Static detection of API call vulnerabilities in iOS executables
ICSE (Companion Volume), pp. 394-395, 2018.
We propose a static analysis technique for iOS executables for checking API call vulnerabilities that can cause 1) app behaviors to be altered by malicious external inputs, and 2) sensitive user data to be illegally accessed by apps with stealthy private API calls that use string obfuscation. We identify sensitive functions that dynamical...More
Full Text (Upload PDF)
PPT (Upload PPT)