Mulai 27 Maret 2025, sebaiknya gunakan android-latest-release, bukan aosp-main, untuk mem-build dan berkontribusi pada AOSP. Untuk mengetahui informasi selengkapnya, lihat Perubahan pada AOSP.
ASPIRE
Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
Program Penelitian Keamanan dan Privasi Android (ASPIRE) menyediakan dana untuk penelitian tertentu terkait Android.
ASPIRE mengatasi tantangan mendasar melalui sudut pandang kepraktisan dan mendorong pengembangan teknologi yang mungkin menjadi fitur inti Android di masa depan, yang berdampak pada ekosistem Android dalam 2-5 tahun ke depan. Jangka waktu ini melampaui rilis tahunan Android berikutnya untuk memberikan waktu yang cukup untuk menganalisis, mengembangkan, dan menstabilkan penelitian terhadap fitur sebelum memasukkannya ke dalam platform. Perhatikan bahwa ini berbeda dari inisiatif keamanan Android lainnya seperti program pengungkapan kerentanan .
ASPIRE beroperasi dengan mengundang proposal untuk topik penelitian, menyediakan dana untuk proposal terpilih, dan bermitra dengan peneliti eksternal dengan Googler. Kami mengumumkan pemanggilan proposal setahun sekali, biasanya pada pertengahan tahun, dan mengumumkan proposal yang dipilih untuk didanai pada akhir tahun kalender.
Selain ASPIRE, jika Anda seorang peneliti yang tertarik untuk mendorong batasan keamanan dan privasi Android, ada beberapa cara untuk berpartisipasi:
- Lamar magang penelitian sebagai siswa yang mengejar gelar lebih tinggi.
- Lamar untuk menjadi Peneliti Tamu di Google.
- Tulis publikasi bersama dengan anggota tim Android.
- Berkolaborasi dengan anggota tim Android untuk membuat perubahan pada Proyek Sumber Terbuka Android.
Publikasi didanai oleh ASPIRE
2024
- 50 Nuansa Dukungan: Analisis Berpusat pada Perangkat untuk Pembaruan Keamanan Android. Abbas Acar, Güliz Seray Tuncay , Esteban Luques, Harun Oz, Ahmet Aris, dan Selcuk Uluagac. Keamanan Sistem Jaringan dan Terdistribusi (NDSS) 2024. [ makalah ] [ video ]
- Pakai Data saya? Memahami Model Izin Runtime Lintas Perangkat di Perangkat yang Dapat Dipakai. Doguhan Yeke, Muhammad Ibrahim, Güliz Seray Tuncay , Habiba Farrukh, Abdullah Imran, Antonio Bianchi, dan Z. Berkay Celik. Simposium IEEE tentang Keamanan dan Privasi (S&P) 2024. [ makalah]
- (Dalam) Keamanan Unggahan File di Node.js. Harun Oz, Abbas Acar, Ahmet Aris, Güliz Seray Tuncay , Amin Kharraz, Selcuk Uluagac. Konferensi Web ACM (WWW) 2024. [ makalah ]
2023
- RøB: Ransomware melalui Peramban Web Modern . Oz, Harun, Ahmet Aris, Abbas Acar, Güliz Seray Tuncay , Leonardo Babun, dan Selcuk Uluagac. Simposium Keamanan USENIX (Keamanan USENIX) 2023. [ makalah ] [ video ] [ slide ]
- Keamanan UE Dimuat Ulang: Mengembangkan Kerangka Pengujian Keamanan Sisi Pengguna Mandiri 5G . E Bitsikas, S Khandker, A Salous, A Ranganathan, R Piqueras Jover, C Pöpper. Konferensi ACM tentang Keamanan dan Privasi dalam Jaringan Nirkabel dan Seluler (WiSec) 2023. [ makalah ] [ video ] [ slide ]
- Buku Pegangan Malware Android. Qian Han, Salvador Mandujano, Sebastian Porst, VS Subrahmanian, Sai Deep Tetali. [ buku ]
- Memahami Pola Gelap di Perangkat IoT Rumah . Monica Kowalczyk, Johanna T. Gunawan, David Choffnes, Daniel J Dubois, Woodrow Hartzog, Christo Wilson. Konferensi ACM tentang Faktor Manusia dalam Sistem Komputasi (CHI) 2023. [ makalah ]
- Pembelajaran Berkelanjutan untuk Deteksi Malware Android . Yizheng Chen, Zhoujie Ding, dan David Wagner. Simposium Keamanan USENIX (Keamanan USENIX) 2023. [ makalah ]
