{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T23:29:12Z","timestamp":1769729352939,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":63,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,7]],"date-time":"2022-11-07T00:00:00Z","timestamp":1667779200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,7]]},"DOI":"10.1145\/3548606.3560601","type":"proceedings-article","created":{"date-parts":[[2022,11,7]],"date-time":"2022-11-07T11:41:28Z","timestamp":1667821288000},"page":"3239-3252","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Uncovering Intent based Leak of Sensitive Data in Android Framework"],"prefix":"10.1145","author":[{"given":"Hao","family":"Zhou","sequence":"first","affiliation":[{"name":"The Hong Kong Polytechnic University, Hong Kong, China"}]},{"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[{"name":"The Hong Kong Polytechnic University, Hong Kong, China"}]},{"given":"Haoyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wu Han, China"}]},{"given":"Haipeng","family":"Cai","sequence":"additional","affiliation":[{"name":"Washington State University, Pullman, Pullman, WA, USA"}]}],"member":"320","published-online":{"date-parts":[[2022,11,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2022. 7-Zip. https:\/\/www.7-zip.org\/.  2022. 7-Zip. https:\/\/www.7-zip.org\/."},{"key":"e_1_3_2_1_2_1","unstructured":"2022. Android Debug Bridge (ADB). https:\/\/developer.android.com\/studio\/com mand-line\/adb.  2022. Android Debug Bridge (ADB). https:\/\/developer.android.com\/studio\/com mand-line\/adb."},{"key":"e_1_3_2_1_3_1","unstructured":"2022. Android IPC Security Considerations. https:\/\/chromium.googlesource.co m\/chromium\/src.git\/\/refs\/heads\/main\/docs\/security\/android-ipc.md.  2022. Android IPC Security Considerations. https:\/\/chromium.googlesource.co m\/chromium\/src.git\/\/refs\/heads\/main\/docs\/security\/android-ipc.md."},{"key":"e_1_3_2_1_4_1","unstructured":"2022. android-simg2img. https:\/\/github.com\/anestisb\/android-simg2img.  2022. android-simg2img. https:\/\/github.com\/anestisb\/android-simg2img."},{"key":"e_1_3_2_1_5_1","unstructured":"2022. Android System Partition. https:\/\/source.android.com\/devices\/bootloader\/ partitions.  2022. Android System Partition. https:\/\/source.android.com\/devices\/bootloader\/ partitions."},{"key":"e_1_3_2_1_6_1","unstructured":"2022. android.content.ComponentName. https:\/\/developer.android.com\/referenc e\/android\/content\/ComponentName.  2022. android.content.ComponentName. https:\/\/developer.android.com\/referenc e\/android\/content\/ComponentName."},{"key":"e_1_3_2_1_7_1","unstructured":"2022. android.debug.PairDevice. https:\/\/cs.android.com\/android\/platform\/supe rproject\/\/master:out\/soong\/.intermediates\/frameworks\/base\/core\/java\/andro id.debug_aidl-java-source\/gen\/android\/debug\/PairDevice.java.  2022. android.debug.PairDevice. https:\/\/cs.android.com\/android\/platform\/supe rproject\/\/master:out\/soong\/.intermediates\/frameworks\/base\/core\/java\/andro id.debug_aidl-java-source\/gen\/android\/debug\/PairDevice.java."},{"key":"e_1_3_2_1_8_1","unstructured":"2022. android.net.NetworkInfo. https:\/\/developer.android.com\/reference\/androi d\/net\/NetworkInfo.  2022. android.net.NetworkInfo. https:\/\/developer.android.com\/reference\/androi d\/net\/NetworkInfo."},{"key":"e_1_3_2_1_9_1","unstructured":"2022. android.telephony.TelephonyManager. https:\/\/developer.android.com\/refe rence\/android\/telephony\/TelephonyManager.  2022. android.telephony.TelephonyManager. https:\/\/developer.android.com\/refe rence\/android\/telephony\/TelephonyManager."},{"key":"e_1_3_2_1_10_1","unstructured":"2022. AOSP. https:\/\/developers.google.com\/android\/images.  2022. AOSP. https:\/\/developers.google.com\/android\/images."},{"key":"e_1_3_2_1_11_1","unstructured":"2022. ColorOS. https:\/\/www.coloros.com.  2022. ColorOS. https:\/\/www.coloros.com."