{"id":"https://openalex.org/W4417029803","doi":"https://doi.org/10.1049/ise2/5001786","title":"PathFuzzer: Sensitive Information Flow Path\u2010Guided Fuzzing for Intent Vulnerabilities in Android Applications","display_name":"PathFuzzer: Sensitive Information Flow Path\u2010Guided Fuzzing for Intent Vulnerabilities in Android Applications","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4417029803","doi":"https://doi.org/10.1049/ise2/5001786"},"language":"en","primary_location":{"id":"doi:10.1049/ise2/5001786","is_oa":true,"landing_page_url":"https://doi.org/10.1049/ise2/5001786","pdf_url":"https://onlinelibrary.wiley.com/doi/pdfdirect/10.1049/ise2/5001786","source":{"id":"https://openalex.org/S58852226","display_name":"IET Information Security","issn_l":"1751-8709","issn":["1751-8709","1751-8717"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https://openalex.org/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IET Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://onlinelibrary.wiley.com/doi/pdfdirect/10.1049/ise2/5001786","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5061850015","display_name":"Zhanhui Yuan","orcid":"https://orcid.org/0000-0001-8003-4734"},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhanhui Yuan","raw_affiliation_strings":["School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China"],"raw_orcid":"https://orcid.org/0000-0001-8003-4734","affiliations":[{"raw_affiliation_string":"School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China","institution_ids":["https://openalex.org/I169689159"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028563006","display_name":"Zhi Yang","orcid":"https://orcid.org/0000-0001-6890-6077"},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zhi Yang","raw_affiliation_strings":["School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China"],"raw_orcid":"https://orcid.org/0000-0001-6890-6077","affiliations":[{"raw_affiliation_string":"School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China","institution_ids":["https://openalex.org/I169689159"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020529014","display_name":"Shuyuan Jin","orcid":"https://orcid.org/0000-0003-2087-2853"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuyuan Jin","raw_affiliation_strings":["School of Computer Science and Engineering ,  Sun Yat-sen University ,  Guangzhou ,  China ,  sysu.edu.cn"],"raw_orcid":"https://orcid.org/0000-0003-2087-2853","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering ,  Sun Yat-sen University ,  Guangzhou ,  China ,  sysu.edu.cn","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061939024","display_name":"Jinglei Tan","orcid":"https://orcid.org/0000-0002-3231-6793"},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jinglei Tan","raw_affiliation_strings":["School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China"],"raw_orcid":"https://orcid.org/0000-0002-3231-6793","affiliations":[{"raw_affiliation_string":"School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China","institution_ids":["https://openalex.org/I169689159"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100671916","display_name":"Hongqi Zhang","orcid":"https://orcid.org/0000-0003-4992-5285"},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hongqi Zhang","raw_affiliation_strings":["School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cryptography Engineering ,  People\u2019s Liberation Army Information Engineering University ,  Zhengzhou ,  China","institution_ids":["https://openalex.org/I169689159"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5028563006"],"corresponding_institution_ids":["https://openalex.org/I169689159"],"apc_list":{"value":2000,"currency":"EUR","value_usd":2200},"apc_paid":{"value":2000,"currency":"EUR","value_usd":2200},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.44186761,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"2025","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.5356000065803528,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.5356000065803528,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.19370000064373016,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.11649999767541885,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.934499979019165},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7321000099182129},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.644599974155426},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.5715000033378601},{"id":"https://openalex.org/keywords/control-flow-graph","display_name":"Control flow graph","score":0.47119998931884766},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4645000100135803},{"id":"https://openalex.org/keywords/path","display_name":"Path (computing)","score":0.4586000144481659},{"id":"https://openalex.org/keywords/information-leakage","display_name":"Information leakage","score":0.4253000020980835},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.3328000009059906}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.934499979019165},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8359000086784363},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7321000099182129},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.644599974155426},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6195999979972839},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.5715000033378601},{"id":"https://openalex.org/C27458966","wikidata":"https://www.wikidata.org/wiki/Q1187693","display_name":"Control flow graph","level":2,"score":0.47119998931884766},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4645000100135803},{"id":"https://openalex.org/C2777735758","wikidata":"https://www.wikidata.org/wiki/Q817765","display_name":"Path (computing)","level":2,"score":0.4586000144481659},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.4253000020980835},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.3328000009059906},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.31119999289512634},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.29789999127388},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.29739999771118164},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2971999943256378},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.29660001397132874},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.29499998688697815},{"id":"https://openalex.org/C128942645","wikidata":"https://www.wikidata.org/wiki/Q1568346","display_name":"Test