research-article

Mixed Signals: Analyzing Software Attribution Challenges in the Android Ecosystem

Authors:

Kaspar Hageman,

Aniketh Girish,

Martina Lindorfer,

Narseo Vallina-RodriguezAuthors Info & Claims

IEEE Transactions on Software Engineering, Volume 49, Issue 4

Pages 2964 - 2979

https://doi.org/10.1109/TSE.2023.3236582

Published: 01 April 2023 Publication History

Abstract

The ability to identify the author responsible for a given software object is critical for many research studies and for enhancing software transparency and accountability. However, as opposed to other application markets like Apple's iOS App Store, attribution in the Android ecosystem is known to be hard. Prior research has leveraged market metadata and signing certificates to identify software authors without questioning the validity and accuracy of these attribution signals. However, Android application (app) authors can, either intentionally or by mistake, hide their true identity due to: (1) the lack of policy enforcement by markets to ensure the accuracy and correctness of the information disclosed by developers in their market profiles during the app release process, and (2) the use of self-signed certificates for signing apps instead of certificates issued by trusted CAs. In this paper, we perform the first empirical analysis of the availability, volatility and overall aptness of publicly available market and app metadata for author attribution in Android markets. To that end, we analyze a dataset of over 2.5 million market entries and apps extracted from five Android markets for over two years. Our results show that widely used attribution signals are often missing from market profiles and that they change over time. We also invalidate the general belief about the validity of signing certificates for author attribution. For instance, we find that apps from different authors share signing certificates due to the proliferation of app building frameworks and software factories. Finally, we introduce the concept of an <italic>attribution graph</italic> and we apply it to evaluate the validity of existing attribution signals on the Google Play Store. Our results confirm that the lack of control over publicly available signals can confuse automatic attribution processes.

References

[1]

M. Lindorfer, M. Neugschwandtner, L. Weichselbaum, Y. Fratantonio, V. van der Veen, and C. Platzer, “Andrubis–1,000,000 apps later: A view on current Android malware behaviors,” in Proc. IEEE 3rd Int. Workshop Building Anal. Datasets Gathering Experience Returns Secur., 2014, pp. 3–17.

[2]

S. Alrabaee, P. Shirani, M. Debbabi, and L. Wang, “On the feasibility of malware authorship attribution,” in Proc. Int. Symp. Found. Pract. Secur., 2016, pp. 256–272.

[3]

L. B. P. Kotzias, J. Caballero, “How did that get in my phone? Unwanted app distribution on Android device,” in Proc. IEEE Symp. Secur. Privacy, 2021, pp. 53–69.

[4]

Chapter 3 – rights of the data subject, 2018. Accessed: May2021. [Online]. Available: https://gdpr-info.eu/chapter-3/

[5]

H. Wanget al., “An explorative study of the mobile app ecosystem from app developers’ perspective,” in Proc. Int. Conf. World Wide Web, 2017, pp. 163–172.

[6]

H. Wanget al., “Beyond Google Play: A large-scale comparative study of Chinese Android app markets,” in Proc. Internet Meas. Conf., 2018, pp. 293–307.

[7]

H. Wang, H. Li, and Y. Guo, “Understanding the evolution of mobile app ecosystems: A longitudinal measurement study of Google Play,” in Proc. Int. Conf. World Wide Web, 2019, pp. 1988–1999.

[8]

M. Ali, M. E. Joorabchi, and A. Mesbah, “Same app, different app stores: A comparative study,” in Proc. IEEE 4th Int. Conf. Mobile Softw. Eng. Syst., 2017, pp. 79–90.

[9]

N. Zhong and F. Michahelles, “Google Play is not a long tail market: An empirical analysis of app adoption on the Google Play app market,” in Proc. 28th Annu. ACM Symp. Appl. Comput., 2013, pp. 499–504.

[10]

N. Viennot, E. Garcia, and J. Nieh, “A measurement study of Google Play,” in Proc. ACM Int. Conf. Meas. Model. Comput. Syst., 2014, pp. 221–233.

[11]

A. Holzer and J. Ondrus, “Mobile application market: A developer's perspective,” Telematics Inf., vol. 28, pp. 22–31, 2011.

