Journal on Communications ›› 2014, Vol. 35 ›› Issue (Z2): 131-139.doi: 10.3969/j.issn.1000-436x.2014.z2.018
• Papers • Previous Articles Next Articles
Xi CHEN1,2,You-liang TIAN3,Zhuo MA4,Jian-feng MA4
Online:
2014-11-25
Published:
2017-06-19
Supported by:
Xi CHEN,You-liang TIAN,Zhuo MA,Jian-feng MA. Research on security of mobile payment for commercial bank[J]. Journal on Communications, 2014, 35(Z2): 131-139.
[1] | MüLLER-VEERSE F . Mobile Commerce Report[R]. Technical Report,Durlacher Research Ltd, 1999. |
[2] | 艾瑞咨询. 2012-2013 年中国移动支付用户调研报告简版[EB/OL]. .iResearch. 2012-2013 China Mobile Payment User Behavior Report[EB/OL]. . |
[3] | 艾瑞咨询. 2013 年中国第三方移动支付数据报告[EB/OL]. .iResearch. 2013 China Third-party Payment Platforms Data Report[EB/OL]. . |
[4] | 艾瑞咨询. 2013 年中国移动安全数据报告[EB/OL]. .iResearch. 2013 China Mobile Security Report[EB/OL]. . |
[5] | ENCK W , ONGTANG M , MCDANIEL P . Understanding android security[J]. Security & Privacy, 2009,7(1): 50-57. |
[6] | ENCK W , OCTEAU D , MCDANIEL P ,et al. A study of android application security[A]. USENIX Security Symposium[C]. 2011. |
[7] | DAVI L , DMITRIENKO A , SADEGHI A R ,et al. Privilege Escalation Attacks on Android[M]. Information Security. Springer Berlin Heidelberg, 2011. 346-360. |
[8] | ENCK W , ONGTANG M , MCDANIEL P . On lightweight mobile phone application certification[A]. Proceedings of the 16th ACM Conference on Computer and Communications Security[C]. 2009. 235-245. |
[9] | CHIN E , FELT A,P , GREENWOOD K ,et al. Analyzing inter-application communication in android[A]. Proceedings of the 9m International Conference on Mobile System,Applications and Services[C]. 2011. |
[10] | BARRERA D , KAYACIK H G , VAN OORSCHOT P C ,et al. A methodology for empirical analysis of permission-based security models and its application to android[A]. Proceedings of the 17th ACM Conference on Computer and Communications Security[C]. 2010. 73-84. |
[11] | FELT A P , CHIN E , HANNA S ,et al. Android permissions demystified[A]. Proceedings of the 18th ACM Conference on Computer and Communications Security[C]. 2011. 627-638. |
[12] | SHIN W , KIYOMOTO S , FUKUSHIMA K ,et al. A formal model to analyze the permission authorization and enforcement in the Android framework[A]. 2010 IEEE Second International Conference on Social Computing (SocialCom)[C]. 2010. 944-951. |
[13] | 张中文, 雷灵光, 王跃武 . Android Permission 机制的实现与安全分析[J]. 信息网络安全, 2012,(8): 3-6. ZHANG Z W , LEI L G , WANG Y W . Studying the implementation and security of the permission mechanism in Android[J]. Netinfo Security, 2012,(8): 3-6. |
[14] | CHAN P P F , HUI L C K , YIU S M . Droidchecker:analyzing android applications for capability leak[A]. Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks[C]. 2012. 125-136. |
[15] | ENCK W , GILBERT P , CHUN B ,et al. TaintDroid:an information-flow tracking system for realtime privacy monitoring on smartphones[A]. Proceedings of the 9m USENIX Symposium on Operating Systems Design and Implementation[C]. 2010. |
[16] | ZHOU Y J , ZHANG X W , JIANG X X ,et al. Taming information-stealing smartphone applications on android[A]. TRUST[C]. 2011. 93-107. |
[17] | LUO T B , HAO H , DU W L ,et al. Attacks on Web view in the android system[A]. Proceedings of the Annual Computer Security Application Conference[C]. 2011. |
[18] | ZHOU W , ZHOU Y , JIANG X ,et al. Detecting repackaged smartphone applications in third-party android marketplaces[A]. Proceedings of the Second ACM Conference on Data and Application Security and Privacy[C]. 2012. 317-326. |
[19] | VIDAS T , CHRISTIN N . Sweetening android lemon markets:measuring and combating malware in application marketplaces[A]. Proceedings of the Third ACM Conference on Data and Application Security and Privacy[C]. 2013. 197-208. |
[20] | JUNG J H , KIM J Y , LEE H C ,et al. Repackaging attack on Android banking applications and its countermeasures[J]. Wireless Personal Communications, 2013. 1-17. |
[21] | ZHOU W , ZHANG X , JIANG X . AppInk:watermarking Android APPS for repackaging deterrence[A]. Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security[C]. 2013. 1-12. |
[22] | SUAREZ-TANGIL G , TAPIADOR J E,PERIS-LOPEZ P ,et al. Dendroid:a text mining approach to analyzing and classifying code structures in Android malware families[J]. Expert Systems with Applications, 2014,41(4): 1104-1117. |
[23] | MADLMAYR G , LANGER J , KANTNER C ,et al. NFC devices:security and privacy[A]. Availability,Reliability and Security,2008[C]. ARES 08,Third International Conference on IEEE, 2008. 642-647. |
