{"id":"https://openalex.org/W1974001800","doi":"https://doi.org/10.1145/2714576.2714583","title":"Automatically Detecting SSL Error-Handling Vulnerabilities in Hybrid Mobile Web Apps","display_name":"Automatically Detecting SSL Error-Handling Vulnerabilities in Hybrid Mobile Web Apps","publication_year":2015,"publication_date":"2015-04-03","ids":{"openalex":"https://openalex.org/W1974001800","doi":"https://doi.org/10.1145/2714576.2714583","mag":"1974001800"},"language":"en","primary_location":{"id":"doi:10.1145/2714576.2714583","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2714576.2714583","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100551485","display_name":"Chaoshun Zuo","orcid":null},"institutions":[{"id":"https://openalex.org/I154099455","display_name":"Shandong University","ror":"https://ror.org/0207yh398","country_code":"CN","type":"education","lineage":["https://openalex.org/I154099455"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Chaoshun Zuo","raw_affiliation_strings":["Shandong University, Jinan, China","Shandong University, Jinan, CHINA"],"affiliations":[{"raw_affiliation_string":"Shandong University, Jinan, China","institution_ids":["https://openalex.org/I154099455"]},{"raw_affiliation_string":"Shandong University, Jinan, CHINA","institution_ids":["https://openalex.org/I154099455"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101102768","display_name":"Jianliang Wu","orcid":null},"institutions":[{"id":"https://openalex.org/I154099455","display_name":"Shandong University","ror":"https://ror.org/0207yh398","country_code":"CN","type":"education","lineage":["https://openalex.org/I154099455"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianliang Wu","raw_affiliation_strings":["Shandong University, Jinan, China","Shandong University, Jinan, CHINA"],"affiliations":[{"raw_affiliation_string":"Shandong University, Jinan, China","institution_ids":["https://openalex.org/I154099455"]},{"raw_affiliation_string":"Shandong University, Jinan, CHINA","institution_ids":["https://openalex.org/I154099455"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084460856","display_name":"Shanqing Guo","orcid":"https://orcid.org/0000-0003-3367-0951"},"institutions":[{"id":"https://openalex.org/I154099455","display_name":"Shandong University","ror":"https://ror.org/0207yh398","country_code":"CN","type":"education","lineage":["https://openalex.org/I154099455"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shanqing Guo","raw_affiliation_strings":["Shandong University, Jinan, China","Shandong University, Jinan, CHINA"],"affiliations":[{"raw_affiliation_string":"Shandong University, Jinan, China","institution_ids":["https://openalex.org/I154099455"]},{"raw_affiliation_string":"Shandong University, Jinan, CHINA","institution_ids":["https://openalex.org/I154099455"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5100551485"],"corresponding_institution_ids":["https://openalex.org/I154099455"],"apc_list":null,"apc_paid":null,"fwci":2.8719,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.91295476,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"591","last_page":"596"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9941999912261963,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7708592414855957},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7041492462158203},{"id":"https://openalex.org/keywords/man-in-the-middle-attack","display_name":"Man-in-the-middle attack","score":0.5499356985092163},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.5427075624465942},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5351050496101379},{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.5020859241485596},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4866984188556671},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4444267749786377},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4258750081062317},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.3919283449649811},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2204599380493164}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7708592414855957},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7041492462158203},{"id":"https://openalex.org/C196491621","wikidata":"https://www.wikidata.org/wiki/Q554830","display_name":"Man-in-the-middle attack","level":3,"score":0.5499356985092163},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.5427075624465942},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5351050496101379},{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.5020859241485596},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4866984188556671},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4444267749786377},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4258750081062317},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3919283449649811},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2204599380493164},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2714576.2714583","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2714576.2714583","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2002898300","display_name":null,"funder_award_id":"61173068","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320334924","display_name":"Program for New Century Excellent Talents in University","ror":"https://ror.org/01mv9t934"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W1699449651","https://openalex.org/W2045057497","https://openalex.org/W2068583268","https://openalex.org/W2103370348","https://openalex.org/W2146752727","https://openalex.org/W2398484989","https://openalex.org/W2402690741"],"related_works":["https://openalex.org/W2058034608","https://openalex.org/W3155578322","https://openalex.org/W177107229","https://openalex.org/W2486658553","https://openalex.org/W4221155389","https://openalex.org/W2112896732","https://openalex.org/W2022068600","https://openalex.org/W4386199491","https://openalex.org/W1543100705","https://openalex.org/W2887633424"],"abstract_inverted_index":{"Today,":[0],"there":[1,47],"are":[2,16,133],"many":[3],"hybrid":[4,28,62,101],"apps":[5,29,124],"in":[6,38,60],"which":[7,131],"both":[8,105],"native":[9],"Android":[10],"app":[11],"UI":[12,15],"and":[13,22,108,116],"WebView":[14],"used.":[17],"To":[18,92],"protect":[19],"the":[20,25,57,61,76,89],"security":[21],"privacy":[23],"of":[24,51,83,130,141],"communications,":[26],"these":[27,95],"all":[30],"use":[31],"HTTPS":[32],"by":[33],"WebView,":[34],"a":[35,67,100,126],"key":[36],"component":[37],"modern":[39],"web":[40,64,123],"browser.":[41],"In":[42],"this":[43,70],"paper,":[44],"we":[45,98],"show":[46],"is":[48],"another":[49],"type":[50],"SSL":[52],"vulnerability":[53],"that":[54,103],"stems":[55],"from":[56,125],"error-handling":[58,71],"code":[59,72],"mobile":[63,122],"apps.":[65],"At":[66],"high":[68],"level,":[69],"should":[73],"have":[74,112],"stopped":[75],"communication":[77],"but":[78],"it":[79],"still":[80],"proceeds":[81],"regardless":[82],"certificate":[84],"errors,":[85],"thereby":[86],"leading":[87],"to":[88],"MITM":[90],"attacks.":[91],"automatically":[93],"identify":[94],"vulnerable":[96],"apps,":[97],"present":[99],"approach":[102,115],"combines":[104],"static":[106],"analysis":[107],"dynamic":[109],"analysis.":[110],"We":[111],"implemented":[113],"our":[114],"evaluated":[117],"with":[118,137],"13,820":[119],"real":[120],"world":[121],"third":[127],"party":[128],"market,":[129],"645":[132],"confirmed":[134],"truly":[135],"vulnerable,":[136],"an":[138],"average":[139],"overhead":[140],"60.8":[142],"seconds":[143],"per":[144],"app.":[145]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":3},{"year":2017,"cited_by_count":6},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}