Large-Scale Analysis of Remote Code Injection Attacks in Android Apps

<table class="table-group" id="tab2"><tr><td><table class="table"><tr><td class="thead-hr" colspan="4"><hr/></td></tr><tr class="thead"><td class="align_left">Category </td><td class="align_center">Type </td><td class="align_center"><i>❶</i> Number of potentially vuln apps </td><td class="align_center"><i>❷</i> Number of flagged vuln apps </td></tr><tr><td class="thead-hr" colspan="4"><hr/></td></tr><tr><td class="align_left" rowspan="2">File overwrite vulnerabilities</td><td class="align_center">Unsafe ZIP</td><td class="align_center">75 (1.5%)</td><td class="align_center">49</td></tr><tr><td class="align_center">Unsafe Content-Disposition</td><td class="align_center">15 (0.3%)</td><td class="align_center">0</td></tr><tr class="table-tr"><td colspan="4"><hr class="tbody-hr"/></td></tr></table></td></tr><tr class="table-fn"><td><div><i>❶</i> = static HTTP URL + dynamic URL; <i>❷</i> = <i>❶</i> − dynamic URL.<br/></div></td></tr></table>

<div>Results of Google Play dataset (<svg height="8.8423pt" id="M70" style="vertical-align:-0.2064009pt" version="1.1" viewbox="-0.0498162 -8.6359 46.3225 8.8423" width="46.3225pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M645 631C614 643 545 666 457 666C215 666 23 519 23 283C23 90 158 -16 337 -16C412 -16 489 2 522 10C543 39 590 127 606 167L580 181C519 89 459 18 348 18C201 18 122 136 122 287C122 464 244 632 435 632C544 632 602 595 608 472L639 475C643 526 645 581 645 631Z" id="g113-68"></path></g><g transform="matrix(.013,0,0,-0.013,8.293,0)"><path d="M405 650H141L135 622C222 616 230 610 215 535L133 116C118 41 113 33 29 28L23 0H289L295 28C209 33 205 40 219 116L298 535C312 609 317 616 399 622L405 650Z" id="g113-74"></path></g><g transform="matrix(.013,0,0,-0.013,16.765,0)"><path d="M535 0V354C535 476 422 563 294 563S53 476 53 354V0H111V354C111 446 197 513 294 513S477 446 477 354V0H535Z" id="g117-60"></path></g><g transform="matrix(.013,0,0,-0.013,27.302,0)"><path d="M645 631C614 643 545 666 457 666C215 666 23 519 23 283C23 90 158 -16 337 -16C412 -16 489 2 522 10C543 39 590 127 606 167L580 181C519 89 459 18 348 18C201 18 122 136 122 287C122 464 244 632 435 632C544 632 602 595 608 472L639 475C643 526 645 581 645 631Z" id="g113-68"></path></g><g transform="matrix(.013,0,0,-0.013,35.595,0)"><path d="M405 650H141L135 622C222 616 230 610 215 535L133 116C118 41 113 33 29 28L23 0H289L295 28C209 33 205 40 219 116L298 535C312 609 317 616 399 622L405 650Z" id="g113-74"></path></g><g transform="matrix(.013,0,0,-0.013,40.509,0)"><path d="M405 650H141L135 622C222 616 230 610 215 535L133 116C118 41 113 33 29 28L23 0H289L295 28C209 33 205 40 219 116L298 535C312 609 317 616 399 622L405 650Z" id="g113-74"></path></g></svg>). All vulnerable apps were manually confirmed.</div>

Security and Communication Networks

Large-Scale Analysis of Remote Code Injection Attacks in Android Apps

Table 2