A survey of app store analysis for software engineering
App Store Analysis studies information about applications obtained from app stores. App
stores provide a wealth of information derived from users that would not exist had the …
stores provide a wealth of information derived from users that would not exist had the …
Static analysis of android apps: A systematic literature review
Context Static analysis exploits techniques that parse program source code or bytecode,
often traversing program paths to check some program properties. Static analysis …
often traversing program paths to check some program properties. Static analysis …
[PDF][PDF] Harvesting runtime values in Android applications that feature anti-analysis techniques.
It is generally challenging to tell apart malware from benign applications. To make this
decision, human analysts are frequently interested in runtime values: targets of reflective …
decision, human analysts are frequently interested in runtime values: targets of reflective …
A taxonomy and qualitative comparison of program analysis techniques for security assessment of android software
In parallel with the meteoric rise of mobile software, we are witnessing an alarming
escalation in the number and sophistication of the security threats targeted at mobile …
escalation in the number and sophistication of the security threats targeted at mobile …
Mind your weight (s): A large-scale study on insufficient machine learning model protection in mobile apps
On-device machine learning (ML) is quickly gaining popularity among mobile apps. It allows
offline model inference while preserving user privacy. However, ML models, considered as …
offline model inference while preserving user privacy. However, ML models, considered as …
Don't leak your keys: Understanding, measuring, and exploiting the appsecret leaks in mini-programs
Mobile mini-programs in WeChat have gained significant popularity since their debut in
2017, reaching a scale similar to that of Android apps in the Play Store. Like Google …
2017, reaching a scale similar to that of Android apps in the Play Store. Like Google …
Do not give away my secrets: Uncovering the privacy issue of neural code completion tools
Neural Code Completion Tools (NCCTs) have reshaped the field of software development,
which accurately suggest contextually-relevant code snippets benefiting from language …
which accurately suggest contextually-relevant code snippets benefiting from language …
Looking from the mirror: Evaluating {IoT} device security through mobile companion apps
Smart home IoT devices have increasingly become a favorite target for the cybercriminals
due to their weak security designs. To identify these vulnerable devices, existing …
due to their weak security designs. To identify these vulnerable devices, existing …
Automated detection of password leakage from public github repositories
The prosperity of the GitHub community has raised new concerns about data security in
public repositories. Practitioners who manage authentication secrets such as textual …
public repositories. Practitioners who manage authentication secrets such as textual …
Your Code Secret Belongs to Me: Neural Code Completion Tools Can Memorize Hard-Coded Credentials
Neural Code Completion Tools (NCCTs) have reshaped the field of software engineering,
which are built upon the language modeling technique and can accurately suggest …
which are built upon the language modeling technique and can accurately suggest …