Digital Library

[12]

N. D’Heureuse, F. Huici, M. Arumaithurai, M. Ahmed, K. Papagiannaki, and S. Niccolini, “What's App? A wide-scale measurement study of smart phone markets,” Proc. SIGMOBILE Mobile Comput. Commun. Rev., vol. 16, pp. 16–27, 2012.

[13]

B. Kaliski, “PKCS# 7: Cryptographic message syntax version 1.5. No. rfc2315,” 1998.

[14]

D. Kim, B. J. Kwon, and T. Dumitraş, “Certified malware: Measuring breaches of trust in the windows code-signing PKI,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2017, pp. 1435–1448.

[15]

B. VanderSloot, J. Amann, M. Bernhard, Z. Durumeric, M. Bailey, and J. A. Halderman, “Towards a complete view of the certificate ecosystem,” in Proc. Internet Meas. Conf., 2016, pp. 543–549.

[16]

Apple Developer Program: What You Need To Enroll, 2021. [Online]. Available: https://developer.apple.com/programs/enroll/

[17]

Identity Verification, 2021. [Online]. Available: https://developer.apple.com/support/identity-verification/

[18]

Google Play Policy Center, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer/answer/9898842

[19]

Sign your app, 2021. [Online]. Available: https://developer.android.com/studio/publish/app-signing

[20]

M. Lindorferet al., “AndRadar: Fast discovery of Android applications in alternative markets,” in Proc. Int. Conf. Detection Intrusions Malware, Vulnerability Assessment, 2014, pp. 51–71.

[21]

E. Okoyomonet al., “On the ridiculousness of notice and consent: Contradictions in app privacy policies,” in Proc. IEEE Workshop Technol. Consum. Protection, Conjunction 39th Symp. Secur. Privacy, 2019.

[22]

J. Crussell, C. Gibler, and H. Chen, “Attack of the clones: Detecting cloned applications on Android markets,” in Proc. Eur. Symp. Res. Comput. Secur., 2012, pp. 37–54.

[23]

B. Kim, K. Lim, S.-J. Cho, and M. Park, “RomaDroid: A robust and efficient technique for detecting Android app clones using a tree structure and components of each app's manifest file,” IEEE Access, vol. 7, pp. 72182–72196, 2019.

[24]

H. Wang, Y. Guo, Z. Ma, and X. Chen, “WuKong: A scalable and accurate two-phase approach to Android app clone detection,” in Proc. Int. Symp. Softw. Testing Anal., 2015, pp. 71–82.

[25]

K. Chen, P. Liu, and Y. Zhang, “Achieving accuracy and scalability simultaneously in detecting application clones on Android markets,” in Proc. 36th Int. Conf. Softw. Eng., 2014, pp. 175–186.

[26]

M. Sun, M. Li, and J. C. S. Lui, “DroidEagle: Seamless detection of visually similar Android apps,” in Proc. 8th ACM Conf. Secur. Privacy Wirel. Mobile Netw., 2015, pp. 1–12.

[27]

D. Barrera, J. Clark, D. McCarney, and P. C. van Oorschot, “Understanding and improving app installation security mechanisms through empirical analysis of Android,” in Proc. 2nd ACM Workshop Secur. Privacy Smartphones Mobile Devices, 2012, pp. 1–12.

[28]

L. Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang, “The impact of vendor customizations on Android security,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2013, pp. 623–634.

[29]

K. Chenet al., “Finding unknown malice in 10 seconds: Mass vetting for new threats at the Google-Play scale,” in Proc. USENIX Secur. Symp., 2015, pp. 659–674.

[30]

H. Gonzalez, N. Stakhanova, and A. A. Ghorbani, “Authorship attribution of Android apps,” in Proc. 8th ACM Conf. Data Appl. Secur. Privacy, 2018, pp. 277–286.

[31]

V. Kalgutkar, N. Stakhanova, P. Cook, and A. Matyukhina, “Android authorship attribution through string analysis,” in Proc. 13th Int. Conf. Availability, Rel. Secur., 2018, pp. 1–10.

[32]

M. Oltroggeet al., “The rise of the citizen developer: Assessing the security impact of online app generators,” in Proc. IEEE Symp. Secur. Privacy, 2018, pp. 634–647.

