首页|Signing key leak detection in Google Play Store
Signing key leak detection in Google Play Store
扫码查看
点击上方二维码区域,可以放大扫码查看
原文链接
NETL
Developers use their private keys to sign the apps before publishing in Google Play Store, an Official Android Market。 These keys must be kept secret as they uniquely identify the authority of a developer。 We conduct an investigation on more than 21000 real malware and 1000 benign apps in Google Play Store to justify whether the private keys of these benign apps have been manipulated by malware。 As a result, 15 apps are found vulnerable due to the leakage of private keys。 We also confirm the attacking technique that uses similar package name in third party apps to lure users to install malware without notice。
android securitymobile malwarephishing attack
Long Nguyen-Vu、Jungsoo Park、Ngoc-Tu Chau、Souhwan Jung
展开 >
School of Electronic Engineering, Soongsil Univertity, Seoul, Korea
International Conference on Information Networking
Kota Kinabalu(MY)
2016 International Conference on Information Networking
NETL
