{"id":"https://openalex.org/W2945945312","doi":"https://doi.org/10.1145/3317549.3319725","title":"ARF","display_name":"ARF","publication_year":2019,"publication_date":"2019-05-15","ids":{"openalex":"https://openalex.org/W2945945312","doi":"https://doi.org/10.1145/3317549.3319725","mag":"2945945312"},"language":"en","primary_location":{"id":"doi:10.1145/3317549.3319725","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3317549.3319725","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3317549.3319725","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3317549.3319725","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5051115481","display_name":"Sigmund Albert Gorski","orcid":null},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Sigmund Albert Gorski","raw_affiliation_strings":["North Carolina State University"],"affiliations":[{"raw_affiliation_string":"North Carolina State University","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024034310","display_name":"William Enck","orcid":"https://orcid.org/0000-0002-3043-8092"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"William Enck","raw_affiliation_strings":["North Carolina State University"],"affiliations":[{"raw_affiliation_string":"North Carolina State University","institution_ids":["https://openalex.org/I137902535"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5051115481"],"corresponding_institution_ids":["https://openalex.org/I137902535"],"apc_list":null,"apc_paid":null,"fwci":1.3357,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.81065125,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"151","last_page":"161"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9922000169754028,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.991100013256073,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.8027138710021973},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.759935736656189},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6892966032028198},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.6492856740951538},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6132345199584961},{"id":"https://openalex.org/keywords/scrutiny","display_name":"Scrutiny","score":0.5135107636451721},{"id":"https://openalex.org/keywords/delegation","display_name":"Delegation","score":0.5024185180664062},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3802104592323303},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17326635122299194}],"concepts":[{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.8027138710021973},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.759935736656189},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6892966032028198},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.6492856740951538},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6132345199584961},{"id":"https://openalex.org/C2776050585","wikidata":"https://www.wikidata.org/wiki/Q7439360","display_name":"Scrutiny","level":2,"score":0.5135107636451721},{"id":"https://openalex.org/C86532276","wikidata":"https://www.wikidata.org/wiki/Q1184065","display_name":"Delegation","level":2,"score":0.5024185180664062},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3802104592323303},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17326635122299194},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3317549.3319725","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3317549.3319725","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3317549.3319725","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3317549.3319725","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3317549.3319725","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3317549.3319725","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.4000000059604645,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G3366966419","display_name":null,"funder_award_id":"W911NF-16-1","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G4143225217","display_name":null,"funder_award_id":"W911NF-16-1-0299","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G657448715","display_name":null,"funder_award_id":"W911NF-16-1-","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G7452299184","display_name":null,"funder_award_id":"W911NF","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G8998121839","display_name":null,"funder_award_id":"911NF","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"}],"funders":[{"id":"https://openalex.org/F4320338281","display_name":"Army Research Office","ror":"https://ror.org/05epdh915"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2945945312.pdf","grobid_xml":"https://content.openalex.org/works/W2945945312.grobid-xml"},"referenced_works_count":39,"referenced_works":["https://openalex.org/W12540587","https://openalex.org/W81879861","https://openalex.org/W124941384","https://openalex.org/W1630356589","https://openalex.org/W1912565424","https://openalex.org/W1915915253","https://openalex.org/W1935358945","https://openalex.org/W1963971515","https://openalex.org/W1988036170","https://openalex.org/W1994588724","https://openalex.org/W2003276999","https://openalex.org/W2010395842","https://openalex.org/W2012813306","https://openalex.org/W2017025011","https://openalex.org/W2019798206","https://openalex.org/W2023446630","https://openalex.org/W2027538101","https://openalex.org/W2032724464","https://openalex.org/W2033811191","https://openalex.org/W2056073317","https://openalex.org/W2080696000","https://openalex.org/W2101834106","https://openalex.org/W2114275288","https://openalex.org/W2140095007","https://openalex.org/W2148397566","https://openalex.org/W2153497135","https://openalex.org/W2158888459","https://openalex.org/W2166743230","https://openalex.org/W2168103835","https://openalex.org/W2398484989","https://openalex.org/W2475731385","https://openalex.org/W2510556079","https://openalex.org/W2511979442","https://openalex.org/W2535386169","https://openalex.org/W2573570214","https://openalex.org/W2789555918","https://openalex.org/W2891458271","https://openalex.org/W2951116536","https://openalex.org/W2963894653"],"related_works":["https://openalex.org/W2316685381","https://openalex.org/W3003485427","https://openalex.org/W2056388267","https://openalex.org/W4210309948","https://openalex.org/W2249350383","https://openalex.org/W2755037920","https://openalex.org/W2074755311","https://openalex.org/W2362476748","https://openalex.org/W4388923452","https://openalex.org/W2072937473"],"abstract_inverted_index":{"Over":[0],"the":[1,4,7,57,64,76,139,178,188,192],"past":[2],"decade,":[3],"security":[5,85],"of":[6,37,59,66,100,141,152,169,183],"Android":[8,77,130,193],"platform":[9],"has":[10,22],"undergone":[11],"significant":[12],"scrutiny":[13,21],"by":[14],"both":[15],"academic":[16],"and":[17,29,112,134],"industrial":[18],"researchers.":[19],"This":[20],"been":[23],"largely":[24],"directed":[25],"towards":[26],"third-party":[27,124],"applications":[28],"a":[30,149],"few":[31],"critical":[32],"system":[33,53,67,93,104],"interfaces,":[34],"leaving":[35],"much":[36],"Android's":[38,52,92],"middleware":[39],"unstudied.":[40],"Building":[41],"upon":[42],"recent":[43],"efforts":[44],"to":[45,123,129,148,186],"more":[46],"rigorously":[47],"analyze":[48,187],"authorization":[49,189],"logic":[50,190],"in":[51,63,103],"services,":[54,105],"we":[55,74,158,176],"revisit":[56],"problem":[58],"permission":[60,88,110],"re-delegation,":[61],"but":[62],"context":[65],"service":[68],"entry":[69,101,145],"points.":[70],"In":[71],"this":[72,174],"paper,":[73],"propose":[75],"Re-delegation":[78],"Finder":[79],"(ARF)":[80],"analysis":[81],"framework":[82],"for":[83,180],"helping":[84],"analysts":[86],"identify":[87],"re-delegation":[89],"vulnerabilities":[90],"within":[91,191],"services.":[94],"ARF":[95,128],"analyzes":[96],"an":[97],"interconnected":[98],"graph":[99],"points":[102,146],"deriving":[106],"calling":[107],"dependencies,":[108],"annotating":[109],"checks,":[111],"identifying":[113],"potentially":[114],"vulnerable":[115,171],"deputies":[116],"that":[117,136,160],"improperly":[118,163],"expose":[119],"information":[120,165],"or":[121,166],"functionality":[122],"applications.":[125],"We":[126],"apply":[127],"AOSP":[131],"version":[132],"8.1.0":[133],"find":[135],"it":[137],"refines":[138],"set":[140,151],"15,483":[142],"paths":[143,162],"between":[144],"down":[147],"manageable":[150],"490":[153],"paths.":[154],"Upon":[155],"manual":[156],"inspection,":[157],"found":[159],"170":[161],"exposed":[164],"functionality,":[167],"consisting":[168],"86":[170],"deputies.":[172],"Through":[173],"effort,":[175],"demonstrate":[177],"need":[179],"continued":[181],"investigation":[182],"automated":[184],"tools":[185],"middleware.":[194]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":4}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2019-05-29T00:00:00"}