[33]

L. Li, T. F. Bissyandé, and J. Klein, “Rebooting research on detecting repackaged Android apps: Literature review and benchmark,” IEEE Trans. Softw. Eng., vol. 47, no. 4, pp. 676–693, Apr. 2021.

[34]

P. Liu, L. Li, Y. Zhao, X. Sun, and J. Grundy, “Androzooopen: Collecting large-scale open source Android apps for the research community,” in Proc. Int. Conf. Mining Softw. Repositories, 2020, pp. 548–552.

[35]

J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador, and N. Vallina-Rodriguez, “An analysis of pre-installed Android software,” in Proc. IEEE Symp. Secur. Privacy, 2020, pp. 1039–1055.

[36]

S. Sebastian and J. Caballero, “Towards attribution in mobile markets: Identifying developer account polymorphism,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2020, pp. 771–785.

[37]

G. Xuet al., “AppAuth: Authorship attribution for Android app clones,” IEEE Access, vol. 7, pp. 141850–141867, 2019.

[38]

S. Aonzo, A. Merlo, G. Tavella, and Y. Fratantonio, “Phishing attacks on modern Android,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2018, pp. 1788–1801.

[39]

T. Petsas, A. Papadogiannakis, M. Polychronakis, E. P. Markatos, and T. Karagiannis, “Rise of the planet of the apps: A systematic study of the mobile app ecosystem,” in Proc. Internet Meas. Conf., 2013, pp. 277–290.

[40]

S. Farooqi, A. Feal, T. Lauinger, D. McCoy, Z. Shafiq, and N. Vallina-Rodriguez, “Understanding incentivized mobile app installs on Google Play store,” in Proc. Internet Meas. Conf., 2020, pp. 696–709.

[41]

Android Market Crawler, 2022. [Online]. Available: https://github.com/kdhageman/android_market_crawler

[42]

Attribution Signals from Five Android Markets, 2022. [Online]. Available: https://doi.org/10.5281/zenodo.7456231

[43]

App Signing Considerations, 2021. [Online]. Available: https://developer.android.com/studio/publish/app-signing#considerations

[44]

Signing Mac Software with Developer ID, 2021. [Online]. Available: https://developer.apple.com/developer-id/

[45]

Recent Android App Bundle improvements and timeline for new apps on Google Play, 2020. Accessed: May2021. [Online]. Available: https://android-developers.googleblog.com/2020/08/recent-android-app-bundle-improvements.html

[46]

Code Transparency for App Bundles, 2021. [Online]. Available: https://developer.android.com/guide/app-bundle/code-transparency

[47]

Submit Android apps, 2021. [Online]. Available: https://www.apkmonk.com/submit-app/

[48]

Baidu Mobile Application Platform - Application Submission, 2021. [Online]. Available: https://app.baidu.com/newapp/docs/%E5%BA%94%E7%94%A8%E5%88%86%E5%8F%91/%E5%BA%94%E7%94%A8%E5%8F%91%E5%B8%83/%E5%BA%94%E7%94%A8%E6%8F%90%E4%BA%A4

[49]

APK Upload - APKMirror, 2021. [Online]. Available: https://www.apkmirror.com/apk-upload/

[50]

Google Play Policy Center, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer#topic=3450769

[51]

APKMonk - market policy, 2021. Accessed: May2021. [Online]. Available: https://www.apkmonk.com/submit-app/, archived at http://archive.today/2GVPl

[52]

Tencet - Market Policy, 2021. Accessed: May2021. [Online]. Available: https://open.qq.com/eng/reg, archived at http://archive.today/Nbusz

[53]

APKMirror - Market Policy, 2021. Accessed: May2021. [Online]. Available: https://www.apkmirror.com/faq/, archived at http://archive.today/mXflW

[54]

Android Developers — Manifest Element, 2021. [Online]. Available: https://developer.android.com/guide/topics/manifest/manifest-element.html#package

[55]

Google Play Policy Center, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer/topic/9858052, archived at http://archive.today/gBMYU

[56]

Google Play Policy Center, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer/answer/9888689

[57]

Google Play Policy Center, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer/answer/9888374

[58]

What You Can Do With F-Droid, 2022. [Online]. Available: https://f-droid.org/tutorials/

