value":"2019-03-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}