このエントリーをはてなブックマークに追加
ID 61416
フルテキストURL
fulltext.pdf 1.45 MB
著者
Imamura, Yuta Graduate School of Natural Science and Technology, Okayama University
Orito, Rintaro Graduate School of Natural Science and Technology, Okayama University
Uekawa, Hiroyuki Graduate School of Natural Science and Technology, Okayama University
Chaikaew, Kritsana Faculty of Engineering, Kasetsart University
Leelaprute, Pattara Faculty of Engineering, Kasetsart University
Sato, Masaya Graduate School of Natural Science and Technology ORCID Kaken ID publons researchmap
Yamauchi, Toshihiro Graduate School of Natural Science and Technology, Okayama University ORCID Kaken ID publons researchmap
抄録
Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.
キーワード
Android
WebView
Web access monitoring
Web security
Threat analysis
Fake virus alert
発行日
2021-01-19
出版物タイトル
International Journal of Information Security
出版者
Springer
ISSN
1615-5262
NCID
AA11872752
資料タイプ
学術雑誌論文
言語
English
OAI-PMH Set
岡山大学
著作権者
© The Author(s) 2021
論文のバージョン
publisher
DOI
Web of Science KeyUT
関連URL
isVersionOf https://doi.org/10.1007/s10207-020-00534-3
ライセンス
http://creativecommons.org/licenses/by/4.0/