English
Related papers

Related papers: Policy Enforcement with Proactive Libraries

200 papers

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

Modern software development relies heavily on Application Programming Interface (API) libraries. However, there are often certain constraints on using API elements in such libraries. Failing to follow such constraints (API misuse) could…

Software Engineering · Computer Science 2019-08-20 Tam The Nguyen , Phong Minh Vu , Tung Thanh Nguyen

Due to non-experts also developing security relevant applications it is necessary to support them too. Some improvements in the current research may not reach or impact these developers. Nonetheless these developers use security libraries.…

Cryptography and Security · Computer Science 2016-03-24 Kai Mindermann

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs to facilitate their app development. Unfortunately, the popularity of TPLs also brings new security issues. For…

Software Engineering · Computer Science 2021-08-05 Xian Zhan , Tianming Liu , Yepang Liu , Yang Liu , Li Li , Haoyu Wang , Xiapu Luo

Third-party libraries are a cornerstone of fast application development. To enable efficient use, libraries must provide a well-designed API. An obscure API instead slows down the learning process and can lead to erroneous use. The usual…

Software Engineering · Computer Science 2024-01-17 Lars Reimann , Günter Kniesel-Wünsche

Currently, Application Programming Interfaces (APIs) are becoming increasingly popular to facilitate data transfer in a variety of mobile applications. These APIs often process sensitive user information through their endpoints, which are…

Cryptography and Security · Computer Science 2023-10-24 Nate Haris , Kendree Chen , Ann Song , Benjamin Pou

Android is the most used Operating System worldwide for mobile devices, with hundreds of thousands of apps downloaded daily. Although these apps are primarily written in Java and Kotlin, advanced functionalities such as graphics or…

Cryptography and Security · Computer Science 2024-12-03 Silvia Lucia Sanna , Diego Soi , Davide Maiorca , Giorgio Fumera , Giorgio Giacinto

Libraries are increasingly relying on computational methods, including methods from Artificial Intelligence (AI). This increasing usage raises concerns about the risks of AI that are currently broadly discussed in scientific literature, the…

Computers and Society · Computer Science 2023-03-14 Bettina Berendt , Özgür Karadeniz , Sercan Kıyak , Stefan Mertens , Leen d'Haenens

Android app developers extensively employ code reuse, integrating many third-party libraries into their apps. While such integration is practical for developers, it can be challenging for static analyzers to achieve scalability and…

Software Engineering · Computer Science 2024-02-12 Jordan Samhi , Tegawendé F. Bissyandé , Jacques Klein

A growing concern with advertisement libraries on Android is their ability to exfiltrate personal information from their host applications. While previous work has looked at the libraries' abilities to measure private information on their…

Cryptography and Security · Computer Science 2013-07-24 Theodore Book , Dan S. Wallach

Android filesystem access control provides a foundation for Android system integrity. Android utilizes a combination of mandatory (e.g., SEAndroid) and discretionary (e.g., UNIX permissions) access control, both to protect the Android…

Cryptography and Security · Computer Science 2020-08-11 Yu-Tsung Lee , William Enck , Haining Chen , Hayawardh Vijayakumar , Ninghui Li , Daimeng Wang , Zhiyun Qian , Giuseppe Petracca , Trent Jaeger

Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers' productivity, reduce time-to-market, and produce more…

Software Engineering · Computer Science 2016-12-07 Mohamed Aymen Saied , Ali Ouni , Houari Sahraoui , Raula Gaikovina Kula , Katsuro Inoue , David Lo

Android apps include third-party native libraries to increase performance and to reuse functionality. Native code is directly executed from apps through the Java Native Interface or the Android Native Development Kit. Android developers add…

Cryptography and Security · Computer Science 2021-03-04 Sumaya Almanee , Arda Unal , Mathias Payer , Joshua Garcia

Large language models (LLMs), pre-trained or fine-tuned on large code corpora, have shown effectiveness in generating code completions. However, in LLM-based code completion, LLMs may struggle to use correct and up-to-date Application…

Software Engineering · Computer Science 2025-02-14 Chong Wang , Kaifeng Huang , Jian Zhang , Yebo Feng , Lyuye Zhang , Yang Liu , Xin Peng

Fast numerical libraries have been a cornerstone of scientific computing for decades, but this comes at a price. Programs may be tied to vendor specific software ecosystems resulting in polluted, non-portable code. As we enter an era of…

Programming Languages · Computer Science 2019-10-10 Bruce Collie , Philip Ginsbach , Michael F. P. O'Boyle

The login functionality, being the gateway to app usage, plays a critical role in both user experience and application security. As Android apps increasingly incorporate login functionalities, they support a variety of authentication…

Software Engineering · Computer Science 2025-02-14 Zixu Zhou , Rufeng Chen , Junfeng Chen , Yepang Liu , Lili Wei

Dealing with the evolution of operating systems is challenging for developers of mobile apps, who have to deal with frequent upgrades that often include backward incompatible changes of the underlying API framework. As a consequence of…

Software Engineering · Computer Science 2019-11-22 Marco Mobilio , Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

Increasing number of cyber-attacks demotivate people to use Information and Communication Technology (ICT) for industrial as well as day to day work. A main reason for the increasing number of cyber-attacks is mistakes that programmers make…

Cryptography and Security · Computer Science 2018-10-12 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Third-party libraries (TPLs) have been widely used in mobile apps, which play an essential part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one hand, it can ease the development of mobile apps. On the other…

Software Engineering · Computer Science 2021-08-10 Xian Zhan , Tianming Liu , Lingling Fan , Li Li , Sen Chen , Xiapu Luo , Yang Liu