2025년 3월 27일부터 AOSP를 빌드하고 기여하려면 aosp-main 대신 android-latest-release를 사용하는 것이 좋습니다. 자세한 내용은 AOSP 변경사항을 참고하세요.
열망하다
컬렉션을 사용해 정리하기
내 환경설정을 기준으로 콘텐츠를 저장하고 분류하세요.
Android 보안 및 개인 정보 보호 연구(ASPIRE) 프로그램에서는 Android와 관련된 특정 연구를 위한 자금을 제공합니다.
ASPIRE는 실용성이라는 관점에서 기본적인 어려움을 해결하고 향후 핵심 Android 기능이 되어 앞으로 2~5년간 Android 생태계에 영향을 미칠 수 있는 기술 개발을 장려합니다. 이 기간은 기능을 플랫폼에 포함하기 전에 기능을 분석 및 개발하고 기능 관련 연구를 안정화할 시간을 충분히 허용하기 위해 다음 연간 Android 출시 이후까지 연장됩니다. 이는 취약점 공개 프로그램 등 다른 Android 보안 이니셔티브와는 다릅니다.
ASPIRE는 연구 주제에 대한 제안을 모집하고 선정된 제안에 자금을 지원하며 외부 연구원과 Google 직원 간 파트너십을 체결하는 방식을 통해 운영됩니다. Google에서는 일 년에 한 번, 보통 연중에 제안 요청을 발표하며 연말에 자금 제공에 선정된 제안을 발표합니다.
Android 보안 및 개인 정보 보호의 경계를 허무는 데 관심이 있는 연구원이라면 ASPIRE 외에 여러 방법으로 참여할 수 있습니다.
- 고급 학위를 취득하려는 학생으로서 연구 인턴십 신청
- Google의 방문 연구원이 되고자 지원
- Android팀 구성원과 간행물 공동 집필
- Android팀 구성원과 공동작업하여 Android 오픈소스 프로젝트 변경
ASPIRE에서 자금 지원하는 간행물
2024년
- 50 Shades of Support: A Device-Centric Analysis of Android
Security Updates. Abbas Acar, Güliz Seray
Tuncay, Esteban Luques, Harun Oz, Ahmet Aris, Selcuk Uluagac. Networked
and Distributed Systems Security(NDSS) 2024. [자료]
[동영상]
- Wear's my Data? Understanding the Cross-Device Runtime Permission
Model in Wearables. Doguhan Yeke, Muhammad Ibrahim, Güliz Seray
Tuncay, Habiba Farrukh, Abdullah Imran, Antonio Bianchi, Z. Berkay
Celik. IEEE Symposium on Security and Privacy(S&P) 2024. [자료]
- (In)Security of File Uploads in Node.js. Harun Oz, Abbas
Acar, Ahmet Aris, Güliz Seray
Tuncay, Amin Kharraz, Selcuk Uluagac. ACM Web Conference(WWW) 2024. [자료]
2023년
- RøB: Ransomware over Modern Web Browsers. Oz, Harun,
Ahmet Aris, Abbas Acar, Güliz Seray
Tuncay, Leonardo Babun, Selcuk Uluagac. USENIX Security Symposium(USENIX Security) 2023. [자료]
[동영상] [슬라이드]
- UE Security Reloaded: Developing a 5G Standalone User-Side Security
Testing Framework. E Bitsikas, S Khandker, A Salous, A Ranganathan, R
Piqueras Jover, C Pöpper. ACM Conference on Security and Privacy in Wireless and
Mobile Networks(WiSec) 2023. [자료] [동영상]
[슬라이드]
- The Android Malware Handbook. Qian Han, Salvador Mandujano,
Sebastian Porst, V.S. Subrahmanian, Sai Deep Tetali. [책]
- Understanding Dark Patterns in Home IoT Devices. Monica
Kowalczyk, Johanna T. Gunawan, David Choffnes, Daniel J Dubois, Woodrow Hartzog,
Christo Wilson. ACM Conference on Human Factors in Computing Systems(CHI) 2023.