- PolyScope: Analisis Kontrol Akses Multi-Kebijakan untuk Melakukan Triase Penyimpanan Cakupan Android . Yu-Tsung Lee, Haining Chen, William Enck, Hayawardh Vijayakumar, Ninghui Li, Zhiyun Qian, Giuseppe Petracca, dan Trent Jaeger. Transaksi IEEE pada Komputasi yang Dapat Diandalkan dan Aman, doi: 10.1109/TDSC.2023.3310402. [ kertas ]
- Triaging Sistem Android Menggunakan Grafik Serangan Bayesian. Yu-Tsung Lee, Rahul George, Haining Chen, Kevin Chan, dan Trent Jaeger. Konferensi Pengembangan Aman IEEE (SecDev), 2023. [ makalah ]
2022
- SARA: Otorisasi Jarak Jauh Android yang Aman . Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, dan Antonio Bianchi. Simposium Keamanan USENIX (Keamanan USENIX) 2022. [ makalah ] [ video ] [ slide ]
- FReD: Mengidentifikasi Delegasi Ulang File di Layanan Sistem Android. Sigmund Albert Gorski III, Seaver Thorn, William Enck, dan Haining Chen. Simposium Keamanan USENIX (Keamanan USENIX) 2022. [ makalah ] [ video ] [ slide ]
- Poirot: Kemungkinan Merekomendasikan Perlindungan untuk Kerangka Android. Zeinab El-Rewini, Zhuo Zhang, Yousra Aafer. Keamanan Komputer dan Komunikasi (CCS) ACM 2022. [ makalah ]
- Sifter: Melindungi Modul Kernel Penting Keamanan di Android melalui Pengurangan Permukaan Serangan. Hsin-Wei Hung, Yingtong Liu, Ardalan Amiri Sani. Konferensi ACM tentang Komputasi dan Jaringan Seluler (MobiCom) 2022. [ makalah ]
2021
- Investigasi Ekosistem Patch Kernel Android. Zheng Zhang, Hang Zhang, Zhiyun Qian, dan Billy Lau. Simposium Keamanan USENIX (Keamanan USENIX) 2021. [ makalah ] [ video ] [ slide ]
- Mengungkap Pertahanan Penyimpanan Tercakup Android. Yu-Tsung Lee, Haining Chen, dan Trent Jaeger. Keamanan & Privasi IEEE, vol. 19, tidak. 05, hal. 16-25, 2021. [ makalah ]
2019
- Melindungi tumpukan dengan kenari PACed. H. Liljestrand, Z. Gauhar, T. Nyman, J.-E. Ekberg, dan N. Asokan. [ kertas ]
Konten dan contoh kode di halaman ini tunduk kepada lisensi yang dijelaskan dalam Lisensi Konten. Java dan OpenJDK adalah merek dagang atau merek dagang terdaftar dari Oracle dan/atau afiliasinya.
Terakhir diperbarui pada 2024-04-29 UTC.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Informasi yang saya butuhkan tidak ada","missingTheInformationINeed","thumb-down"],["Terlalu rumit/langkahnya terlalu banyak","tooComplicatedTooManySteps","thumb-down"],["Sudah usang","outOfDate","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Masalah kode / contoh","samplesCodeIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2024-04-29 UTC."],[],[],null,["# ASPIRE\n\nThe Android Security and Privacy Research (ASPIRE) program provides\nfunding for certain research related to Android.\n\nASPIRE tackles fundamental challenges through the lens of practicality and\nencourages the development of technologies that may become core Android features\nin the future, impacting the Android ecosystem in the next 2-5 years. This\ntimeframe extends beyond the next annual Android release to allow adequate time\nto analyze, develop, and stabilize research into features before including in\nthe platform. Note that this is distinct from other Android security initiatives\nsuch as the [vulnerability\ndisclosure program](https://bughunters.google.com/about).\n\nASPIRE operates by inviting proposals for research topics, providing funding\nfor select proposals, and partnering external researchers with Googlers. We\nannounce a call for proposals once a year, typically in the middle of the year,\nand announce the proposals selected for funding by the end of the calendar\nyear.