References
- Common Vulnerabilities and Exposures (CVE) for Android. [Online]. Available: https://cve.mitre.org/cgibin/cvekey.cgi?keyword=Android
- SEI CERT secure coding standards. [Online]. Available: https://www.securecoding.cert.org
- ETSI standards. [Online]. Available: http://www.etsi.org
- L. Wu, "Vulnerability Detection and Mitigation in Commodity Android Devices," Ph.D. dissertation, Dept. of Computer Science, North Carolina State University, 2015.
- J. H. Bang, "Development Trend for Open Source Code Security Weakness Analysis Tools," Internet & Security Focus, May 2014. (in Korean)
- W.T. Sim, J. Kim, J. Ryou, and B. Noh, "Android Application Analysis Method for Malicious Activity Detection," Journal of the Korean Institute of Information Security and Cryptology, Vol. 21, No. 1, pp. 213-219, Feb. 2011. (in Korean)
- L. Batyuk, M. Herpich, S.A. Camtepe, K. Raddatz, A. Schmidt, S. Albayrak, "Using Static Analysis for Automatic Assessment and Mitigation of Unwanted and Malicious Activities within Android Applications," 2011 6th International Conference on Malicious and Unwanted Software, pp. 66-72, 2011.
- H. Cho, D. Weon, and J. Kim, "A Study on the Security Vulnerability of Android," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol. 5, No. 6, pp. 1-8, Dec. 2015. (in Korean) https://doi.org/10.14257/AJMAHS.2015.06.05
- Y. Choi, and E.M. Choi, "Analysing Weak Point of Android Applications Using Static Analysis based on Anti-patterns," KIISE Transactions on Computing Practices, Vol. 18, No. 4, pp. 316-320, Apr. 2012. (in Korean)
- M. Sutton, A. Greene, and P. Amini, Fuzzing: Brute Force Vulnerability Discovery, Addison-Wesley, 2007.
- B. Cui, Y. Ni, Y. Fu, "ADDFuzzer: A New Fuzzing Framework of Android Device Drivers," The 10th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), pp. 88-91, Nov. 2015.
- L.K. Yan, H. Yin, "DroidScope: Seamlessly Reconstruction the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis," Proc. of the 21st USENIX Security Symposium, pp. 569-584, Aug. 2012.
- C. Wright, C. Cowan, S. Smalley, J. Morris, G. Kroah-Hartman, "Linux Security Modules: General Security Support for the Linux Kernel," USENIX Security Symposium, Vol. 2, pp. 1-14, 2002.
- S. Bugiel, S. Heuser, A. Sadeghi, "Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies," Proc. of the 22nd USENIX Security Symposium, pp. 131-146, Aug. 2013.
- Common Weakness Enumeration (CWE). [Online]. Available: https://cwe.mitre.org/
- Y. Younan, "25 Years of Vulnerabilities: 1988-2012," Research Report, Sourcefire Vulnerability Research Team (VRT). [Online]. Available: https://courses.cs.washington.edu/courses/cse484/14au/reading/25-years-vulnerabilities.pdf
- IBM AppScan. [Online]. Available: http://www-03.ibm.com/software/products/en/appscan
- Explorer. [Online]. Available: http://mogua.us
- NIST, Source Code Security Analyzer. [Online]. Available: https://samate.nist.gov/index.php/Source_Code_Security_Analyzers.html