FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2235876906> ?p ?o ?g. }

• W2235876906 abstract "On modern operating systems, applications under the same user are separated from each other, for the purpose of protecting them against malware and compromised programs. Given the complexity of today's OSes, less clear is whether such isolation is effective against different kind of cross-app resource access attacks (called XARA in our research). To better understand the problem, on the less-studied Apple platforms, we conducted a systematic security analysis on MAC OS~X and iOS. Our research leads to the discovery of a series of high-impact security weaknesses, which enable a sandboxed malicious app, approved by the Apple Stores, to gain unauthorized access to other apps' sensitive data. More specifically, we found that the inter-app interaction services, including the keychain, WebSocket and NSConnection on OS~X and URL Scheme on the MAC OS and iOS, can all be exploited by the malware to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote. Further, the design of the app sandbox on OS~X was found to be vulnerable, exposing an app's private directory to the sandboxed malware that hijacks its Apple Bundle ID. As a result, sensitive user data, like the notes and user contacts under Evernote and photos under WeChat, have all been disclosed. Fundamentally, these problems are caused by the lack of app-to-app and app-to-OS authentications. To better understand their impacts, we developed a scanner that automatically analyzes the binaries of MAC OS and iOS apps to determine whether proper protection is missing in their code. Running it on hundreds of binaries, we confirmed the pervasiveness of the weaknesses among high-impact Apple apps. Since the issues may not be easily fixed, we built a simple program that detects exploit attempts on OS~X, helping protect vulnerable apps before the problems can be fully addressed." @default.
• W2235876906 created "2016-06-24" @default.
• W2235876906 creator A5005758616 @default.
• W2235876906 creator A5010642871 @default.
• W2235876906 creator A5020123625 @default.
• W2235876906 creator A5036446600 @default.
• W2235876906 creator A5037233582 @default.
• W2235876906 creator A5042945564 @default.
• W2235876906 creator A5069678275 @default.
• W2235876906 creator A5084889167 @default.
• W2235876906 date "2015-10-12" @default.
• W2235876906 modified "2023-09-23" @default.
• W2235876906 title "Cracking App Isolation on Apple" @default.
• W2235876906 cites W1988036170 @default.
• W2235876906 cites W1994588724 @default.
• W2235876906 cites W2023446630 @default.
• W2235876906 cites W2119249378 @default.
• W2235876906 cites W2165269684 @default.
• W2235876906 doi "https://doi.org/10.1145/2810103.2813609" @default.
• W2235876906 hasPublicationYear "2015" @default.
• W2235876906 type Work @default.
• W2235876906 sameAs 2235876906 @default.
• W2235876906 citedByCount "27" @default.
• W2235876906 countsByYear W22358769062016 @default.
• W2235876906 countsByYear W22358769062017 @default.
• W2235876906 countsByYear W22358769062018 @default.
• W2235876906 countsByYear W22358769062019 @default.
• W2235876906 countsByYear W22358769062020 @default.
• W2235876906 countsByYear W22358769062021 @default.
• W2235876906 countsByYear W22358769062022 @default.
• W2235876906 crossrefType "proceedings-article" @default.
• W2235876906 hasAuthorship W2235876906A5005758616 @default.
• W2235876906 hasAuthorship W2235876906A5010642871 @default.
• W2235876906 hasAuthorship W2235876906A5020123625 @default.
• W2235876906 hasAuthorship W2235876906A5036446600 @default.
• W2235876906 hasAuthorship W2235876906A5037233582 @default.
• W2235876906 hasAuthorship W2235876906A5042945564 @default.
• W2235876906 hasAuthorship W2235876906A5069678275 @default.
• W2235876906 hasAuthorship W2235876906A5084889167 @default.
• W2235876906 hasConcept C159985019 @default.
• W2235876906 hasConcept C192562407 @default.
• W2235876906 hasConcept C2775941552 @default.
• W2235876906 hasConcept C41008148 @default.
• W2235876906 hasConcept C58396970 @default.
• W2235876906 hasConcept C60644358 @default.
• W2235876906 hasConcept C86803240 @default.
• W2235876906 hasConceptScore W2235876906C159985019 @default.
• W2235876906 hasConceptScore W2235876906C192562407 @default.
• W2235876906 hasConceptScore W2235876906C2775941552 @default.
• W2235876906 hasConceptScore W2235876906C41008148 @default.
• W2235876906 hasConceptScore W2235876906C58396970 @default.
• W2235876906 hasConceptScore W2235876906C60644358 @default.
• W2235876906 hasConceptScore W2235876906C86803240 @default.
• W2235876906 hasFunder F4320306076 @default.
• W2235876906 hasLocation W22358769061 @default.
• W2235876906 hasOpenAccess W2235876906 @default.
• W2235876906 hasPrimaryLocation W22358769061 @default.
• W2235876906 hasRelatedWork W2022371719 @default.
• W2235876906 hasRelatedWork W2093578348 @default.
• W2235876906 hasRelatedWork W2353494441 @default.
• W2235876906 hasRelatedWork W2358668433 @default.
• W2235876906 hasRelatedWork W2376932109 @default.
• W2235876906 hasRelatedWork W2390279801 @default.
• W2235876906 hasRelatedWork W2748952813 @default.
• W2235876906 hasRelatedWork W2899084033 @default.
• W2235876906 hasRelatedWork W309398776 @default.
• W2235876906 hasRelatedWork W4210892843 @default.
• W2235876906 isParatext "false" @default.
• W2235876906 isRetracted "false" @default.
• W2235876906 magId "2235876906" @default.
• W2235876906 workType "article" @default.