[자료]
- Continuous Learning for Android Malware Detection. Yizheng
Chen, Zhoujie Ding, David Wagner. USENIX Security Symposium(USENIX
Security) 2023. [자료]
- PolyScope: Multi-Policy Access Control Analysis to Triage Android
Scoped Storage. Yu-Tsung Lee, Haining Chen, William Enck, Hayawardh
Vijayakumar, Ninghui Li, Zhiyun Qian, Giuseppe Petracca, Trent Jaeger. IEEE
Transactions on Dependable and Secure Computing, doi: 10.1109/TDSC.2023.3310402.
[자료]
- Triaging Android Systems Using Bayesian Attack Graphs.
Yu-Tsung Lee, Rahul George, Haining Chen, Kevin Chan, Trent Jaeger. IEEE
Secure Development Conference(SecDev), 2023. [자료]
2022년
- SARA: Secure Android Remote Authorization. Abdullah
Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, Antonio Bianchi.
USENIX Security Symposium(USENIX Security) 2022. [자료] [동영상] [슬라이드]
- FReD: Identifying File Re-Delegation in Android System
Services. Sigmund Albert Gorski III, Seaver Thorn, William Enck,
Haining Chen. USENIX Security Symposium(USENIX Security) 2022. [자료] [동영상] [슬라이드]
- Poirot: Probabilistically Recommending Protections for the Android
Framework. Zeinab El-Rewini, Zhuo Zhang, Yousra Aafer. ACM Computer and
Communication Security(CCS) 2022. [자료]
- Sifter: Protecting Security-Critical Kernel Modules in Android
through Attack Surface Reduction. Hsin-Wei Hung, Yingtong Liu, Ardalan
Amiri Sani. ACM Conference on Mobile Computing And Networking(MobiCom) 2022.
[자료]
2021년
- An Investigation of the Android Kernel Patch
Ecosystem. Zheng Zhang, Hang Zhang, Zhiyun Qian, Billy Lau. USENIX
Security Symposium(USENIX Security) 2021. [자료] [동영상] [슬라이드]
- Demystifying Android's Scoped Storage Defense. Yu-Tsung
Lee, Haining Chen, Trent Jaeger. IEEE Security & Privacy, vol. 19, no. 05,
pp. 16~25, 2021. [자료]
2019년
- Protecting the stack with PACed canaries. H.
Liljestrand, Z. Gauhar, T. Nyman, J.-E. Ekberg, and N. Asokan.
[자료]
이 페이지에 나와 있는 콘텐츠와 코드 샘플에는 콘텐츠 라이선스에서 설명하는 라이선스가 적용됩니다. 자바 및 OpenJDK는 Oracle 및 Oracle 계열사의 상표 또는 등록 상표입니다.
최종 업데이트: 2024-05-07(UTC)
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["필요한 정보가 없음","missingTheInformationINeed","thumb-down"],["너무 복잡함/단계 수가 너무 많음","tooComplicatedTooManySteps","thumb-down"],["오래됨","outOfDate","thumb-down"],["번역 문제","translationIssue","thumb-down"],["샘플/코드 문제","samplesCodeIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2024-05-07(UTC)"],[],[],null,["# ASPIRE\n\nThe Android Security and Privacy Research (ASPIRE) program provides\nfunding for certain research related to Android.\n\nASPIRE tackles fundamental challenges through the lens of practicality and\nencourages the development of technologies that may become core Android features\nin the future, impacting the Android ecosystem in the next 2-5 years. This\ntimeframe extends beyond the next annual Android release to allow adequate time\nto analyze, develop, and stabilize research into features before including in\nthe platform. Note that this is distinct from other Android security initiatives\nsuch as the [vulnerability\ndisclosure program](https://bughunters.google.com/about).\n\nASPIRE operates by inviting proposals for research topics, providing funding\nfor select proposals, and partnering external researchers with Googlers. We\nannounce a call for proposals once a year, typically in the middle of the year,\nand announce the proposals selected for funding by the end of the calendar\nyear.\n\nBeyond ASPIRE, if you're a researcher interested in pushing the boundaries of\nAndroid security and privacy, there are several ways to participate:\n\n- Apply for a [research\n internship](https://careers.google.com/students/engineering-and-technical-internships/) as a student pursuing an advanced degree.