},{"key":"e_1_3_2_1_12_1","unstructured":"2022. Intents and Intent Filters. https:\/\/developer.android.com\/guide\/componen ts\/intents-filters.  2022. Intents and Intent Filters. https:\/\/developer.android.com\/guide\/componen ts\/intents-filters."},{"key":"e_1_3_2_1_13_1","unstructured":"2022. Java Collections Framework Overview. https:\/\/docs.oracle.com\/javase\/8\/d ocs\/technotes\/guides\/collections\/overview.html.  2022. Java Collections Framework Overview. https:\/\/docs.oracle.com\/javase\/8\/d ocs\/technotes\/guides\/collections\/overview.html."},{"key":"e_1_3_2_1_14_1","unstructured":"2022. java.lang.Class. https:\/\/developer.android.com\/reference\/java\/lang\/Class.  2022. java.lang.Class. https:\/\/developer.android.com\/reference\/java\/lang\/Class."},{"key":"e_1_3_2_1_15_1","unstructured":"2022. LADB A local ADB shell for Android. https:\/\/github.com\/tytydraco\/LADB.  2022. LADB A local ADB shell for Android. https:\/\/github.com\/tytydraco\/LADB."},{"key":"e_1_3_2_1_16_1","unstructured":"2022. MIUI. https:\/\/home.miui.com\/.  2022. MIUI. https:\/\/home.miui.com\/."},{"key":"e_1_3_2_1_17_1","unstructured":"2022. Mobile Vendor Market Share Worldwide. https:\/\/gs.statcounter.com\/vendo r-market-share\/mobile.  2022. Mobile Vendor Market Share Worldwide. https:\/\/gs.statcounter.com\/vendo r-market-share\/mobile."},{"key":"e_1_3_2_1_18_1","unstructured":"2022. OneUI. https:\/\/developer.samsung.com\/one-ui.  2022. OneUI. https:\/\/developer.samsung.com\/one-ui."},{"key":"e_1_3_2_1_19_1","unstructured":"2022. OriginOS. https:\/\/www.vivo.com\/originos.  2022. OriginOS. https:\/\/www.vivo.com\/originos."},{"key":"e_1_3_2_1_20_1","unstructured":"2022. Permissions overview. https:\/\/developer.android.com\/guide\/topics\/permi ssions\/overview.  2022. Permissions overview. https:\/\/developer.android.com\/guide\/topics\/permi ssions\/overview."},{"key":"e_1_3_2_1_21_1","unstructured":"2022. Soot. https:\/\/github.com\/soot-oss\/soot.  2022. Soot. https:\/\/github.com\/soot-oss\/soot."},{"key":"e_1_3_2_1_22_1","unstructured":"2022. System Broadcast Intents. https:\/\/developer.android.com\/about\/versions\/1 2\/reference\/broadcast-intents-31.  2022. System Broadcast Intents. https:\/\/developer.android.com\/about\/versions\/1 2\/reference\/broadcast-intents-31."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23121"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243842"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2019.2950134"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"e_1_3_2_1_27_1","volume-title":"Susi: A tool for the fully automated classification and categorization of android sources and sinks. Technical Report TUDCS-2013-0114","author":"Arzt Steven","year":"2013","unstructured":"Steven Arzt , Siegfried Rasthofer , and Eric Bodden . 2013 . Susi: A tool for the fully automated classification and categorization of android sources and sinks. Technical Report TUDCS-2013-0114 (2013). Steven Arzt, Siegfried Rasthofer, and Eric Bodden. 2013. Susi: A tool for the fully automated classification and categorization of android sources and sinks. Technical Report TUDCS-2013-0114 (2013)."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"e_1_3_2_1_29_1","volume-title":"Proc. USENIX Security.","author":"Backes Michael","year":"2016","unstructured":"Michael Backes , Sven Bugiel , Erik Derr , Patrick McDaniel , Damien Octeau , and Sebastian Weisgerber . 2016 . On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis . In Proc. USENIX Security. Michael Backes, Sven Bugiel, Erik Derr, Patrick McDaniel, Damien Octeau, and Sebastian Weisgerber. 2016. On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis. In Proc. USENIX Security."},{"key":"e_1_3_2_1_30_1","volume-title":"Covert: Compositional analysis of android inter-app permission leakage","author":"Bagheri Hamid","year":"2015","unstructured":"Hamid Bagheri , Alireza Sadeghi , Joshua Garcia , and Sam Malek . 2015 . Covert: Compositional analysis of android inter-app permission leakage . IEEE transactions on Software Engineering (TSE) 41, 9 (2015), 866--886. Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek. 2015. Covert: Compositional analysis of android inter-app permission leakage. IEEE transactions on Software Engineering (TSE) 41, 9 (2015), 866--886."},{"key":"e_1_3_2_1_31_1","volume-title":"Flair: efficient analysis of Android inter-component vulnerabilities in response to incremental changes. Empirical Software Engineering","author":"Bagheri Hamid","year":"2021","unstructured":"Hamid Bagheri , Jianghao Wang , Jarod Aerts , Negar Ghorbani , and Sam Malek . 2021. Flair: efficient analysis of Android inter-component vulnerabilities in response to incremental changes. Empirical Software Engineering ( 2021 ). Hamid Bagheri, Jianghao Wang, Jarod Aerts, Negar Ghorbani, and Sam Malek. 2021. Flair: efficient analysis of Android inter-component vulnerabilities in response to incremental changes. Empirical Software Engineering (2021)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866317"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2322867"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053004"},{"key":"e_1_3_2_1_35_1","volume-title":"IEEE Transactions on Information Forensics and Security","author":"Chernyshev Maxim","year":"2015","unstructured":"Maxim Chernyshev , Craig Valli , and Peter Hannay . 2015. On 802.11 access point locatability and named entity recognition in service set identifiers. IEEE Transactions on Information Forensics and Security ( 2015 ). Maxim Chernyshev, Craig Valli, and Peter Hannay. 2015. On 802.11 access point locatability and named entity recognition in service set identifiers. IEEE Transactions on Information Forensics and Security (2015)."},{"key":"e_1_3_2_1_36_1","volume-title":"Adrienne Porter Felt","author":"Chin Erika","year":"2011","unstructured":"Erika Chin , Adrienne Porter Felt , Kate Greenwood , and David Wagner. 2011 . Analyzing inter-application communication in Android. In Proc. MobiSys. 239--252. Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. 2011. Analyzing inter-application communication in Android. In Proc. MobiSys. 239--252."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23398"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.23106"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-49538-X_5"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3485374"},{"key":"e_1_3_2_1_41_1","volume-title":"Identifying mobile inter-app communication risks","author":"Elish Karim O","year":"2018","unstructured":"Karim O Elish , Haipeng Cai , Daniel Barton , Danfeng Yao , and Barbara G Ryder . 2018. Identifying mobile inter-app communication risks . IEEE Transactions on Mobile Computing ( 2018 ). Karim O Elish, Haipeng Cai, Daniel Barton, Danfeng Yao, and Barbara G Ryder. 2018. Identifying mobile inter-app communication risks. IEEE Transactions on Mobile Computing (2018)."},{"key":"e_1_3_2_1_42_1","volume-title":"Proc. USENIX Security.","author":"Elsabagh Mohamed","year":"2020","unstructured":"Mohamed Elsabagh , Ryan Johnson , Angelos Stavrou , Chaoshun Zuo , Qingchuan Zhao , and Zhiqiang Lin . 2020 . FIRMSCOPE: Automatic uncovering of privilege-escalation vulnerabilities in pre-installed apps in android firmware . In Proc. USENIX Security. Mohamed Elsabagh, Ryan Johnson, Angelos Stavrou, Chaoshun Zuo, Qingchuan Zhao, and Zhiqiang Lin. 2020. FIRMSCOPE: Automatic uncovering of privilege-escalation vulnerabilities in pre-installed apps in android firmware. In Proc. USENIX Security."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.26"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635869"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23089"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300023"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.36"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2017.2789219"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.48"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382223"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER48275.2020.9054795"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.30"},{"key":"e_1_3_2_1_53_1","volume-title":"Proc. USENIX Security.","author":"Octeau Damien","year":"2013","unstructured":"Damien Octeau , Patrick McDaniel , Somesh Jha , Alexandre Bartel , Eric Bodden , Jacques Klein , and Yves Le Traon . 