Table of Content

Open Access

ARTICLE

CM-Droid: Secure Container for Android Password Misuse Vulnerability

Wen Zhang1, Keyue Li1,*, Tianyang Li1, Shaozhang Niu1, Zhenguang Gao2
Beijing Key Lab of Intelligent Telecommunication Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing, 100876, China.
Department of Computer Science, Framingham State University, 100 State St, Framingham, Massachusetts, MA 01702, USA.
* Corresponding Author: Keyue Li. Email: .

Computers, Materials & Continua 2019, 59(1), 181-198. https://doi.org/10.32604/cmc.2019.05813

Abstract

Android applications are associated with a large amount of sensitive data, therefore application developers use encryption algorithms to provide user data encryption, authentication and data integrity protection. However, application developers do not have the knowledge of cryptography, thus the cryptographic algorithm may not be used correctly. As a result, security vulnerabilities are generated. Based on the previous studies, this paper summarizes the characteristics of password misuse vulnerability of Android application software, establishes an evaluation model to rate the security level of the risk of password misuse vulnerability and develops a repair strategy for password misuse vulnerability. And on this basis, this paper designs and implements a secure container for Android application software password misuse vulnerability: CM-Droid.

Keywords

Password misuse, evaluation model, secure container, dynamic repair.

Cite This Article

W. Zhang, K. Li, T. Li, S. Niu and Z. Gao, "Cm-droid: secure container for android password misuse vulnerability," Computers, Materials & Continua, vol. 59, no.1, pp. 181–198, 2019.

Citations




This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2134

    View

  • 858

    Download

  • 0

    Like

Related articles

Share Link

WeChat scan