\n- Apply to become a [Visiting\n Researcher](https://research.google/outreach/visiting-researcher-program/) at Google.\n- Co-author publications with Android team members.\n- Collaborate with Android team members to make changes to the Android Open Source Project.\n\n### Publications funded by ASPIRE\n\n#### 2025\n\n- **ScopeVerif: Analyzing the Security of Android's\n Scoped Storage via Differential Analysis** Zeyu Lei, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Beatrice Carissa Williem, Z. Berkay Celik, and Antonio Bianchi. Purdue University, Google 2025 \\[[paper](https://www.ndss-symposium.org/wp-content/uploads/2025-340-paper.pdf)\\]\n\n\u003c!-- --\u003e\n\n- **LANShield: Analysing and Protecting Local Network Access on Mobile Devices.** Angelos Beitis, Jeroen Robben, Alexander Matern, Zhen Lei, Yijia Li, Nian Xue, Yongle Chen, Vik Vanderlinden, and Mathy Vanhoef. 25th Privacy Enhancing Technologies Symposium (PETS) 2025. \\[[paper](https://papers.mathyvanhoef.com/pets2025.pdf)\\] \\[[website](https://lanshield.eu)\\]\n\n#### 2024\n\n- **SIMurai: Slicing Through the Complexity of SIM Card Security Research** Tomasz Piotr Lisowski, Merlin Chlosta, Jinjin Wang, and Marius Muench. 33rd USENIX Security Symposium. \\[[paper](https://www.usenix.org/system/files/usenixsecurity24-lisowski.pdf)\\] \\[[video](https://www.youtube.com/watch?v=3_R9P--ksE4)\\] \\[[slides](https://www.usenix.org/system/files/usenixsecurity24_slides-lisowski.pdf)\\]\n- **50 Shades of Support: A Device-Centric Analysis of Android\n Security Updates.** Abbas Acar, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Esteban Luques, Harun Oz, Ahmet Aris, and Selcuk Uluagac. Networked and Distributed Systems Security (NDSS) 2024. \\[[paper](https://www.ndss-symposium.org/wp-content/uploads/2024-175-paper.pdf)\\] \\[[video](https://www.youtube.com/watch?v=s_CIxz1BLEM)\\]\n- **Wear's my Data? Understanding the Cross-Device Runtime Permission\n Model in Wearables.** Doguhan Yeke, Muhammad Ibrahim, [Güliz SerayP\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Habiba Farrukh, Abdullah Imran, Antonio Bianchi, and Z. Berkay Celik. IEEE Symposium on Security and Privacy (S\\&P) 2024. \\[[paper\\]](https://www.computer.org/csdl/proceedings-article/sp/2024/313000a077/1RjEaMvw3iE) \\[[video](https://www.youtube.com/watch?v=EWrEsDJ084c)\\]\n- **(In)Security of File Uploads in Node.js.** Harun Oz, Abbas Acar, Ahmet Aris, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Amin Kharraz, Selcuk Uluagac. ACM Web Conference (WWW) 2024. \\[[paper](https://research.google/pubs/pub53215/)\\]\n\n#### 2023\n\n- **RøB: Ransomware over Modern Web Browsers** . Oz, Harun, Ahmet Aris, Abbas Acar, [Güliz Seray\n Tuncay](https://research.google/people/g%C3%BCliz-seray-tuncay/), Leonardo Babun, and Selcuk Uluagac. USENIX Security Symposium (USENIX Security) 2023. \\[[paper](https://www.usenix.org/system/files/usenixsecurity23-oz.pdf)\\] \\[[video](https://youtu.be/MUVNz6p3_jk)\\] \\[[slides](https://www.usenix.org/system/files/sec23_slides_oz.pdf)\\]\n- **UE Security Reloaded: Developing a 5G Standalone User-Side Security\n Testing Framework** . E Bitsikas, S Khandker, A Salous, A Ranganathan, R Piqueras Jover, C Pöpper. ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) 2023. \\[[paper](https://dl.acm.org/doi/abs/10.1145/3558482.3590194)\\] \\[[video](https://www.youtube.com/watch?v=GrJCN-_T29c&list=PL4FCce8hBdnIf2argwcrw5J0h_eB39WSn&index=15)\\] \\[slides\\]\n- **The Android Malware Handbook.