[59]

Requests for Packaging, 2022. [Online]. Available: https://gitlab.com/fdroid/rfp

[60]

2018 Reform of EU Data Protection Rules, European Commission, 2018 [Online]. Available: https://ec.europa.eu/commission/sites/beta-political/files/data-protection-factsheet-changes_en.pdf

[61]

E. Commission, Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the internal market (’directive on electronic commerce’), 2000. [Online]. Available: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32000L0031&from=EN

[62]

State of California Department of Justice, “California consumer privacy act (CCPA),” 2018. [Online]. Available: https://www.oag.ca.gov/privacy/ccpa

[63]

E. Blázquezet al., “Trouble over-the-air: An analysis of FOTA apps in the Android ecosystem,” in Proc. IEEE Symp. Secur. Privacy, 2021, pp. 1606–1622.

[64]

N. Marastoni, A. Continella, D. Quarta, S. Zanero, and M. D. Preda, “Groupdroid: Automatically grouping mobile malware by extracting code similarities,” in Proc. 7th Softw. Secur., Protection, Reverse Eng. / Softw. Secur. Protection Workshop, 2017, pp. 1–12.

[65]

V. Rastogi, Y. Chen, and W. Enck, “Appsplayground: Automatic security analysis of smartphone applications,” in Proc. ACM Conf. Data Appl. Secur. Privacy, 2013, pp. 209–220.

[66]

J. Ren, M. Lindorfer, D. J. Dubois, A. Rao, D. Choffnes, and N. Vallina-Rodriguez, “A longitudinal study of pii leaks across Android app versions,” Proc. Netw. Distrib. Syst. Secur. Symp., vol. 10, 2018.

[67]

T. T. Nguyen, M. Backes, N. Marnau, and B. Stock, “Share first, ask later (or never?) - studying violations of GDPR's explicit consent in Android apps,” in Proc. USENIX Secur. Symp., 2021, pp. 3667–3684.

[68]

R. Li, W. Diao, Z. Li, J. Du, and S. Guo, “Android custom permissions demystified: From privilege escalation to design shortcomings,” in Proc. IEEE Symp. Secur. Privacy, 2021, pp. 70–86.

[69]

J. Reardon, Á. Feal, P. Wijesekera, A. E. B. On, N. Vallina-Rodriguez, and S. Egelman, “50 ways to leak your data: An exploration of apps’ circumvention of the Android permissions system,” in Proc. 28th {USENIX} Secur. Symp., 2019, pp. 603–620.

[70]

G. S. Tuncay, S. Demetriou, K. Ganju, and C. A. Gunter, “Resolving the predicament of Android custom permissions,” Netw. Distrib. Syst. Secur. Symp., 2018.

[71]

Scrapy | A Fast and Powerful Scraping and Web Crawling Framework, 2021. [Online]. Available: https://scrapy.org/

[72]

APKMonk, 2021. [Online]. Available: https://www.apkmonk.com/

[73]

APKMirror, 2021. [Online]. Available: https://www.apkmirror.com/

[74]

Baidu App Store, 2021. [Online]. Available: https://shouji.baidu.com/

[75]

Tencent App Store, 2021. [Online]. Available: https://android.myapp.com/

[76]

K. Allix, T. F. Bissyandé, J. Klein, and Y. Le Traon, “AndroZoo: Collecting millions of Android apps for the research community,” in Proc. IEEE Int. Conf. Mining Softw. Repositories, 2016, pp. 468–471.

[77]

M. Ikram, N. Vallina-Rodriguez, S. Seneviratne, M. A. Kaafar, and V. Paxson, “An analysis of the privacy and security risks of Android vpn permission-enabled apps,” in Proc. Internet Meas. Conf., 2016, pp. 349–364.

[78]

Number of Available Applications in the Google Play Store, 2021. Accessed: Nov.2021. [Online]. Available: https://www.statista.com/statistics/266210/number-of-available-applications-in-the-google-play-store/

[79]

P. Calciati, K. Kuznetsov, X. Bai, and A. Gorla, “What did really change with the new release of the app?,” in Proc. 15th Int. Conf. Mining Softw. Repositories, 2018, pp. 142–152.

