English
Related papers

Related papers: Discovering Flaws in Security-Focused Static Analy…

200 papers

Modern software relies on a multitude of automated testing and quality assurance tools to prevent errors, bugs and potential vulnerabilities. This study sets out to provide a head-to-head, quantitative and qualitative evaluation of six…

Software Engineering · Computer Science 2025-08-07 Damian Gnieciak , Tomasz Szandala

Static code analysis is a powerful approach to detect quality deficiencies such as performance bottlenecks, safety violations or security vulnerabilities already during a software system's implementation. Yet, as current software systems…

Software Engineering · Computer Science 2017-10-23 Eric Bodden

Static bug finders have been widely-adopted by developers to find bugs in real world software projects. They leverage predefined heuristic static analysis rules to scan source code or binary code of a software project, and report violations…

Software Engineering · Computer Science 2021-12-24 Junjie Wang , Yuchao Huang , Song Wang , Qing Wang

With the rapid growth of Android malware, many machine learning-based malware analysis approaches are proposed to mitigate the severe phenomenon. However, such classifiers are opaque, non-intuitive, and difficult for analysts to understand…

Cryptography and Security · Computer Science 2020-08-14 Ming Fan , Wenying Wei , Xiaofei Xie , Yang Liu , Xiaohong Guan , Ting Liu

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential…

Cryptography and Security · Computer Science 2025-03-18 Vasileios Kouliaridis , Georgios Karopoulos , Georgios Kambourakis

Mutation testing may be used to guide test case generation and as a technique to assess the quality of test suites. Despite being used frequently, mutation testing is not so commonly applied in the mobile world. One critical challenge in…

The delivery of a framework in place for secure application development is of real value for application development teams to integrate security into their development life cycle, especially when a mobile or web application moves past the…

Cryptography and Security · Computer Science 2020-07-07 Jinfeng Li

Static source code analysis is a powerful tool for finding and fixing bugs when deployed properly; it is, however, all too easy to deploy it in a way that looks good superficially, but which misses important defects, shows many false…

Software Engineering · Computer Science 2022-02-25 Flash Sheridan

Automated Static Analysis Tools (ASATs) are part of software development best practices. ASATs are able to warn developers about potential problems in the code. On the one hand, ASATs are based on best practices so there should be a…

Software Engineering · Computer Science 2021-11-19 Alexander Trautsch , Steffen Herbold , Jens Grabowski

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Static analyzers can reason about the properties and behaviors of programs and detect various issues without executing them. Hence, they should extract the necessary information to understand the analyzed program well. Annotation has been a…

Software Engineering · Computer Science 2024-02-23 Huaien Zhang , Yu Pei , Shuyun Liang , Shin Hwei Tan

As the complexity of mobile applications grows exponentially and the fragmentation of user device environments intensifies, ensuring online application stability faces unprecedented challenges. Traditional methods, such as static logging…

Software Engineering · Computer Science 2025-12-29 Qi Hu , Jiangchao Liu , Xin Yu , Lin Zhang , Edward Jiang

As the smartphone market leader, Android has been a prominent target for malware attacks. The number of malicious applications (apps) identified for it has increased continually over the past decade, creating an immense challenge for all…

Cryptography and Security · Computer Science 2023-06-13 Masoud Mehrabi Koushki , Ibrahim AbuAlhaol , Anandharaju Durai Raju , Yang Zhou , Ronnie Salvador Giagone , Huang Shengqiang

This paper presents a fully automated static analysis approach and a tool, Taint-Things, for the identification of tainted flows in SmartThings IoT apps. Taint-Things accurately identifies all tainted flows reported by one of the…

Software Engineering · Computer Science 2022-02-08 Bara' Nazzal , Manar H. Alalfi

Apps on mobile phones manipulate all sorts of data, including sensitive data, leading to privacy-related concerns. Recent regulations like the European GDPR provide rules for the processing of personal and sensitive data, like that no such…

Cryptography and Security · Computer Science 2023-01-12 Jordan Samhi , Maria Kober , Abdoul Kader Kabore , Steven Arzt , Tegawendé F. Bissyandé , Jacques Klein

Several solutions ensuring the dynamic detection of malicious activities on Android ecosystem have been proposed. These are represented by generic rules and models that identify any purported malicious behavior. However, the approaches…

Cryptography and Security · Computer Science 2023-08-01 Abdellah Ouaguid , Mohamed Ouzzif , Noreddine Abghour

Sophisticated malware families exploit the openness of the Android platform to infiltrate IoT networks, enabling large-scale disruption, data exfiltration, and denial-of-service attacks. This systematic literature review (SLR) examines…

Cryptography and Security · Computer Science 2025-09-16 Shama Maganur , Yili Jiang , Jiaqi Huang , Fangtian Zhong

Fragmentation is a serious problem in the Android ecosystem. This problem is mainly caused by the fast evolution of the system itself and the various customizations independently maintained by different smartphone manufacturers. Many…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Yanjie Zhao , Haipeng Cai , Mattia Fazzini , John Grundy , Li Li

Static code analysis (SCA) tools are widely used as effective ways to detect bugs and vulnerabilities in software systems. However, the reports generated by these tools often contain a large number of non-actionable findings, which can…

Software Engineering · Computer Science 2026-04-21 Tamás Aladics , Norbert Vándor , Rudolf Ferenc , Péter Hegedűs

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A…

Cryptography and Security · Computer Science 2016-08-03 Suleiman Y. Yerima , Sakir Sezer , Gavin McWilliams , Igor Muttik
‹ Prev 1 3 4 5 6 7 10 Next ›