[24] | HASELSTEINER E , BREITFUB K . Security in near field communication (NFC)[A]. Workshop on RFID Security RFIDSec[C]. 2006. |
[25] | MULLINER C . Vulnerability analysis and attacks on NFC-enabled mobile phones[A]. Availability,Reliability and Security ARES'09[C]. 2009. 695-700. |
[26] | HANCKE G P . Practical eavesdropping and skimming attacks on high-frequency RFID tokens[J]. Journal of Computer Security, 2011,19(2): 259-288. |
[27] | CANEY R , DORROS C , KENNEDY S ,et al. Mobile Pickpocketing:Exfiltration of Sensitive Data through NFC-enabled Mobile Devices[R]. Technical Report,CMU-cyLab-13-015,Carnegie Mellon University, 2013. |
[28] | DIAKOS T P , BRIFFA J A , BROWN T W C ,et al. Eavesdropping near-field contactless payments:a quantitative analysis[J]. The Journal of Engineering, 2013,1(1). |
[29] | ALLAH A , MOSTAFA M . Strengths and weaknesses of near field communication (NFC) technology[J]. Global Journal of Computer Science and Technology, 2011,11(3). |
[30] | ROLAND M . Applying Recent Secure Element Relay Attack Scenarios to the Real World:Google Wallet Relay Attack[R]. arXiv preprint arXiv:1209.0875, 2012. |
[31] | Charlie Miller. Exploring the nfc attack surface[EB/OL]. . |
[32] | EUN H , LEE H , OH H . Conditional privacy preserving security protocol for NFC applications[J]. Consumer Electronics,IEEE Transactions on, 2013,59(1): 153-160. |
[33] | PARK S W , LEE I Y . Anonymous authentication scheme based on NTRU for the protection of payment information in NFC mobile environment[J]. Journal of Information Processing Systems, 2013,9(3). |
[34] | LEE Y S , KIM E , JUNG M S . A NFC based authentication method for defence of the man in the middle attack[A]. Proceeding of the 3 rd International Conference on Computer Science and Information Technology (ICCSIT'2013)[C]. 2013. 4-5. |
[35] | GUMMESON J J , PRIYANTHA B , GANESAN D ,et al. EnGarde:Protecting the mobile phone from malicious NFC interactions[A]. Proceeding of the 11th Annual International Conference on Mobile Systems,Applications,and Services[C]. 2013. 445-458. |
[36] | DYKES R . Cloud based electronic wallet:U.S.Patent Application 13/468,686[P].2012-5-10. |
[37] | KAMARA S , LAUTER K . Cryptographic Cloud Storage[M]. Financial Cryptography and Data Security,Springer Berlin Heidelberg, 2010. 136-149. |
[1] | Zhiyong LUO,Xu YANG,Jiahui LIU,Rui XU. Network intrusion intention analysis model based on Bayesian attack graph [J]. Journal on Communications, 2020, 41(9): 160-169. |
[2] | Xinyu WANG,Ben NIU,Fenghua LI,Kun HE. Risk assessing and privacy-preserving scheme for privacy leakage in APP [J]. Journal on Communications, 2019, 40(5): 13-23. |
[3] | Hongyu SUN,Yuan HE,Jice WANG,Ying DONG,Lipeng ZHU,He WANG,Yuqing ZHANG. Application of artificial intelligence technology in the field of security vulnerability [J]. Journal on Communications, 2018, 39(8): 1-17. |
[4] | Hao LIU,Lian-ming ZHANG,Zhi-gang CHEN. Task-based access control mode of peer-to-peer network based on fuzzy theory [J]. Journal on Communications, 2017, 38(2): 44-52. |
[5] | Zhi-qiang WANG,Qi-xu LIU,Yu-qing ZHANG. Research of discovering vulnerabilities of NFC applications on Android platform [J]. Journal on Communications, 2014, 35(Z2): 117-123. |
[6] | . Research of discovering vulnerabilities of NFC applications on Android platform [J]. Journal on Communications, 2014, 35(Z2): 16-123. |
[7] | . Research on security of mobile payment for commercial bank [J]. Journal on Communications, 2014, 35(Z2): 18-139. |
[8] | . Risk assessment model based on fuzzy Petri nets [J]. Journal on Communications, 2013, 34(Z1): 16-132. |
[9] | Xiang GAO,Yue-fei ZHU,Sheng-li LIU,Jin-long FEI,Long LIU. Risk assessment model based on fuzzy Petri nets [J]. Journal on Communications, 2013, 34(Z1): 126-132. |
[10] | . Method for router online security risk assessment quantification [J]. Journal on Communications, 2013, 34(11): 8-70. |
[11] | Jun-gang YANG,Li LIANG,Gu-jing LIU,Qian ZHANG,Chang-qing ZHANG. Method for router online security risk assessment quantification [J]. Journal on Communications, 2013, 34(11): 59-70. |
[12] | Biao SONG,Jian-ming ZHU. Evolution entropy risk assessment of ERP information security based on the business process [J]. Journal on Communications, 2012, 33(Z1): 210-215. |
[13] | Dong-mei ZHAO,Jian-feng MA,Yue-sheng WANG. Model of fuzzy risk assessment of the information system [J]. Journal on Communications, 2007, 28(4): 51-56. |
[14] | Yong-jie WANG,Ming XIAN,Jin LIU,Guo-yu WANG. Study of network security evaluation based on attack graph model [J]. Journal on Communications, 2007, 28(3): 29-34. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|