Yong Chen^1,*, Chao Xu¹, Jing Selena He², Sheng Xiao³

Journal of Quantum Computing, Vol.4, No.2, pp. 75-84, 2022, DOI:10.32604/jqc.2022.031312

Abstract With the rapid development of information technology, audit objects and audit itself are more and more inseparable from software. As an important means of software security audit, code security audit will become an important aspect of future audit that cannot be ignored. However, the existing code security audit is mainly based on source code, which is difficult to meet the audit needs of more and more programming languages and binary commercial software. Based on the idea of normalized transformation, this paper constructs a cross language code security audit framework (CLCSA). CLCSA first uses compile/decompile technology to convert different high-level programming… More >

Tianjun Wu, Yuexiang Yang

Intelligent Automation & Soft Computing, Vol.25, No.4, pp. 755-766, 2019, DOI:10.31209/2019.100000079

Abstract While many research efforts have been around auditing individual android apps, the security issues related to the interaction among multiple apps are less studied. Due to the hidden nature of Inter-App communications, few existing security tools are able to detect such related vulnerable behaviors. This paper proposes to perform overall security auditing using dynamic analysis techniques. We focus on data leakage as it is one of the most common vulnerabilities for Android applications. We present an app auditing system AppWalker, which uses concolic execution on a set of apps. We use static Inter-App taint analysis to guide the dynamic auditing… More >