{"id":"https://openalex.org/W4308632289","doi":"https://doi.org/10.1145/3548606.3560601","title":"Uncovering Intent based Leak of Sensitive Data in Android Framework","display_name":"Uncovering Intent based Leak of Sensitive Data in Android Framework","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4308632289","doi":"https://doi.org/10.1145/3548606.3560601"},"language":"en","primary_location":{"id":"doi:10.1145/3548606.3560601","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3560601","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100396821","display_name":"Hao Zhou","orcid":"https://orcid.org/0000-0001-8890-9208"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":true,"raw_author_name":"Hao Zhou","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hong Kong, China"],"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hong Kong, China","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100400376","display_name":"Xiapu Luo","orcid":"https://orcid.org/0000-0002-9082-3208"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Xiapu Luo","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hong Kong, China"],"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hong Kong, China","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5115695530","display_name":"Haoyu Wang","orcid":"https://orcid.org/0000-0003-1100-8633"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haoyu Wang","raw_affiliation_strings":["Huazhong University of Science and Technology, Wu Han, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wu Han, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076081056","display_name":"Haipeng Cai","orcid":"https://orcid.org/0000-0002-5224-9970"},"institutions":[{"id":"https://openalex.org/I72951846","display_name":"Washington State University","ror":"https://ror.org/05dk0ce17","country_code":"US","type":"education","lineage":["https://openalex.org/I72951846"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haipeng Cai","raw_affiliation_strings":["Washington State University, Pullman, Pullman, WA, USA"],"affiliations":[{"raw_affiliation_string":"Washington State University, Pullman, Pullman, WA, USA","institution_ids":["https://openalex.org/I72951846"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100396821"],"corresponding_institution_ids":["https://openalex.org/I14243506"],"apc_list":null,"apc_paid":null,"fwci":1.1046,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.80315956,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"3239","last_page":"3252"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.880711019039154},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6980466842651367},{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.6735572814941406},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6318308115005493},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.46000343561172485},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.36604073643684387},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.19507500529289246}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.880711019039154},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6980466842651367},{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.6735572814941406},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6318308115005493},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.46000343561172485},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.36604073643684387},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.19507500529289246},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3548606.3560601","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3560601","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7599999904632568}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1986330503","https://openalex.org/W1988036170","https://openalex.org/W2017025011","https://openalex.org/W2027538101","https://openalex.org/W2073754016","https://openalex.org/W2083755826","https://openalex.org/W2101834106","https://openalex.org/W2102197271","https://openalex.org/W2122672392","https://openalex.org/W2127723417","https://openalex.org/W2140095007","https://openalex.org/W2171240827","https://openalex.org/W2243701965","https://openalex.org/W2600871181","https://openalex.org/W2619760961","https://openalex.org/W2789555918","https://openalex.org/W2792310543","https://openalex.org/W2891458271","https://openalex.org/W2906347220","https://openalex.org/W2947876441","https://openalex.org/W2963894653","https://openalex.org/W2982705228","https://openalex.org/W3014477729","https://openalex.org/W3120074996","https://openalex.org/W3213188189","https://openalex.org/W3214364986","https://openalex.org/W4200307116","https://openalex.org/W4210309948","https://openalex.org/W4225581256","https://openalex.org/W4245027182","https://openalex.org/W4251541794"],"related_works":["https://openalex.org/W2316685381","https://openalex.org/W2056388267","https://openalex.org/W2249350383","https://openalex.org/W2755037920","https://openalex.org/W4210309948","https://openalex.org/W4388923452","https://openalex.org/W2072937473","https://openalex.org/W3211901564","https://openalex.org/W2786416059","https://openalex.org/W609672658"],"abstract_inverted_index":{"To":[0,130],"prevent":[1],"unauthorized":[2,29,67,96,163,211],"apps":[3,30,41,68,164,212],"from":[4,244],"retrieving":[5],"the":[6,26,33,44,71,100,110,115,120,151,167,184,215,219,223],"sensitive":[7,46,90,103,125,168,189,216],"data,":[8,217],"Android":[9,60,86,128,138,156,175,192],"framework":[10,61,87,157],"enforces":[11],"a":[12,53,144],"permission":[13],"based":[14,122,186],"access":[15,27,72,220],"control.":[16,73,221],"However,":[17],"it":[18,180],"has":[19],"long":[20],"been":[21,231],"known":[22],"that,":[23],"to":[24,69,172,213],"bypass":[25],"control,":[28],"can":[31,63,92,159,181,207],"intercept":[32],"Intent":[34,80,121,152,185],"objects":[35,81,153],"which":[36,149,206],"are":[37,83],"sent":[38,84,154],"by":[39,66,85,95,155,162,210,233],"authorized":[40],"and":[42,88,142,165,236,238],"carry":[43,89,166],"retrieved":[45],"data.":[47,104,169],"We":[48],"find":[49,178],"that":[50,62,77,82,158,179],"there":[51],"is":[52],"new":[54,116,145],"(previously":[55],"unknown)":[56],"attack":[57,117],"surface":[58,118],"in":[59,99,127,137,191],"be":[64,93,160,208],"exploited":[65],"violate":[70],"Specifically,":[74,194],"we":[75,108,140,177,195,239],"discover":[76,196],"part":[78],"of":[79,102,124,135,188,200,203,225,228],"data":[91,126,190,204],"received":[94,161,240],"apps,":[97],"resulting":[98],"leak":[101,123,187],"In":[105],"this":[106],"paper,":[107],"conduct":[109],"first":[111],"systematic":[112],"investigation":[113],"on":[114],"namely":[119],"framework.":[129,193],"automatically":[131],"uncover":[132,183],"such":[133,201],"kind":[134,202],"vulnerability":[136],"framework,":[139],"design":[141],"develop":[143],"tool":[146],"named":[147],"LeakDetector,":[148],"finds":[150],"Applying":[170],"LeakDetector":[171],"10":[173],"commercial":[174],"systems,":[176],"effectively":[182],"36":[197],"exploitable":[198],"cases":[199],"leak,":[205],"abused":[209],"steal":[214],"violating":[218],"At":[222],"time":[224],"writing,":[226],"16":[227],"them":[229],"have":[230],"confirmed":[232],"Google,":[234],"Samsung,":[235],"Xiaomi,":[237],"bug":[241],"bounty":[242],"rewards":[243],"these":[245],"mobile":[246],"vendors.":[247]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}