Piecing together app behavior from multiple artifacts: A case study
作者: Emily Kowalczyk , Atif M. Memon , Myra B. Cohen
DOI: 10.1109/ISSRE.2015.7381837
关键词:
摘要: Recent research in mobile software analysis has begun to combine information extracted from an app's source code and marketplace webpage identify correlated variables validate quality properties such as its intended behavior, trust or suspiciousness. Such work typically involves of one two artifacts the GUI text, user ratings, app description keywords, permission requests, sensitive API calls. However, these studies make assumptions about how various are populated used by developers, which may lead a gap resulting analysis. In this paper, we take step back perform in-depth study 14 popular apps Google Play Store. We have studied set 16 different for each app, conclude that output must be pieced together form complete understanding true behavior. show (1) developers inconsistent where they provide descriptions; (2) artifact alone incomplete information; (3) contain contradictory pieces (4) there is need new analyses, those use image processing; (5) without including analyses advertisement libraries, behavior not defined. addition, number downloads ratings does appear strong predictor overall quality, propagated through versions necessarily indicative current version's
sci-hub.se 参考文章(56)
Tao Xie, Rahul Pandita, William Enck, Xusheng Xiao, Wei Yang, WHYPER: towards automating risk assessment of mobile applications usenix security symposium. pp. 527- 542 ,(2013)
Francesco Di Cerbo, Michele Bezzi, Samuel Paul Kaluvuri, Antonino Sabetta, Slim Trabelsi, Volkmar Lotz, Towards a trustworthy service marketplace for the future internet Future Internet. pp. 105- 116 ,(2012) , 10.1007/978-3-642-30241-1_10
Michael Privat, Robert Warner, Submitting to the Mac App Store Apress. pp. 323- 363 ,(2011) , 10.1007/978-1-4302-3721-1_10
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra, A Multi-criteria-Based Evaluation of Android Applications international conference on trusted systems. pp. 67- 82 ,(2012) , 10.1007/978-3-642-35371-0_7
Roy Sandberg, Mark Rollins, Making Sure Your App Will Succeed Apress, Berkeley, CA. pp. 15- 30 ,(2013) , 10.1007/978-1-4302-5008-1_2
Slinger Jansen, Ewoud Bloemendal, Defining App Stores: The Role of Curated Marketplaces in Software Ecosystems Lecture Notes in Business Information Processing. pp. 195- 206 ,(2013) , 10.1007/978-3-642-39336-5_19
Steffen Liebergeld, Matthias Lange, Android Security, Pitfalls and Lessons Learned international symposium on computer and information sciences. pp. 409- 417 ,(2013) , 10.1007/978-3-319-01604-7_40
Scott R. Tilley, Hausi A. Müller, Kenny Wong, Understanding software systems using reverse engineering technology perspectives from the Rigi project conference of the centre for advanced studies on collaborative research. pp. 217- 226 ,(1993)
Taylor Pierce, Dave Wooldridge, Keys to the Kingdom: The App Store Submission Process The Business of iOS App Development. pp. 333- 376 ,(2014) , 10.1007/978-1-4302-6239-8_11
Eugene Chuvyrov, Henry Lee, Packaging, Publishing, and Managing Applications Apress. pp. 129- 149 ,(2012) , 10.1007/978-1-4302-4135-5_5