2013 . Effective inter-component communication mapping in android: An essential step towards holistic security analysis . In Proc. USENIX Security. Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. 2013. Effective inter-component communication mapping in android: An essential step towards holistic security analysis. In Proc. USENIX Security."},{"key":"e_1_3_2_1_54_1","volume-title":"Proc. POPL.","author":"Jha Damien","year":"2016","unstructured":"Octeau, Damien and Jha , Somesh and Dering , Matthew and McDaniel , Patrick and Bartel , Alexandre and Li , Li and Klein , Jacques and Le Traon , Yves. 2016 . Combining static analysis with probabilistic models to enable market-scale android inter-component analysis . In Proc. POPL. Octeau, Damien and Jha, Somesh and Dering, Matthew and McDaniel, Patrick and Bartel, Alexandre and Li, Li and Klein, Jacques and Le Traon, Yves. 2016. Combining static analysis with probabilistic models to enable market-scale android inter-component analysis. In Proc. POPL."},{"key":"e_1_3_2_1_55_1","volume-title":"Proc. USENIX Security.","author":"Reardon Joel","year":"2019","unstructured":"Joel Reardon , \u00c1lvaro Feal , Primal Wijesekera , Amit Elazari Bar On , Narseo Vallina- Rodriguez , and Serge Egelman . 2019 . 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system . In Proc. USENIX Security. Joel Reardon, \u00c1lvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina- Rodriguez, and Serge Egelman. 2019. 50 ways to leak your data: An exploration of apps' circumvention of the android permissions system. In Proc. USENIX Security."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2015.7366361"},{"key":"e_1_3_2_1_57_1","volume-title":"Zhiyun Qian, and Z. Morley Mao.","author":"Shao Yuru","year":"2016","unstructured":"Yuru Shao , Jason Ott , Qi Alfred Chen , Zhiyun Qian, and Z. Morley Mao. 2016 . Kratos : Discovering Inconsistent Security Policy Enforcement in the Android Framework. In Proc. NDSS. Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, and Z. Morley Mao. 2016. Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework. In Proc. NDSS."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2642937.2643018"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484544"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660357"},{"key":"e_1_3_2_1_61_1","volume-title":"Proc. USENIX Security.","author":"Xue Lei","year":"2017","unstructured":"Lei Xue , Yajin Zhou , Ting Chen , Xiapu Luo , and Guofei Gu . 2017 . Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART . In Proc. USENIX Security. Lei Xue, Yajin Zhou, Ting Chen, Xiapu Luo, and Guofei Gu. 2017. Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART. In Proc. USENIX Security."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2022.23166"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678843"}],"event":{"name":"CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security","location":"Los Angeles CA USA","acronym":"CCS '22","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3548606.3560601","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3548606.3560601","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:48:58Z","timestamp":1750182538000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3548606.3560601"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,7]]},"references-count":63,"alternative-id":["10.1145\/3548606.3560601","10.1145\/3548606"],"URL":"https:\/\/doi.org\/10.1145\/3548606.3560601","relation":{},"subject":[],"published":{"date-parts":[[2022,11,7]]},"assertion":[{"value":"2022-11-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}