1 |
Ministry Of Security And Public Administration, Guidelines for Development and Operation of Systems Involved in Administrative Agencies and Public Institutions, Notification No. 2013-36 of the Ministry Of Security And Public Administration, 2013.
|
2 |
2011 CWE/SANS Top 25 Most Dangerous Software Errors, http://cwe.mitre.org/top25/(accessed Aug., 26, 2016).
|
3 |
J. Bang, Development Trend of Open Static Analysis Tool for Source Code Security Weakness, Internet & Securety Focus, 2014.
|
4 |
OWASP Top Ten Project, https://www.owasp.org/index.php/Top10#OWASP_Top_10_for_2013 (accessed Aug., 26, 2016).
|
5 |
Projects/OWASP Mobile Security Project - Top Ten Mobile Risks, https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Risks (accessed Aug., 26, 2016).
|
6 |
D. Chell, T. Erasmus, S. Colley, and O. Whitehouse, The Mobile Application Hacker's Handbook, John Wiley & Sons Publishers, Indianapolis, Indiana, 2015.
|
7 |
CWE-114: Process Control. https://cwe.mitre.org/data/definitions/114.html (accessed Jun., 10, 2016).
|
8 |
G. Nolan, Decompile Android, Apress Publishers, New York, NY, 2012.
|
9 |
Binary Planting, https://www.owasp.org/index.php/Binary_planting (accessed Aug., 26, 2016).
|
10 |
Binary Planting-The Official Web Site, http://www.binaryplanting.com/ (accessed Aug., 26, 2016).
|
11 |
M. Kolsek, Remote Binary Planting, An Overlooked Vulnerability Affair, OWASP Maribor, 2010.
|
12 |
M. Kolsek, Binary Planting, The Forgotten Vulnerability Affair, Slovenian Foreplay, 2010.
|
13 |
Ilyong Mun and Seman Oh. “Design and Implementation of A Weakness Analyzer for Mobile Applications.” Journal of Korea Multimedia Society, Vol. 14, No. 10, pp. 1335-1347, 2011.
DOI
|
14 |
Ministry Of Security And Public Administration, Secure Coding Guidelines for Android-Java, 2011.
|
15 |
Blueprint for a Secure Cyber Future, https://www.dhs.gov/blueprint-secure-cyberfuture (accessed Aug., 26, 2016).
|
16 |
H. Kim and J. Choi, “Weaknesses Occurred Android-based Dynamic Class Loading Implementation,” Proceeding of the Summer Conference of the Korea Institute of Information Security and Cryptology, pp. 309-312, 2016.
|
17 |
H. Song, T. Kim, J. Park, B. Lee, and K. Lim, Inside the Android Framework, Wikibooks Publishers, Paju, Kyonggi-do, 2010.
|
18 |
T. Jensen, D. Le Metayer, and T. Thorn, "Verification of Control Flow Based Security Properties," Proceedings of the 1999 IEEE Symposium, pp. 89-103, 1999.
|
19 |
J. Jeong, D. Seo, C. Lee, J. Kwon, H. Lee, and J. Milburn, "MysteryChecker: Unpredictable Attestation to Detect Repackaged Malicious Applications in Android," Proceeding of IEEE Malicious and Unwanted Software, pp. 50-57, 2014.
|
20 |
S. Kim, S. Kim, and D. Lee, "A Study on the Vulnerability of Integrity Verification Functions of Android-based Smartphone Banking Applications," Journal of the Korea Institute of Information Security & Cryptology, Vol. 23, No. 4, pp. 743-755, 2013.
DOI
|
21 |
Ministry Of Security And Public Administration, Fundamental Practices for Secure Software Development, 2013.
|
22 |
Ministry Of Security And Public Administration, Secure Coding Guidelines for Java used by Developer and Operator of e-Government, 2012.
|
23 |
DHS, Build Security In(2011), https://buildsecurityin.us-cert.gov (accessed Aug., 26, 2016).
|