(Short Paper) method for preventing suspicious web access in android WebView

Masaya Sato, Yuta Imamura, Rintaro Orito, Toshihiro Yamauchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

WebView is commonly used by applications on the Android OS. Given that WebView is used as a browsing component on applications, they can be attacked via the web. Existing security mechanisms mainly focus on web browsers; hence, securing WebView is an important challenge. We proposed and implemented a method for preventing suspicious web access in Android WebView. Attackers distribute their malicious content including malicious applications, potentially unwanted programs, and coin miners, by inserting contents into a web page. Because loading malicious content involves HTTP communication, our proposed method monitors HTTP communication by WebView and blocks suspicious web accesses. To apply the proposed method to widely used applications, we implemented our method inside WebView. We also evaluated the proposed method with some popular applications and confirmed that the method can block designated web content without impeding the functionality of applications.

Original languageEnglish
Title of host publicationAdvances in Information and Computer Security - 14th International Workshop on Security, IWSEC 2019, Proceedings
EditorsNuttapong Attrapadung, Takeshi Yagi
PublisherSpringer Verlag
Pages241-250
Number of pages10
ISBN (Print)9783030268336
DOIs
Publication statusPublished - Jan 1 2019
Event14th International Workshop on Security, IWSEC 2019 - Tokyo, Japan
Duration: Aug 28 2019Aug 30 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11689 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference14th International Workshop on Security, IWSEC 2019
CountryJapan
CityTokyo
Period8/28/198/30/19

    Fingerprint

Keywords

  • Android
  • Content blocking
  • HTTP communication
  • Web access
  • WebView

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Sato, M., Imamura, Y., Orito, R., & Yamauchi, T. (2019). (Short Paper) method for preventing suspicious web access in android WebView. In N. Attrapadung, & T. Yagi (Eds.), Advances in Information and Computer Security - 14th International Workshop on Security, IWSEC 2019, Proceedings (pp. 241-250). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11689 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-26834-3_14