case","level":3,"score":0.2831000089645386},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.2711000144481659},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.26829999685287476},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.2667999863624573},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.2651999890804291},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.25279998779296875},{"id":"https://openalex.org/C489000","wikidata":"https://www.wikidata.org/wiki/Q747385","display_name":"Data flow diagram","level":2,"score":0.2517000138759613}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1049/ise2/5001786","is_oa":true,"landing_page_url":"https://doi.org/10.1049/ise2/5001786","pdf_url":"https://onlinelibrary.wiley.com/doi/pdfdirect/10.1049/ise2/5001786","source":{"id":"https://openalex.org/S58852226","display_name":"IET Information Security","issn_l":"1751-8709","issn":["1751-8709","1751-8717"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https://openalex.org/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IET Information Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1049/ise2/5001786","is_oa":true,"landing_page_url":"https://doi.org/10.1049/ise2/5001786","pdf_url":"https://onlinelibrary.wiley.com/doi/pdfdirect/10.1049/ise2/5001786","source":{"id":"https://openalex.org/S58852226","display_name":"IET Information Security","issn_l":"1751-8709","issn":["1751-8709","1751-8717"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https://openalex.org/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IET Information Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2311382213","display_name":null,"funder_award_id":"2025M771548","funder_id":"https://openalex.org/F4320321543","funder_display_name":"China Postdoctoral Science Foundation"},{"id":"https://openalex.org/G582709614","display_name":null,"funder_award_id":"62472456","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G904584391","display_name":null,"funder_award_id":"62176265","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321543","display_name":"China Postdoctoral Science Foundation","ror":"https://ror.org/0426zh255"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4417029803.pdf","grobid_xml":"https://content.openalex.org/works/W4417029803.grobid-xml"},"referenced_works_count":38,"referenced_works":["https://openalex.org/W1988036170","https://openalex.org/W1994588724","https://openalex.org/W1994931937","https://openalex.org/W2014926913","https://openalex.org/W2015933956","https://openalex.org/W2060692877","https://openalex.org/W2067364868","https://openalex.org/W2277576447","https://openalex.org/W2770003285","https://openalex.org/W3013849792","https://openalex.org/W3085238546","https://openalex.org/W3091773350","https://openalex.org/W3157371529","https://openalex.org/W3160974549","https://openalex.org/W4221059510","https://openalex.org/W4224255081","https://openalex.org/W4229059453","https://openalex.org/W4244726870","https://openalex.org/W4251541794","https://openalex.org/W4288057736","https://openalex.org/W4288057797","https://openalex.org/W4290566675","https://openalex.org/W4313040705","https://openalex.org/W4366112300","https://openalex.org/W4377941713","https://openalex.org/W4381233012","https://openalex.org/W4385080325","https://openalex.org/W4388212273","https://openalex.org/W4388841193","https://openalex.org/W4389719707","https://openalex.org/W4390116303","https://openalex.org/W4391909163","https://openalex.org/W4394611553","https://openalex.org/W4399169122","https://openalex.org/W4401685100","https://openalex.org/W4403843162","https://openalex.org/W4406827934","https://openalex.org/W4408750112"],"related_works":[],"abstract_inverted_index":{"Intent":[0,36,215],"vulnerabilities":[1,65,91,169],"pose":[2],"a":[3,59,153,183],"significant":[4],"threat":[5],"as":[6,34],"they":[7],"allow":[8],"attackers":[9],"to":[10,16,63,67,87,101,134,138,151,178,201],"exploit":[11],"unverified":[12],"intent":[13,90,168],"messages,":[14],"leading":[15],"sensitive":[17,55,68,142,190],"data":[18],"leaks,":[19],"privilege":[20],"escalations,":[21],"or":[22],"unauthorized":[23],"actions":[24],"that":[25,163],"compromise":[26],"user":[27],"privacy":[28],"and":[29,50,111,129,210],"system":[30],"security.":[31],"Fuzzing":[32],"methods,":[33,39,180],"traditional":[35,179],"vulnerability":[37],"detection":[38,194],"are":[40],"guided":[41],"by":[42,104,196],"the":[43,47,117,120,148],"edge":[44],"coverage":[45,187],"of":[46,61,199],"program\u2010directed":[48],"graph":[49],"do":[51],"not":[52],"focus":[53],"on":[54,116,189],"information,":[56,69],"resulting":[57],"in":[58,92],"lack":[60],"ability":[62],"discover":[64],"related":[66],"especially":[70],"long\u2010path":[71],"vulnerabilities.":[72,216],"This":[73],"article":[74],"proposes":[75],"PathFuzzer,":[76],"which":[77],"is":[78],"an":[79,197,207],"intent\u2010sensitive":[80,97],"information":[81,98,143],"flow":[82,99,144],"path\u2010guided":[83],"fuzzing":[84,103],"method":[85,212],"designed":[86],"efficiently":[88,139],"detect":[89],"Android":[93],"applications.":[94],"It":[95],"leverages":[96],"paths":[100,110,191],"guide":[102],"sending":[105],"test":[106,113,136,140,149],"cases":[107,114,137],"along":[108,141],"these":[109],"mutating":[112],"based":[115],"parameter":[118],"within":[119],"paths.":[121,158],"Additionally,":[122],"PathFuzzer":[123,164,181,205],"utilizes":[124],"unique":[125],"long":[126,157],"path":[127,186],"encoding":[128],"key":[130],"node":[131],"identification":[132],"technology":[133],"enable":[135],"paths,":[145],"while":[146,192],"monitoring":[147],"status":[150],"form":[152],"feedback":[154],"mechanism":[155],"for":[156,213],"The":[159],"evaluation":[160],"results":[161],"show":[162],"successfully":[165],"detected":[166],"131":[167],"across":[170],"500":[171],"popular":[172],"applications":[173],"from":[174],"Google":[175],"Play.":[176],"Compared":[177],"achieved":[182],"92%":[184],"average":[185,198],"rate":[188],"improving":[193],"efficiency":[195],"up":[200],"64%.":[202],"In":[203],"summary,":[204],"provides":[206],"efficient,":[208],"accurate,":[209],"comprehensive":[211],"detecting":[214]},"counts_by_year":[],"updated_date":"2026-03-13T14:20:09.374765","created_date":"2025-12-05T00:00:00"}