Bonn-Aachen International Center
for Information Technology





city life
cosec >students >Teaching >Winter 2013/2014 

Execute This! Analyzing unsafe and malicious dynamic code loading in Android applications

Sebastian Poeplau (University of Bonn)

Thursday, 05 December 2013, 15:00, B-IT 1.25

The design of the Android system allows applications to load additional code from external sources at runtime. Malware can use this capability to add malicious functionality after it has been inspected by an application store or anti-virus engine at install time. Also, developers of benign applications can inadvertently introduce vulnerabilities. In this talk, we highlight some of our findings from a large-scale study of 1,632 popular applications from Google Play. We also briefly outline the protection mechanism that we developed to mitigate the threats imposed by the ability to load external code.

Imprint, webmaster & more