Package registries host reusable code assets, allowing developers to share and reuse packages easily, thus accelerating the software development process. Current registry ecosystems involve multiple independent stakeholders for package management. Unfortunately, abnormal behavior information inconsistency inevitably exist, enabling adversaries conduct malicious activities with minimal effort covertly. In this paper, we investigate potential security vulnerabilities in six popular ecosystems....

Nowadays, the popular Android is so closely involved in people's daily lives that people rely on to perform critical operations and trust with sensitive information. It of great importance guarantee usability security which, however, such a huge system potential threat may arise from any part it. In this paper, we focus Free Floating window (FF window) which category windows can appear freely above other applications. share screen space FF windows, dialogs, activities. An flexible both its...

Continuous Integration (CI) is a widely-adopted software development practice for automated code integration. A typical CI workflow involves multiple independent stakeholders, including hosting platforms (CHPs), (CPs), and third party services. While can significantly improve efficiency, unfortunately, it also exposes new attack surfaces. As the executed by task may come from less-trusted user, improperly configured with weak isolation mechanisms might enable attackers to inject malicious...

Android system applies a permission-based security model to restrict unauthorized apps from accessing services, however, this cannot constrain authorized sending excessive service requests exhaust the limited resource allocated for each service. As references native code Java object, JNI Global References (JGR) are prone memory leaks, since they not automatically garbage collected. Moreover, JGR exhaustion may lead process abort or even reboot when victim could afford triggered by malicious...

Android allows apps to communicate with its system services via service helpers so that these can use various functions provided by the services. Meanwhile, rely on their enforce security checks for protection. Unfortunately, in may be bypassed directly exploiting non-SDK (hidden) APIs, degrading stability and posing severe threats such as privilege escalation, automatic function execution without users' interactions, crashes, DoS attacks. Google has proposed approaches address this problem,...

In order to effectively detect malware in Android, dynamic analysis techniques with Android emulators are widely adopted. Emulators can be deployed for large-scale detection and restored an ensured clean state a short period after each app process such that upon malware. Moreover, significantly reduce the cost compared real devices. However, emulator-based has limited capability detecting evasive presence of environment hide its malicious behaviors. this paper, we propose RealDroid, system...

System services and resources in Android are accessed through IPC based mechanisms. Previous research has demonstrated that they vulnerable to the denial-of-service attack (DoS attack). For instance, JNI global reference (JGR), which is widely used by system services, can be exhausted cause reboot (hence name JGRE Even though team tries fix problem enforcing security checks, we find it still possible construct a JGR exhaustion DoS latest system. In this paper, propose new attack, effective...

Mini-programs are lightweight apps running in super (such as WeChat, Baidu, Alipay, and TikTok), an emerging paradigm the era of mobile computing. With growing popularity mini-programs, there is increasing concern for their security privacy. In essence, mini-programs WebView-based apps. This means that they may be vulnerable to same risks associated with web this work, we discovered a new mini-program vulnerability called MiniCPRF (Cross-Page Request Forgery Mini-Programs). The exploit easy,...

Mainstream Continuous Integration (CI) platforms have provided the plugin functionality to accelerate development of CI pipelines. Unfortunately, plugins, which are essentially reusable code snippets, also expose new attack surfaces as plugins might be developed by less trusted users. In this paper, we present an in-depth study understand potential security risks in existing plugins. We conduct a comprehensive analysis implementations on four mainstream (GitHub Actions, GitLab CI, CircleCI,...

Android provides flexible inter-application communication by exporting the components of one app to others. Each can define customized permissions control access from other apps its exposed components. However, an attacker easily exported and private information evading permission checks in Android. In this article, authors discuss a new attack called direct resource hijacking (or attack), which directly hijacks or on owned benign app. They find that among top 230 popular apps, 53 are...

System services and resources in Android are accessed through IPC-based mechanisms. Previous research has demonstrated that they vulnerable to the denial-of-service attack (DoS attack). For instance, JNI global reference (JGR), which is widely used by system services, can be exhausted cause reboot (hence name JGRE Even though team tries fix problem enforcing security checks, we find it still possible construct a JGR exhaustion DoS latest system. In this article, propose new attack, effective...

Android provides flexible inter-application (or app) communication by exporting the components of one app to others. Each can define customized permissions control access from others its exposed components. However, an attacker easily exported and private information evading permission check in Android. In this article, we present a new attack called direct resource hijacking or on We find that among top 230 popular apps 53 are vulnerable attack. To tackle vulnerability, propose fine-grained...