论文信息 - On vulnerability evolution in Android apps

On vulnerability evolution in Android apps

In this work, we reconstruct a set of Android app lineages which each of them represents a sequence of app versions that are historically released for the same app. Then, based on these lineages, we empirically investigate the evolution of app vulnerabilities, which are revealed by well-known vulnerability scanners, and subsequently summarise various interesting findings that constitute a tangible knowledge to the community.

Jacques Klein | Li Li | Jun Gao | Tegawendé F. Bissyandé | Pingfan Kong

[1] Jacques Klein,et al. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[2] Jacques Klein,et al. Accessing Inaccessible Android APIs: An Empirical Study , 2016, 2016 IEEE International Conference on Software Maintenance and Evolution (ICSME).

[3] Jacques Klein,et al. AndroZoo++: Collecting Millions of Android Apps and Their Metadata for the Research Community , 2017, ArXiv.

[4] Jacques Klein,et al. Static analysis of android apps: A systematic literature review , 2017, Inf. Softw. Technol..

[5] Matthew L. Dering,et al. Composite Constant Propagation: Application to Android Inter-Component Communication Analysis , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[6] Ivan Martinovic,et al. To Update or Not to Update: Insights From a Two-Year Study of Android App Evolution , 2017, AsiaCCS.

[7] Chenxiong Qian,et al. Toward Engineering a Secure Android Ecosystem , 2016, ACM Comput. Surv..

[8] Jacques Klein,et al. FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.