Hybrid application frameworks such as Cordova allow mobile application (app) developers to create platformindependent apps. The code is written in JavaScript, with special APIs to access device resources in a platform-agnostic way. In this paper, we present a novel app-repackaging attack that repackages hybrid apps with malicious code; this code can exploit Cordova’s plugin interface to tamper with device resources. We further demonstrate a defense against this attack through the use of a novel runtime access control mechanism that restricts access based on the mobile user’s judgement. Our mechanism is easy to introduce to existing Cordova apps, and allows developers to produce apps that are resistant to app-repackaging attacks
HTML5-based mobile apps become more and more popu-lar, mostly because they are much easier to be por...
WebView is an essential component in both Android and iOS platforms, enabling smartphone and tablet ...
New architectures require careful examination of security properties in order to assess and contain ...
Hybrid application frameworks such as Cordova are more and more popular to create platform-independe...
Web-based or hybrid mobile applications (apps) are widely used and supported by various modern hybri...
Hybrid mobile application development frameworks are used to develop mobile applications with web st...
Android applications that using WebView can load and display web pages. Furthermore, by using the AP...
Developing mobile applications is a challenging business: developers need to support multiple platfo...
© 2017 Association for Computing Machinery. Mobile Cross-Platform Tools (CPTs) provide an alternativ...
Abstract—Hybrid mobile applications (apps) combine the features of Web applications and “native ” mo...
A hybrid mobile application (app) is a mobile app that is based on the web running within a containe...
Smartphone devices are very popular. There are a lot of devices being sold, a lot of applications th...
Android applications that using WebView can load and display web pages. Interaction with web pages a...
HTML5-based mobile applications are becoming more and more popular because they can run on different...
Today's needs require portable platforms such as mobile and IoT devices to be used more widely. The ...
HTML5-based mobile apps become more and more popu-lar, mostly because they are much easier to be por...
WebView is an essential component in both Android and iOS platforms, enabling smartphone and tablet ...
New architectures require careful examination of security properties in order to assess and contain ...
Hybrid application frameworks such as Cordova are more and more popular to create platform-independe...
Web-based or hybrid mobile applications (apps) are widely used and supported by various modern hybri...
Hybrid mobile application development frameworks are used to develop mobile applications with web st...
Android applications that using WebView can load and display web pages. Furthermore, by using the AP...
Developing mobile applications is a challenging business: developers need to support multiple platfo...
© 2017 Association for Computing Machinery. Mobile Cross-Platform Tools (CPTs) provide an alternativ...
Abstract—Hybrid mobile applications (apps) combine the features of Web applications and “native ” mo...
A hybrid mobile application (app) is a mobile app that is based on the web running within a containe...
Smartphone devices are very popular. There are a lot of devices being sold, a lot of applications th...
Android applications that using WebView can load and display web pages. Interaction with web pages a...
HTML5-based mobile applications are becoming more and more popular because they can run on different...
Today's needs require portable platforms such as mobile and IoT devices to be used more widely. The ...
HTML5-based mobile apps become more and more popu-lar, mostly because they are much easier to be por...
WebView is an essential component in both Android and iOS platforms, enabling smartphone and tablet ...
New architectures require careful examination of security properties in order to assess and contain ...