[80]

Y. Huet al., “Mobile app squatting,” in Proc. Int. Conf. World Wide Web, 2020, pp. 1727–1738.

[81]

Z. Chen, “Thousands of HiddenAds trojan apps masquerade as Google Play apps,” 2020. [Online]. Available: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/multi-tricks-hiddenads-malware/

[82]

Android users looking for Elon Musk on Clubhouse caused an identically named app to pull itself, 2021. Accessed: Apr.2021. [Online]. Available: https://9to5google.com/2021/02/01/clubhouse-android-app-elon-musk/

[83]

H. Wang, H. Li, L. Li, Y. Guo, and G. Xu, “Why are Android apps removed from Google Play?: A large-scale empirical study,” in Proc. IEEE 15th Int. Conf. Mining Softw. Repositories, 2018, pp. 231–242.

[84]

A. Marzal and E. Vidal, “Computation of normalized edit distance and applications,” IEEE Trans. Pattern Anal. Mach. Intell., vol. 15, no. 9, pp. 926–932, Sep. 1993.

Digital Library

[85]

Andromo - Mobile App builder for Android. No coding, 2021. [Online]. Available: https://www.andromo.com/

[86]

AppyPie - Homepage, 2020. Accessed: May2021. [Online]. Available: https://www.appypie.com/

[87]

S. Zimmecket al., “Automated analysis of privacy requirements for mobile apps,” in Proc. AAAI Fall Symp. Ser., 2016, pp. 286–296.

[88]

H. Harkous, K. Fawaz, R. Lebret, F. Schaub, K. G. Shin, and K. Aberer, “Polisis: Automated analysis and presentation of privacy policies using deep learning,” in Proc. USENIX Secur. Symp., 2018, pp. 531–548.

[89]

B. Andowet al., “PolicyLint: Investigating internal privacy policy contradictions on Google Play,” in Proc. 28th {USENIX} Secur. Symp., 2019, pp. 585–602.

[90]

Use Play App Signing, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer/answer/9842756?visit_id=637574359279602919–373176865

[91]

A Look at the Android Market (aka Google Play) on its 10th Anniversary, 2018. Accessed: May2021. [Online]. Available: https://techcrunch.com/2018/10/22/a-look-at-the-android-market-aka-google-play-on-its-10th-anniversary/

[92]

Android cloud-based protections, 2021. [Online]. Available: https://developers.google.com/android/play-protect/cloud-based-protections

[93]

Open Sudoku, Accessed: Jan.2022. [Online]. Available: https://play.google.com/store/apps/details?id=org.moire.opensudoku

[94]

Signal, Accessed: Jan.2022. [Online]. Available: https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms

[95]

Average Number of New Android App Releases via Google Play per Month From March 2019 to February 2021, 2021. Accessed: May2021. [Online]. Available: https://www.statista.com/statistics/1020956/android-app-releases-worldwide/

[96]

Number of Available Applications in the Google Play Store From December 2009 to December 2020, 2020. Accessed: May2021. [Online]. Available: https://www.statista.com/statistics/266210/number-of-available-applications-in-the-google-play-store/

[97]

Google Play Policy Center — Impersonation, 2021. [Online]. Available: https://support.google.com/googleplay/android-developer/topic/9969539

[98]

L. C. Freeman, “A set of measures of centrality based on betweenness,” Sociometry, vol. 40, no. 1, pp. 35–41, 1977. [Online]. Available: http://www.jstor.org/stable/3033543

[99]

Terms and Conditions - Andromo, 2021. [Online]. Available: https://www.andromo.com/en/terms/

[100]

How to put your app in Google Play | Andromo Support, 2020. [Online]. Available: https://support.andromo.com/i47-how-to-put-your-app-in-google-play

[101]

AppsGeyser: Free App Creator & App Maker. Create Android Apps No Code, 2021. [Online]. Available: https://appsgeyser.com/

[102]

App privacy policy generator, 2019. [Online]. Available: https://app-privacy-policy-generator.firebaseapp.com/#

[103]

Privacy policy, 2021. [Online]. Available: https://web.archive.org/web/20210613192231/http://myappterms.com/reader.php?lang=en

[104]

Permissions on Android. Accessed: Jan2022. [Online]. Available: https://developer.android.com/guide/topics/permissions/overview

[105]

H. Wang, J. Si, H. Li, and Y. Guo, “RmvDroid: Towards a reliable Android malware dataset with app metadata,” in Proc. IEEE 16th Int. Conf. Mining Softw. Repositories, 2019, pp. 404–408.