** Qian Han, Salvador Mandujano, Sebastian Porst, V.S. Subrahmanian, Sai Deep Tetali. \\[[book](https://books.google.com/books/about/The_Android_Malware_Handbook.html?id=U2y1EAAAQBAJ)\\]\n- **Understanding Dark Patterns in Home IoT Devices** . Monica Kowalczyk, Johanna T. Gunawan, David Choffnes, Daniel J Dubois, Woodrow Hartzog, Christo Wilson. ACM Conference on Human Factors in Computing Systems (CHI) 2023. \\[[paper](https://david.choffnes.com/pubs/chi23-740-2.pdf)\\]\n- **Continuous Learning for Android Malware Detection** . Yizheng Chen, Zhoujie Ding, and David Wagner. USENIX Security Symposium (USENIX Security) 2023. \\[[paper](https://www.usenix.org/system/files/usenixsecurity23-chen-yizheng.pdf)\\]\n- **PolyScope: Multi-Policy Access Control Analysis to Triage Android\n Scoped Storage** . Yu-Tsung Lee, Haining Chen, William Enck, Hayawardh Vijayakumar, Ninghui Li, Zhiyun Qian, Giuseppe Petracca, and Trent Jaeger. IEEE Transactions on Dependable and Secure Computing, doi: 10.1109/TDSC.2023.3310402. \\[[paper](https://ieeexplore.ieee.org/abstract/document/10234635)\\]\n- **Triaging Android Systems Using Bayesian Attack Graphs.** Yu-Tsung Lee, Rahul George, Haining Chen, Kevin Chan, and Trent Jaeger. IEEE Secure Development Conference (SecDev), 2023. \\[[paper](https://ieeexplore.ieee.org/abstract/document/10305618)\\]\n\n#### 2022\n\n- **SARA: Secure Android Remote Authorization** . Abdullah Imran, Habiba Farrukh, Muhammad Ibrahim, Z. Berkay Celik, and Antonio Bianchi. USENIX Security Symposium (USENIX Security) 2022. \\[[paper](https://www.usenix.org/system/files/sec22-imran.pdf)\\] \\[[video](https://youtu.be/gvYUctgJ3P8)\\] \\[[slides](https://www.usenix.org/system/files/sec22_slides-imran.pdf)\\]\n- **FReD: Identifying File Re-Delegation in Android System\n Services.** Sigmund Albert Gorski III, Seaver Thorn, William Enck, and Haining Chen. USENIX Security Symposium (USENIX Security) 2022. \\[[paper](https://www.usenix.org/system/files/sec22summer_gorski.pdf)\\] \\[[video](https://www.youtube.com/watch?v=xtv1-51W2o8)\\] \\[[slides](https://www.usenix.org/system/files/sec22_slides-gorski.pdf)\\]\n- **Poirot: Probabilistically Recommending Protections for the Android\n Framework.** Zeinab El-Rewini, Zhuo Zhang, Yousra Aafer. ACM Computer and Communication Security (CCS) 2022. \\[[paper](https://dl.acm.org/doi/pdf/10.1145/3548606.3560710)\\]\n- **Sifter: Protecting Security-Critical Kernel Modules in Android\n through Attack Surface Reduction.** Hsin-Wei Hung, Yingtong Liu, Ardalan Amiri Sani. ACM Conference on Mobile Computing And Networking (MobiCom) 2022. \\[[paper](https://dl.acm.org/doi/pdf/10.1145/3495243.3560548)\\]\n\n#### 2021\n\n- **An Investigation of the Android Kernel Patch\n Ecosystem.** Zheng Zhang, Hang Zhang, Zhiyun Qian, and Billy Lau. USENIX Security Symposium (USENIX Security) 2021. \\[[paper](https://www.usenix.org/system/files/sec21-zhang-zheng.pdf)\\] \\[[video](https://www.youtube.com/watch?v=sx2unUrsQhc)\\] \\[[slides](https://www.usenix.org/system/files/sec21_slides_zhang-zheng.pdf)\\]\n- **Demystifying Android's Scoped Storage Defense.** Yu-Tsung Lee, Haining Chen, and Trent Jaeger. IEEE Security \\& Privacy, vol. 19, no. 05, pp. 16-25, 2021. \\[[paper](https://ieeexplore.ieee.org/abstract/document/9502925)\\]\n\n#### 2019\n\n- **Protecting the stack with PACed canaries.** H. Liljestrand, Z. Gauhar, T. Nyman, J.-E. Ekberg, and N. Asokan. \\[[paper](https://dl.acm.org/doi/pdf/10.1145/3342559.3365336)\\]"]]