\n\nBeyond ASPIRE, if you're a researcher interested in pushing the boundaries of\nAndroid security and privacy, there are several ways to participate:\n\n- Apply for a [research\n internship](https://careers.google.com/students/engineering-and-technical-internships/) as a student pursuing an advanced degree.\n- Apply to become a [Visiting\n Researcher](https://research.google/outreach/visiting-researcher-program/) at Google.\n- Co-author publications with Android team members.\n- Collaborate with Android team members to make changes to the Android Open Source Project.\n\n### Publications funded by ASPIRE\n\n#### 2025\n\n- **ScopeVerif: Analyzing the Security of Android's\n Scoped Storage via Differential Analysis** Zeyu Lei, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Beatrice Carissa Williem, Z. Berkay Celik, and Antonio Bianchi. Purdue University, Google 2025 \\[[paper](https://www.ndss-symposium.org/wp-content/uploads/2025-340-paper.pdf)\\]\n\n\u003c!-- --\u003e\n\n- **LANShield: Analysing and Protecting Local Network Access on Mobile Devices.** Angelos Beitis, Jeroen Robben, Alexander Matern, Zhen Lei, Yijia Li, Nian Xue, Yongle Chen, Vik Vanderlinden, and Mathy Vanhoef. 25th Privacy Enhancing Technologies Symposium (PETS) 2025. \\[[paper](https://papers.mathyvanhoef.com/pets2025.pdf)\\] \\[[website](https://lanshield.eu)\\]\n\n#### 2024\n\n- **SIMurai: Slicing Through the Complexity of SIM Card Security Research** Tomasz Piotr Lisowski, Merlin Chlosta, Jinjin Wang, and Marius Muench. 33rd USENIX Security Symposium. \\[[paper](https://www.usenix.org/system/files/usenixsecurity24-lisowski.pdf)\\] \\[[video](https://www.youtube.com/watch?v=3_R9P--ksE4)\\] \\[[slides](https://www.usenix.org/system/files/usenixsecurity24_slides-lisowski.pdf)\\]\n- **50 Shades of Support: A Device-Centric Analysis of Android\n Security Updates.** Abbas Acar, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Esteban Luques, Harun Oz, Ahmet Aris, and Selcuk Uluagac. Networked and Distributed Systems Security (NDSS) 2024. \\[[paper](https://www.ndss-symposium.org/wp-content/uploads/2024-175-paper.pdf)\\] \\[[video](https://www.youtube.com/watch?v=s_CIxz1BLEM)\\]\n- **Wear's my Data? Understanding the Cross-Device Runtime Permission\n Model in Wearables.** Doguhan Yeke, Muhammad Ibrahim, [Güliz SerayP\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Habiba Farrukh, Abdullah Imran, Antonio Bianchi, and Z. Berkay Celik. IEEE Symposium on Security and Privacy (S\\&P) 2024. \\[[paper\\]](https://www.computer.org/csdl/proceedings-article/sp/2024/313000a077/1RjEaMvw3iE) \\[[video](https://www.youtube.com/watch?v=EWrEsDJ084c)\\]\n- **(In)Security of File Uploads in Node.js.** Harun Oz, Abbas Acar, Ahmet Aris, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Amin Kharraz, Selcuk Uluagac. ACM Web Conference (WWW) 2024. \\[[paper](https://research.google/pubs/pub53215/)\\]\n\n#### 2023\n\n- **RøB: Ransomware over Modern Web Browsers** . Oz, Harun, Ahmet Aris, Abbas Acar, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Leonardo Babun, and Selcuk Uluagac. USENIX Security Symposium (USENIX Security) 2023. \\[[paper](https://www.usenix.org/system/files/usenixsecurity23-oz.pdf)\\] \\[[video](https://youtu.be/MUVNz6p3_jk)\\] \\[[slides](https://www.usenix.org/system/files/sec23_slides_oz.pdf)\\]\n- **UE Security Reloaded: Developing a 5G Standalone User-Side Security\n Testing Framework** . E Bitsikas, S Khandker, A Salous, A Ranganathan, R Piqueras Jover, C Pöpper. ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) 2023. \\[[paper](https://dl.acm.org/doi/abs/10.1145/3558482.3590194)\\] \\[[video](https://www.youtube.com/watch?v=GrJCN-_T29c&list=PL4FCce8hBdnIf2argwcrw5J0h_eB39WSn&index=15)\\] \\[slides\\]\n- **The Android Malware Handbook.** Qian Han, Salvador Mandujano, Sebastian Porst, V.S. Subrahmanian, Sai Deep Tetali. \\[[book](https://books.google.com/books/about/The_Android_Malware_Handbook.html?id=U2y1EAAAQBAJ)\\]\n- **Understanding Dark Patterns in Home IoT Devices** . Monica Kowalczyk, Johanna T. Gunawan, David Choffnes, Daniel J Dubois, Woodrow Hartzog, Christo Wilson. ACM Conference on Human Factors in Computing Systems (CHI) 2023. \\[[paper](https://david.choffnes.com/pubs/chi23-740-2.pdf)\\]\n- **Continuous Learning for Android Malware Detection** . Yizheng Chen, Zhoujie Ding, and David Wagner. USENIX Security Symposium (USENIX Security) 2023. \\[[paper](https://www.usenix.org/system/files/usenixsecurity23-chen-yizheng.pdf)\\]\n- **PolyScope: Multi-Policy Access Control Analysis to Triage Android\n Scoped Storage** . Yu-Tsung Lee, Haining Chen, William Enck, Hayawardh Vijayakumar, Ninghui Li, Zhiyun Qian, Giuseppe Petracca, and Trent Jaeger. IEEE Transactions on Dependable and Secure Computing, doi: 10.1109/TDSC.2023.3310402. \\[[paper](https://ieeexplore.ieee.org/abstract/document/10234635)\\]\n- **Triaging Android Systems Using Bayesian Attack Graphs.** Yu-Tsung Lee, Rahul George, Haining Chen, Kevin Chan, and Trent Jaeger. IEEE Secure Development Conference (SecDev), 2023. \\[[paper](https://ieeexplore.ieee.org/abstract/document/10305618)\\]\n\n#### 2022\n\n- **SARA: Secure Android Remote Authorization** . Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, and Antonio Bianchi. USENIX Security Symposium (USENIX Security) 2022. \\[[paper](https://www.usenix.org/system/files/sec22-imran.pdf)\\] \\[[video](https://youtu.be/gvYUctgJ3P8)\\] \\[[slides](https://www.usenix.org/system/files/sec22_slides-imran.pdf)\\]\n- **FReD: Identifying File Re-Delegation in Android System\n Services.** Sigmund Albert Gorski III, Seaver Thorn, William Enck, and Haining Chen. USENIX Security Symposium (USENIX Security) 2022. \\[[paper](https://www.usenix.org/system/files/sec22summer_gorski.pdf)\\] \\[[video](https://www.youtube.com/watch?v=xtv1-51W2o8)\\] \\[[slides](https://www.usenix.org/system/files/sec22_slides-gorski.pdf)\\]\n- **Poirot: Probabilistically Recommending Protections for the Android\n Framework.** Zeinab El-Rewini, Zhuo Zhang, Yousra Aafer. ACM Computer and Communication Security (CCS) 2022. \\[[paper](https://dl.acm.org/doi/pdf/10.1145/3548606.3560710)\\]\n- **Sifter: Protecting Security-Critical Kernel Modules in Android\n through Attack Surface Reduction.** Hsin-Wei Hung, Yingtong Liu, Ardalan Amiri Sani. ACM Conference on Mobile Computing And Networking (MobiCom) 2022. \\[[paper](https://dl.acm.org/doi/pdf/10.1145/3495243.3560548)\\]\n\n#### 2021\n\n- **An Investigation of the Android Kernel Patch\n Ecosystem.** Zheng Zhang, Hang Zhang, Zhiyun Qian, and Billy Lau. USENIX Security Symposium (USENIX Security) 2021. \\[[paper](https://www.usenix.org/system/files/sec21-zhang-zheng.pdf)\\] \\[[video](https://www.youtube.com/watch?v=sx2unUrsQhc)\\] \\[[slides](https://www.usenix.org/system/files/sec21_slides_zhang-zheng.pdf)\\]\n- **Demystifying Android's Scoped Storage Defense.** Yu-Tsung Lee, Haining Chen, and Trent Jaeger. IEEE Security \\& Privacy, vol. 19, no. 05, pp. 16-25, 2021. \\[[paper](https://ieeexplore.ieee.org/abstract/document/9502925)\\]\n\n#### 2019\n\n- **Protecting the stack with PACed canaries.** H. Liljestrand, Z. Gauhar, T. Nyman, J.-E. Ekberg, and N. Asokan. \\[[paper](https://dl.acm.org/doi/pdf/10.1145/3342559.3365336)\\]"]]