[106]

Shared User Id, 2021. [Online]. Available: https://developer.android.com/guide/topics/manifest/manifest-element#uid

[107]

Verify Android App Links, 2021. [Online]. Available: https://developer.android.com/training/app-links/verify-site-associations

[108]

Is your app installed? Getinstalledrelatedapps() will tell you!2021. [Online]. Available: https://web.dev/get-installed-related-apps/

[109]

Enable automatic sign-in across apps and websites, 2021. [Online]. Available: https://developers.google.com/identity/smartlock-passwords/android/associate-apps-and-sites

Cited By

Steinböck MBleier JRainer MUrban TUtz CLindorfer MSpinellis DConstantinou EBacchelli A(2024)Comparing Apples to Androids: Discovery, Retrieval, and Matching of iOS and Android Apps for Cross-Platform AnalysesProceedings of the 21st International Conference on Mining Software Repositories10.1145/3643991.3644896(348-360)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643991.3644896
Gamba JFeal ÁBlazquez EBandara VRazaghpanah ATapiador JVallina-Rodriguez N(2024)Mules and Permission Laundering in Android: Dissecting Custom Permissions in the WildIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.328898121:4(1801-1816)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1109/TDSC.2023.3288981
Bleier JLindorfer MPolakis Jvan der Kouwe E(2023)Of Ahead Time: Evaluating Disassembly of Android Apps Compiled to Binary OATs Through the ARTProceedings of the 16th European Workshop on System Security10.1145/3578357.3591219(21-29)Online publication date: 8-May-2023
https://dl.acm.org/doi/10.1145/3578357.3591219

Recommendations

Permission evolution in the Android ecosystem
ACSAC '12: Proceedings of the 28th Annual Computer Security Applications Conference

Android uses a system of permissions to control how apps access sensitive devices and data stores. Unfortunately, we have little understanding of the evolution of Android permissions since their inception (2008). Is the permission model allowing the ...
Analyzing GUI running fluency for Android apps
MSCC '16: Proceedings of the 3rd ACM Workshop on Mobile Sensing, Computing and Communication

Android as a free open platform has become increasingly popular and been widespread adopted in mobile, tablet, and other devices. However, a great number of issues, such as inadequate quality and the fragmentation phenomenon, have emerged, enhancing the ...
Android Plugin Becomes a Catastrophe to Android Ecosystem
RESEC '18: Proceedings of the First Workshop on Radical and Experiential Security

The Android Plugin is a new application-level virtualization technology in Android system. Android Plugin allows a host app to create a virtual environment, in which any other APK files can be directly launched as runnable plugins without the ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Transactions on Software Engineering

IEEE Transactions on Software Engineering Volume 49, Issue 4

April 2023

1635 pages

ISSN:0098-5589

Issue’s Table of Contents

0098-5589 © 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.

Publisher

IEEE Press

Publication History

Published: 01 April 2023

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Steinböck MBleier JRainer MUrban TUtz CLindorfer MSpinellis DConstantinou EBacchelli A(2024)Comparing Apples to Androids: Discovery, Retrieval, and Matching of iOS and Android Apps for Cross-Platform AnalysesProceedings of the 21st International Conference on Mining Software Repositories10.1145/3643991.3644896(348-360)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643991.3644896
Gamba JFeal ÁBlazquez EBandara VRazaghpanah ATapiador JVallina-Rodriguez N(2024)Mules and Permission Laundering in Android: Dissecting Custom Permissions in the WildIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.328898121:4(1801-1816)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1109/TDSC.2023.3288981
Bleier JLindorfer MPolakis Jvan der Kouwe E(2023)Of Ahead Time: Evaluating Disassembly of Android Apps Compiled to Binary OATs Through the ARTProceedings of the 16th European Workshop on System Security10.1145/3578357.3591219(21-29)Online publication date: 8-May-2023
https://dl.acm.org/doi/10.1145/3578357.3591219

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents