English
Related papers

Related papers: Proactive Libraries: Enforcing Correct Behaviors i…

200 papers

Due to Android's open source feature and low barriers to entry for developers, millions of developers and third-party organizations have been attracted into the Android ecosystem. However, over 90 percent of mobile malware are found…

Cryptography and Security · Computer Science 2019-06-26 Bin Zhao

A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), entails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a…

Cryptography and Security · Computer Science 2013-03-21 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

This paper presents a framework that selectively triggers security reviews for incoming source code changes. Functioning as a review bot within a code review service, the framework can automatically request additional security reviews at…

Cryptography and Security · Computer Science 2024-05-28 Keun Soo Yim

Due to non-experts also developing security relevant applications it is necessary to support them too. Some improvements in the current research may not reach or impact these developers. Nonetheless these developers use security libraries.…

Cryptography and Security · Computer Science 2016-03-24 Kai Mindermann

Background. Evidence suggests that mobile applications are not thoroughly tested as their desktop counterparts. In particular GUI testing is generally limited. Like web-based applications, mobile apps suffer from GUI test fragility, i.e.…

Software Engineering · Computer Science 2017-11-13 Riccardo Coppola , Maurizio Morisio , Marco Torchiano

Mobile apps often embed authentication secrets, such as API keys, tokens, and client IDs, to integrate with cloud services. However, developers often hardcode these credentials into Android apps, exposing them to extraction through reverse…

Cryptography and Security · Computer Science 2025-10-22 Marco Alecci , Jordan Samhi , Tegawendé F. Bissyandé , Jacques Klein

Runtime enforcers can be used to ensure that running applications satisfy desired correctness properties. Although runtime enforcers that are correct-by-construction with respect to abstract behavioral models are relatively easy to specify,…

Software Engineering · Computer Science 2022-10-25 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

Vetting security impacts introduced by third-party libraries in iOS apps requires a reliable library detection technique. Especially when a new vulnerability (or a privacy-invasive behavior) was discovered in a third-party library, there is…

Cryptography and Security · Computer Science 2022-07-06 Jingyi Guo , Min Zheng , Yajin Zhou , Haoyu Wang , Lei Wu , Xiapu Luo , Kui Ren

GitHub is a popular data repository for code examples. It is being continuously used to train several AI-based tools to automatically generate code. However, the effectiveness of such tools in correctly demonstrating the usage of…

Cryptography and Security · Computer Science 2022-11-28 Catherine Tony , Nicolás E. Díaz Ferreyra , Riccardo Scandariato

Android introduces a new permission model that allows apps to request permissions at runtime rather than at the installation time since 6.0 (Marshmallow, API level 23). While this runtime permission model provides users with greater…

Software Engineering · Computer Science 2021-06-25 Ying Wang , Yibo Wang , Sinan Wang , Yepang Liu , Chang Xu , Shing-Chi Cheung , Hai Yu , Zhiliang Zhu

Mobile apps are predominantly integrated with cloud services to benefit from enhanced functionalities. Adopting authentication using secrets such as API keys is crucial to ensure secure mobile-cloud interactions. However, developers often…

Cryptography and Security · Computer Science 2025-11-11 Kevin Li , Lin Ling , Jinqiu Yang , Lili Wei

As a mixed result of intensive dependency on third-party libraries, flexible mechanism to declare dependencies, and increased number of modules in a project, multiple versions of the same third-party library are directly depended in…

Software Engineering · Computer Science 2020-02-26 Kaifeng Huang , Bihuan Chen , Bowen Shi , Ying Wang , Congying Xu , Xin Peng

The fast-paced evolution of Android APIs has posed a challenging task for Android app developers. To leverage Android's frequently released APIs, developers must often spend considerable effort on API migrations. Prior research and Android…

Software Engineering · Computer Science 2021-03-29 Maxime Lamothe , Weiyi Shang , Tse-Hsun Chen

The Java libraries JCA and JSSE offer cryptographic APIs to facilitate secure coding. When developers misuse some of the APIs, their code becomes vulnerable to cyber-attacks. To eliminate such vulnerabilities, people built tools to detect…

Cryptography and Security · Computer Science 2022-05-02 Ying Zhang , Ya Xiao , Md Mahir Asef Kabir , Danfeng , Yao , Na Meng

APIs are the primary mechanism for developers to gain access to externally defined services and tools. However, previous research has revealed API misuses that violate the contract of APIs to be prevalent. Such misuses can have harmful…

Cryptography and Security · Computer Science 2021-05-18 Rodrigo Bonifacio , Stefan Krüger , Krishna Narasimhan , Eric Bodden , Mira Mezini

With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Li Li , Yichun Yan , Mattia Fazzini , John Grundy

API misuse introduces security vulnerabilities, system failures, and increases maintenance costs, all of which remain critical challenges in software development. Existing detection approaches rely on static analysis or machine…

Software Engineering · Computer Science 2025-09-23 Saikat Mondal , Chanchal K. Roy , Hong Wang , Juan Arguello , Samantha Mathan

There are over 1.2 million applications on the Google Play store today with a large number of competing applications for any given use or function. This creates challenges for users in selecting the right application. Moreover, some of the…

Networking and Internet Architecture · Computer Science 2015-04-28 Luigi Vigneri , Jaideep Chandrashekar , Ioannis Pefkianakis , Olivier Heen

Although there are over 1,600,000 third-party Android apps in the Google Play Store, little has been conclusively shown about how their individual (and collective) permission usage has evolved over time. Recently, Android 6 overhauled the…

Cryptography and Security · Computer Science 2016-08-11 Vincent F. Taylor , Ivan Martinovic

APIs are essential ingredients for developing complex software systems. However, they are difficult to learn and to use. Thus, developers may misuse them, which results in various types of issues. In this paper, we explore the use of a…

Software Engineering · Computer Science 2020-12-29 Maxime Gallais-Jimenez , Hoan A. Nguyen , Mohamed Aymen Saied , Tien N. Nguyen , Houari Sahraoui
‹ Prev 1 3 4 5 6 7 10 Next ›