A Security Mechanism for Android HTML5 Web Applications

Chang, Wei

A Security Mechanism for Android HTML5 Web Applications

Date Issued

2015

Date

2015

Author(s)

Chang, Wei

URI

http://ntur.lib.ntu.edu.tw//handle/246246/276188

Abstract

Hybrid mobile applications have been widely used in the modern smartphones. These applications are implemented in HTML5 and the native language of the operating system. The developers use WebView components to wrap the part of HTML5 and register the communication channel between WebView and the part of native language. However, the communication channel is vulnerable. Malicious web pages may be loaded in the WebView and attack the device through the communication channel. In this thesis, we proposed a framework to protect the communication channel. This framework includes two parts. The first one is fined-grained access control which protects the communication channel. The second is malicious bridge API call detection which detects the malicious usage of the communication channel. According to the experimental result, the proposed framework blocks malicious access efficiently. Moreover, the second approach achieves high accuracy and reduces the labeled training data at the same time.

Subjects

Android

Security

HTML5

WebView

Tokenization

Active Learning

Machine Learning

Type

thesis

File(s)

Name

ntu-104-R02921028-1.pdf

Size

23.32 KB

Format

Adobe PDF

Checksum

(MD5):3c36e05fcc3eccc1c76f78b6ef749586

A Security Mechanism for Android HTML5 Web Applications

關於 (About)

聯絡資訊 (Contact Us)

相關網站 (Useful Links)

關於開放取用 (Open Access, OA)

出版社期刊論文授權政策 (Copyright)

使用說明 (Instructions)

登入說明 (Sign-in)

匯入著作 (Submission)