poster

Investigation of Security-related Commits in Android Apps

Authors:

Teerath Das,

Adam Ali,

Tommi MikkonenAuthors Info & Claims

EASE '23: Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering

Pages 259 - 260

https://doi.org/10.1145/3593434.3593437

Published: 14 June 2023 Publication History

Get Access

Abstract

The exponential increase in smartphone usage has fueled the rapid growth of Android applications (apps). Unfortunately, this growth has also resulted in an alarming rise in security vulnerabilities, posing a significant challenge for developers of smartphone apps. In this paper, we conducted a quantitative and qualitative study to analyze security-related issues in open-source Android apps available on GitHub. Our study included a total set of 689 security-related commits identified from 111,224 commits distributed over 2,187 apps. We proposed a taxonomy of ten distinct categories of security issues, which we identified using the card-sorting technique. Our findings showed that Permission issues were the most prevalent in our dataset (370, 53.7%), followed by Login issues (160, 23.22%). Issues such as Privacy (5, 0.72%) and Framework (3, 0.43%) were rare in our dataset. These preliminary findings serve as an initial step towards comprehending the primary security concerns from the perspective of both developers and researchers.

References

[1]

[1] Jacob Cohen. Weighted kappa: nominal scale agreement provision for scaled disagreement or partial credit. Psychological bulletin, 70(4):213, 1968.

Crossref

Google Scholar

[2]

[2] Teerath Das, Massimiliano Di Penta, and Ivano Malavolta. A quantitative and qualitative investigation of performance-related commits in android apps. In 2016 IEEE International Conference on Software Maintenance and Evolution (ICSME), pages 443–447. IEEE, 2016.

Google Scholar

[3]

[3] Teerath Das et al. Investigating performance issues in mobile apps. 2020.

Google Scholar

[4]

[4] D. Spencer. Card sorting (1st ed.), doi=https://www.perlego.com/book/1257069/card-sorting-designing-usable-categories-pdf. 2009.

Google Scholar

Cited By

View all

Das TAli AMikkonen T(2024)Taxonomy of Security-related Issues in Android Apps: An Empirical StudyProceedings of the 2024 Workshop on Replications and Negative Results10.1145/3695750.3695824(8-14)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3695750.3695824
Das TAli AMikkonen TFilkov VRay BZhou M(2024)Taxonomy of Security-related Issues in Android Apps: An Empirical StudyProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops10.1145/3691621.3694929(15-21)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691621.3694929
Cui ZMeng WLiu Y(2024)Advertising Diversion App Using Clipboard Content RecognitionFrontiers in Cyber Security10.1007/978-981-96-0151-6_16(247-259)Online publication date: 27-Dec-2024
https://doi.org/10.1007/978-981-96-0151-6_16

Index Terms

Investigation of Security-related Commits in Android Apps
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Redundancy
  2. Embedded and cyber-physical systems
    1. Embedded systems
    2. Robotics
2. Networks
  1. Network properties
    1. Network reliability

Recommendations

Taxonomy of Security-related Issues in Android Apps: An Empirical Study
RENE '24: Proceedings of the 2024 Workshop on Replications and Negative Results

Smart applications (apps) have become the primary means of obtaining digital services in many aspects of our daily lives, such as health care, e-banking, online shopping, etc. With the growing number of smart apps being created, the likelihood of ...
Taxonomy of Security-related Issues in Android Apps: An Empirical Study
ASEW '24: Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops

Smart applications (apps) have become the primary means of obtaining digital services in many aspects of our daily lives, such as health care, e-banking, online shopping, etc. With the growing number of smart apps being created, the likelihood of ...
Release practices for iOS and Android apps
WAMA 2019: Proceedings of the 3rd ACM SIGSOFT International Workshop on App Market Analytics

We conduct a preliminary study on the practices of releasing apps for the two major mobile platforms: iOS and Android. We select the most popular applications on the official stores, and we retrieve all the releases of such apps to understand how often ...

Comments

Information & Contributors

Information

Published In

EASE '23: Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering

June 2023

544 pages

ISBN:9798400700446

DOI:10.1145/3593434

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 June 2023

Check for updates

Author Tags

Qualifiers

Poster
Research
Refereed limited

Conference

EASE '23

EASE '23: The International Conference on Evaluation and Assessment in Software Engineering

June 14 - 16, 2023

Oulu, Finland

Acceptance Rates

Overall Acceptance Rate 71 of 232 submissions, 31%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
68
Total Downloads

Downloads (Last 12 months)34
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Das TAli AMikkonen T(2024)Taxonomy of Security-related Issues in Android Apps: An Empirical StudyProceedings of the 2024 Workshop on Replications and Negative Results10.1145/3695750.3695824(8-14)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3695750.3695824
Das TAli AMikkonen TFilkov VRay BZhou M(2024)Taxonomy of Security-related Issues in Android Apps: An Empirical StudyProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops10.1145/3691621.3694929(15-21)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691621.3694929
Cui ZMeng WLiu Y(2024)Advertising Diversion App Using Clipboard Content RecognitionFrontiers in Cyber Security10.1007/978-981-96-0151-6_16(247-259)Online publication date: 27-Dec-2024
https://doi.org/10.1007/978-981-96-0151-6_16

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Abstract

References

Cited By

Index Terms

Recommendations

Taxonomy of Security-related Issues in Android Apps: An Empirical Study

Taxonomy of Security-related Issues in Android Apps: An Empirical Study

Release practices for iOS and Android apps

Comments

Information

Published In

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

HTML Format

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations