android.bib 31.7 KB
Newer Older
Paolo Calciati's avatar
Paolo Calciati committed
1
2

@inproceedings{Ma:2016:LFA:Libradar,
3
4
5
  author =	 {Ma, Ziang and Wang, Haoyu and Guo, Yao and Chen,
                  Xiangqun},
  title =	 {LibRadar: Fast and Accurate Detection of Third-party
Paolo Calciati's avatar
Paolo Calciati committed
6
                  Libraries in Android Apps},
7
8
9
10
  crossref =	 "ICSE2016",
  pages =	 {653--656},
  doi =		 {10.1145/2889160.2889178},
  publisher =	 {ACM},
11
}
Paolo Calciati's avatar
Paolo Calciati committed
12
13

@inproceedings{Stevens:2013:APU,
14
15
16
17
18
19
20
  author =	 {Stevens, Ryan and Ganz, Jonathan and Filkov,
                  Vladimir and Devanbu, Premkumar and Chen, Hao},
  title =	 {Asking for (and About) Permissions Used by Android
                  Apps},
  crossref =	 "MSR2013",
  pages =	 {31--40},
  publisher =	 {IEEE Press},
21
}
Paolo Calciati's avatar
Paolo Calciati committed
22

23
@inproceedings{Rapoport:2017:WGC,
24
25
26
27
28
29
30
  author =	 {Marianna Rapoport and Philippe Suter and Erik
                  Wittern and Ondrej Lhot{\'{a}}k and Julian Dolby},
  title =	 {Who you gonna call?: analyzing web requests in
                  Android applications},
  crossref =	 "MSR2017",
  pages =	 {80--90},
  doi =		 {10.1109/MSR.2017.11},
Paolo Calciati's avatar
Paolo Calciati committed
31
32
33
}

@inproceedings{Backes:2016:RTL,
34
35
36
37
38
39
40
41
42
  author =	 {Backes, Michael and Bugiel, Sven and Derr, Erik},
  title =	 {Reliable Third-Party Library Detection in Android
                  and Its Security Applications},
  crossref =	 "CCS2016",
  isbn =	 {978-1-4503-4139-4},
  pages =	 {356--367},
  doi =		 {10.1145/2976749.2978333},
  publisher =	 {ACM},
  keywords =	 {android, third-party library detection},
Paolo Calciati's avatar
Paolo Calciati committed
43
44
45
}

@inproceedings{Taylor:2017:UUI,
46
47
48
49
50
51
52
53
54
55
  author =	 {Taylor, Vincent F. and Martinovic, Ivan},
  title =	 {To Update or Not to Update: Insights From a Two-Year
                  Study of Android App Evolution},
  crossref =	 "ASIACCS2017",
  isbn =	 {978-1-4503-4944-4},
  pages =	 {45--57},
  doi =		 {10.1145/3052973.3052990},
  publisher =	 {ACM},
  keywords =	 {android, app, longitudinal, permission,
                  vulnerability},
Paolo Calciati's avatar
Paolo Calciati committed
56
57
58
}

@inproceedings{Tam:2015:CAR,
59
  author =	 {Tam, Kimberly and Khan, Salahuddin J. and Fattori,
Paolo Calciati's avatar
Paolo Calciati committed
60
                  Aristide and Cavallaro, Lorenzo},
61
62
63
64
  crossref =	 "NDSS2015",
  publisher =	 {The Internet Society},
  title =	 {CopperDroid: Automatic Reconstruction of Android
                  Malware Behaviors.},
Paolo Calciati's avatar
Paolo Calciati committed
65
66
67
}

@inproceedings{Krutz:2015:DOA,
68
69
70
71
72
73
74
75
76
77
  author =	 {Krutz, Daniel E. and Mirakhorli, Mehdi and
                  Malachowsky, Samuel A. and Ruiz, Andres and
                  Peterson, Jacob and Filipski, Andrew and Smith,
                  Jared},
  title =	 {A Dataset of Open-source Android Applications},
  crossref =	 "MSR2015",
  isbn =	 {978-0-7695-5594-2},
  pages =	 {522--525},
  publisher =	 {IEEE Press},
  keywords =	 {Android development, open-source dataset, software
Paolo Calciati's avatar
Paolo Calciati committed
78
                  engineering},
79
}
Paolo Calciati's avatar
Paolo Calciati committed
80
81

@inproceedings{Wei:2012:PEA,
82
83
84
85
86
87
88
89
  author =	 {Wei, Xuetao and Gomez, Lorenzo and Neamtiu, Iulian
                  and Faloutsos, Michalis},
  title =	 {Permission Evolution in the Android Ecosystem},
  crossref =	 "ACSAC2012",
  isbn =	 {978-1-4503-1312-4},
  pages =	 {31--40},
  doi =		 {10.1145/2420950.2420956},
  publisher =	 {ACM},
90
}
Paolo Calciati's avatar
Paolo Calciati committed
91

92
@inproceedings{Wei:2015:WDY,
93
94
95
96
97
98
  author =	 {Xuetao Wei and Iulian Neamtiu and Michalis
                  Faloutsos},
  title =	 {Whom Does Your Android App Talk To?},
  crossref =	 "GLOBECOM2015",
  pages =	 {1--6},
  publisher =	 {{IEEE}},
Paolo Calciati's avatar
Paolo Calciati committed
99
100
101
}

@inproceedings{Klieber:2014:ATF,
102
103
104
105
106
107
108
  author =	 {Klieber, William and Flynn, Lori and Bhosale, Amar
                  and Jia, Limin and Bauer, Lujo},
  title =	 {Android Taint Flow Analysis for App Sets},
  isbn =	 {978-1-4503-2919-4},
  pages =	 {1--6},
  doi =		 {10.1145/2614628.2614633},
  publisher =	 {ACM},
109
}
Paolo Calciati's avatar
Paolo Calciati committed
110

Paolo Calciati's avatar
Paolo Calciati committed
111
@inproceedings{Ali-Gombe:2016:AAA,
112
113
114
115
116
117
118
119
120
  author =	 {Ali-Gombe, Aisha and Ahmed, Irfan and Richard,III,
                  Golden G. and Roussev, Vassil},
  title =	 {AspectDroid: Android App Analysis System},
  crossref =	 "CODASPY2016",
  isbn =	 {978-1-4503-3935-3},
  pages =	 {145--147},
  doi =		 {10.1145/2857705.2857739},
  publisher =	 {ACM},
  keywords =	 {android, aspectj, dynamic analysis, instrumentation},
121
}
Paolo Calciati's avatar
Paolo Calciati committed
122
123

@inproceedings{Zhang:2016:ATG,
124
125
126
127
128
129
130
131
  author =	 {Zhang, Hailong and Wu, Haowei and Rountev, Atanas},
  title =	 {Automated Test Generation for Detection of Leaks in
                  Android Applications},
  crossref =	 "AST2016",
  isbn =	 {978-1-4503-4151-6},
  pages =	 {64--70},
  doi =		 {10.1145/2896921.2896932},
  publisher =	 {ACM},
Paolo Calciati's avatar
Paolo Calciati committed
132
133
}

134
@inproceedings{Wei:ProfileDroid:mobicom:2012,
135
136
137
138
139
140
141
142
143
144
  author =	 {Wei, Xuetao and Gomez, Lorenzo and Neamtiu, Iulian
                  and Faloutsos, Michalis},
  title =	 {ProfileDroid: Multi-layer Profiling of Android
                  Applications},
  crossref =	 "Mobicom2012",
  isbn =	 {978-1-4503-1159-5},
  pages =	 {137--148},
  doi =		 {10.1145/2348543.2348563},
  publisher =	 {ACM},
  keywords =	 {android apps, google android, monitoring, profiling,
Paolo Calciati's avatar
Paolo Calciati committed
145
                  system},
146
}
Paolo Calciati's avatar
Paolo Calciati committed
147
148

@inproceedings{Burguera:2011:CBM,
149
150
151
152
153
154
155
156
157
158
159
160
  author =	 {Burguera, Iker and Zurutuza, Urko and Nadjm-Tehrani,
                  Simin},
  title =	 {Crowdroid: Behavior-based Malware Detection System
                  for Android},
  crossref =	 "SPSM2011",
  isbn =	 {978-1-4503-1000-0},
  pages =	 {15--26},
  doi =		 {10.1145/2046614.2046619},
  publisher =	 {ACM},
  keywords =	 {anomaly detection, crowdsourcing, data mining,
                  dynamic analysis, intrusion detection, malware
                  detection, smartphone security},
161
}
Paolo Calciati's avatar
Paolo Calciati committed
162
163

@inproceedings{Wong:2016:ITI,
164
165
166
167
  title =	 {IntelliDroid: A Targeted Input Generator for the
                  Dynamic Analysis of Android Malware},
  author =	 {Michelle Y. Wong and David Lie},
  crossref =	 "NDSS2016",
Paolo Calciati's avatar
Paolo Calciati committed
168
169
}

170
@inproceedings{Abraham:2015:GGT,
171
  author =	 {Abraham, A. and Andriatsimandefitra, Radoniaina and
Paolo Calciati's avatar
Paolo Calciati committed
172
173
                  Brunelat, A. and Lalande, Jean-François and Tong,
                  V. Viet Triem},
174
175
176
177
178
179
  title =	 {GroddDroid: a gorilla for triggering malicious
                  behaviors.},
  crossref =	 "MALWARE2015",
  isbn =	 {978-1-5090-0319-8},
  pages =	 {119-127},
  publisher =	 {IEEE},
Paolo Calciati's avatar
Paolo Calciati committed
180
181
182
}

@inproceedings{Sasnauskas:2014:IFC,
183
184
185
186
187
188
189
190
  author =	 {Sasnauskas, Raimondas and Regehr, John},
  title =	 {Intent Fuzzer: Crafting Intents of Death},
  crossref =	 "WODA2014",
  isbn =	 {978-1-4503-2934-7},
  pages =	 {1--5},
  doi =		 {10.1145/2632168.2632169},
  publisher =	 {ACM},
  keywords =	 {Android IPC, fuzz testing, random testing, static
191
                  analysis},
Paolo Calciati's avatar
Paolo Calciati committed
192
193
194
}

@inproceedings{Ye:2013:DFA,
195
196
197
198
199
200
201
202
203
204
  author =	 {Ye, Hui and Cheng, Shaoyin and Zhang, Lanbo and
                  Jiang, Fan},
  title =	 {DroidFuzzer: Fuzzing the Android Apps with
                  Intent-Filter Tag},
  crossref =	 "MoMM2013",
  isbn =	 {978-1-4503-2106-8},
  pages =	 {68--74},
  doi =		 {10.1145/2536853.2536881},
  publisher =	 {ACM},
  keywords =	 {Activity, Android app, automated testing tool, data
205
                  input, fuzzing},
Paolo Calciati's avatar
Paolo Calciati committed
206
207
208
}

@inproceedings{Morgado:2015:TAM,
209
210
  author =	 {Ines Coimbra Morgado and Ana C. R. Paiva},
  title =	 {Testing Approach for Mobile Applications through
Paolo Calciati's avatar
Paolo Calciati committed
211
                  Reverse Engineering of {UI} Patterns},
212
213
214
  crossref =	 "TESTBEDS2015",
  pages =	 {42--49},
  publisher =	 {{IEEE} Computer Society},
Paolo Calciati's avatar
Paolo Calciati committed
215
216
}

Paolo Calciati's avatar
Paolo Calciati committed
217
@inproceedings{Mahmood:2014:ESE,
218
219
220
221
222
223
224
225
226
  author =	 {Mahmood, Riyadh and Mirzaei, Nariman and Malek, Sam},
  title =	 {{EvoDroid}: Segmented Evolutionary Testing of
                  Android Apps},
  crossref =	 "FSE2014",
  isbn =	 {978-1-4503-3056-5},
  pages =	 {599--609},
  doi =		 {10.1145/2635868.2635896},
  publisher =	 {ACM},
  keywords =	 {Android, Evolutionary Testing, Program Analysis},
Paolo Calciati's avatar
Paolo Calciati committed
227
228
}

Paolo Calciati's avatar
Paolo Calciati committed
229
@inproceedings{Anand:2012:ACT,
230
231
232
233
234
235
236
237
238
  author =	 {Anand, Saswat and Naik, Mayur and Harrold, Mary Jean
                  and Yang, Hongseok},
  title =	 {Automated Concolic Testing of Smartphone Apps},
  crossref =	 "FSE2012",
  isbn =	 {978-1-4503-1614-9},
  pages =	 {1--11},
  doi =		 {10.1145/2393596.2393666},
  publisher =	 {ACM},
  keywords =	 {Android, GUI testing, testing event-driven programs},
Paolo Calciati's avatar
Paolo Calciati committed
239
240
241
}

@inproceedings{Morgado:2015:TIT,
242
243
  author =	 {Ines Coimbra Morgado and Ana C. R. Paiva},
  title =	 {The {iMPAcT} Tool: Testing {UI} Patterns on Mobile
Paolo Calciati's avatar
Paolo Calciati committed
244
                  Applications},
245
246
247
  crossref =	 "ASE2015",
  pages =	 {876--881},
  publisher =	 {{IEEE} Computer Society},
Paolo Calciati's avatar
Paolo Calciati committed
248
}
Paolo Calciati's avatar
Paolo Calciati committed
249
250

@inproceedings{Moran:2017:ADR,
251
252
253
254
  author =	 {Kevin Moran and Mario Linares V{\'{a}}squez and
                  Carlos Bernal{-}C{\'{a}}rdenas and Christopher
                  Vendome and Denys Poshyvanyk},
  title =	 {Automatically Discovering, Reporting and Reproducing
Paolo Calciati's avatar
Paolo Calciati committed
255
                  Android Application Crashes},
256
257
  crossref =	 "ICST2016",
  publisher =	 {IEEE},
258
259
}

260
@inproceedings{Mao:2016:SMA:,
261
262
263
264
265
266
267
268
269
270
  author =	 {Mao, Ke and Harman, Mark and Jia, Yue},
  title =	 {Sapienz: Multi-objective Automated Testing for
                  Android Applications},
  crossref =	 "ISSTA2016",
  isbn =	 {978-1-4503-4390-9},
  pages =	 {94--105},
  doi =		 {10.1145/2931037.2931054},
  publisher =	 {ACM},
  keywords =	 {Android, Search-based software testing, Test
                  generation},
271
}
272
273

@inproceedings{Li:2017:LSP,
274
275
276
277
278
279
280
281
282
283
284
  author =	 {Li, Menghao and Wang, Wei and Wang, Pei and Wang,
                  Shuai and Wu, Dinghao and Liu, Jian and Xue, Rui and
                  Huo, Wei},
  title =	 {LibD: Scalable and Precise Third-party Library
                  Detection in Android Markets},
  crossref =	 "ICSE2017",
  isbn =	 {978-1-5386-3868-2},
  pages =	 {335--346},
  doi =		 {10.1109/ICSE.2017.38},
  publisher =	 {IEEE Press},
  keywords =	 {android, software mining, third-party library},
285
286
287
}

@inproceedings{Derr:2017:KUA,
288
289
290
291
292
293
  author =	 {Derr, Erik and Bugiel, Sven and Fahl, Sascha and
                  Acar, Yasemin and Backes, Michael},
  title =	 {Keep me Updated: An Empirical Study of Third-Party
                  Library Updatability on Android},
  pages =	 {2187--2200},
  crossref =	 "CCS2017",
294
295
}

296
@inproceedings{Zhang:2013:EMA:,
297
298
299
300
301
302
303
304
  author =	 {Zhang, Jack and Sagar, Shikhar and Shihab, Emad},
  title =	 {The Evolution of Mobile Apps: An Exploratory Study},
  crossref =	 "DeMobile2013",
  isbn =	 {978-1-4503-2312-3},
  pages =	 {1--8},
  doi =		 {10.1145/2501553.2501554},
  publisher =	 {ACM},
  keywords =	 {Software evolution, mobile applica- tions, mobile
305
                  software engineering},
306
}
307
308

@inproceedings{Grano:2017:AAU,
309
  author =	 {Grano, Giovanni and Di Sorbo, Andrea and Mercaldo,
310
311
                  Francesco and Visaggio, Corrado A. and Canfora,
                  Gerardo and Panichella, Sebastiano},
312
313
314
315
316
317
318
319
320
  title =	 {Android Apps and User Feedback: A Dataset for
                  Software Evolution and Quality Improvement},
  crossref =	 "WAMA2017",
  isbn =	 {978-1-4503-5158-4},
  pages =	 {8--11},
  doi =		 {10.1145/3121264.3121266},
  publisher =	 {ACM},
  keywords =	 {App Reviews, Mobile Applications, Software
                  Maintenance and Evolution, Software Quality},
321
322
323
}

@inproceedings{Hecht:2015:TSQ,
324
325
326
327
328
329
330
331
332
333
  author =	 {Hecht, Geoffrey and Benomar, Omar and Rouvoy, Romain
                  and Moha, Naouel and Duchien, Laurence},
  title =	 {Tracking the Software Quality of Android
                  Applications Along Their Evolution (T)},
  crossref =	 "ASE2015",
  isbn =	 {978-1-5090-0025-8},
  pages =	 {236--247},
  doi =		 {10.1109/ASE.2015.46},
  publisher =	 {IEEE Computer Society},
  address =	 {Washington, DC, USA},
334
}
335

336
@inproceedings{Allix:2016:ACM,
337
338
339
340
341
342
343
344
345
346
347
  author =	 {Allix, Kevin and Bissyand{\'e}, Tegawend{\'e} F. and
                  Klein, Jacques and Le Traon, Yves},
  title =	 {{AndroZoo}: Collecting Millions of Android Apps for
                  the Research Community},
  crossref =	 "MSR2016",
  isbn =	 {978-1-4503-4186-8},
  pages =	 {468--471},
  url =		 {http://doi.acm.org/10.1145/2901739.2903508},
  doi =		 {10.1145/2901739.2903508},
  publisher =	 {ACM},
  keywords =	 {APK, android applications, software repository},
348
349
350
}

@inproceedings{Ng:2014:AAS,
351
352
353
354
355
356
357
358
359
360
  author =	 {Ng, Yi Ying and Zhou, Hucheng and Ji, Zhiyuan and
                  Luo, Huan and Dong, Yuan},
  title =	 {Which Android App Store Can Be Trusted in China?},
  crossref =	 "COMPSAC2014",
  isbn =	 {978-1-4799-3575-8},
  pages =	 {509--518},
  doi =		 {10.1109/COMPSAC.2014.95},
  publisher =	 {IEEE Computer Society},
  keywords =	 {Android, app store, APK, trustworthy, severity
                  ranking},
361
362
}

363
@inproceedings {Backes:2016:ODA,
364
365
366
367
  author =	 {Michael Backes and Sven Bugiel and Erik Derr and
                  Patrick McDaniel and Damien Octeau and Sebastian
                  Weisgerber},
  title =	 {On Demystifying the Android Application Framework:
368
369
                  Re-Visiting Android Permission Specification
                  Analysis},
370
371
372
373
  crossref =	 "USENIXSec2016",
  isbn =	 {978-1-931971-32-4},
  pages =	 {1101--1118},
  publisher =	 {{USENIX} Association},
374
375
}

376
@article{Allix:2016:EAM,
377
378
379
380
381
382
383
384
385
386
387
388
389
  author =	 {Kevin Allix and Tegawend{\'{e}} F. Bissyand{\'{e}}
                  and Quentin J{\'{e}}rome and Jacques Klein and Radu
                  State and Yves Le Traon},
  title =	 {Empirical assessment of machine learning-based
                  malware detectors for Android - Measuring the gap
                  between in-the-lab and in-the-wild validation
                  scenarios},
  journal =	 JEmpiricalSE,
  volume =	 {21},
  number =	 {1},
  pages =	 {183--211},
  year =	 {2016},
  doi =		 {10.1007/s10664-014-9352-6},
390
391
}

Paolo Calciati's avatar
Paolo Calciati committed
392
@inproceedings{Bartel:2012:ASP,
393
394
395
396
397
398
399
400
401
402
403
404
405
  author =	 {Bartel, Alexandre and Klein, Jacques and Le Traon,
                  Yves and Monperrus, Martin},
  title =	 {Automatically Securing Permission-based Software by
                  Reducing the Attack Surface: An Application to
                  Android},
  crossref =	 {ASE2012},
  isbn =	 {978-1-4503-1204-2},
  pages =	 {274--277},
  doi =		 {10.1145/2351676.2351722},
  publisher =	 {ACM},
  keywords =	 {Android, Permissions, Soot, call-graph,
                  permission-based software, security, static
                  analysis},
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
}

@inproceedings{Gordon:Droidsafe:NDSS:2015,
  author =	 "Gordon, Michael I. and Kim, Deokhwan and Perkins,
                  Jeff and Gilham, Limei and Nguyen, Nguyen and
                  Rinard, Martin",
  title =	 "Information-Flow Analysis of {Android} Applications
                  in {DroidSafe}",
  crossref =	 "NDSS2015",
}

@inproceedings{Huang:AsDroid:ICSE:2014,
  author =	 {Huang, Jianjun and Zhang, Xiangyu and Tan, Lin and
                  Wang, Peng and Liang, Bin},
  title =	 {{AsDroid:} Detecting Stealthy Behaviors in {Android}
                  Applications by User Interface and Program Behavior
                  Contradiction},
  crossref =	 "ICSE2014",
  isbn =	 {978-1-4503-2756-5},
  pages =	 {1036--1046},
  doi =		 {10.1145/2568225.2568301},
  publisher =	 {ACM},
  keywords =	 {Android, Program Behavior Contradiction, Stealthy
                  Behaviors, User Interface},
}

@inproceedings{Yang:gator:ICSE:2015,
  author =	 {Yang, Shengqian and Yan, Dacong and Wu, Haowei and
                  Wang, Yan and Rountev, Atanas},
  title =	 {Static Control-flow Analysis of User-driven
                  Callbacks in {Android} Applications},
  crossref =	 "ICSE2015",
  isbn =	 {978-1-4799-1934-5},
  pages =	 {89--99},
  publisher =	 {IEEE Press},
}

@inproceedings{AlSubaihin:appmining:Demobile:2015,
  author =	 {Al-Subaihin, Afnan and Finkelstein, Anthony and
                  Harman, Mark and Jia, Yue and Martin, William and
                  Sarro, Federica and Zhang, Yuanyuan},
  title =	 {App Store Mining and Analysis},
  crossref =	 "DeMobile2015",
  isbn =	 {978-1-4503-3815-8},
  pages =	 {1--2},
  doi =		 {10.1145/2804345.2804346},
  keywords =	 {App stores, Mining Software Repositories},
}

@inproceedings{Au:pscout:CCS:2012,
  author =	 {Au, Kathy Wain Yee and Zhou, Yi Fan and Huang, Zhen
                  and Lie, David},
  title =	 {{PScout}: analyzing the {Android} permission
                  specification},
  crossref =	 "CCS2012",
  isbn =	 {978-1-4503-1651-4},
  pages =	 {217--228},
  doi =		 {10.1145/2382196.2382222},
  keywords =	 {android, permissions, smartphone},
}

@inproceedings{Rasthofer:susi:NDSS:2014,
  author =	 {Siegfried Rasthofer and Steven Arzt and Eric Bodden},
  title =	 {A Machine-learning Approach for Classifying and
                  Categorizing {Android} Sources and Sinks},
  year =	 {2014},
  crossref =	 "NDSS2014",
}

@InProceedings{Huang:BidText:FSE:2016,
  author =	 {Jianjun Huang and Xiangyu Zhang and Lin Tan},
  title =	 {Detecting Sensitive Data Disclosure via
                  Bi-directional Text Correlation Analysis},
  crossref =	 "FSE2016",
  pages =	 {169--180},
}

@inproceedings{Wang:soundnessGUIAnalysisAndroid:SOAP:2016,
  author =	 {Wang, Yan and Zhang, Hailong and Rountev, Atanas},
  title =	 {On the Unsoundness of Static Analysis for {Android}
                  {GUIs}},
  crossref =	 "SOAP2016",
  isbn =	 {978-1-4503-4385-5},
  pages =	 {18--23},
  doi =		 {10.1145/2931021.2931026},
  keywords =	 {Android, soundness, static analysis},
}

@inproceedings{Pandita:whyper:usenix:2013,
  author =	 {Pandita, Rahul and Xiao, Xusheng and Yang, Wei and
                  Enck, William and Xie, Tao},
  title =	 {WHYPER: Towards Automating Risk Assessment of Mobile
                  Applications},
  crossref =	 "USENIXSec2013",
  isbn =	 {978-1-931971-03-4},
  pages =	 {527--542},
}

@inproceedings{Qu:autocog:CCS:2014,
  author =	 {Qu, Zhengyang and Rastogi, Vaibhav and Zhang, Xinyi
                  and Chen, Yan and Zhu, Tiantian and Chen, Zhong},
  title =	 {AutoCog: Measuring the Description-to-permission
                  Fidelity in Android Applications},
  crossref =	 "CCS2014",
  year =	 {2014},
  isbn =	 {978-1-4503-2957-6},
  pages =	 {1354--1365},
  doi =		 {10.1145/2660267.2660287},
  keywords =	 {android, google play, machine learning, mobile,
                  natural language processing, permissions},
}

@inproceedings{Yu:Descriptions:SANER:2016,
  author =	 {L. Yu and X. Luo and C. Qian and S. Wang},
  title =	 {Revisiting the Description-to-Behavior Fidelity in
                  Android Applications},
  crossref =	 "SANER2016",
  pages =	 {415--426},
  doi =		 {10.1109/SANER.2016.67},
}


@InProceedings{Sarro:MiningDescrESEM:2016,
  author =	 {A. A. Al-Subaihin and F. Sarro and S. Black and
                  L. Capra and M. Harman and Y. Jia and Y. Zhang},
  title =	 {Clustering Mobile Apps Based on Mined Textual
                  Descriptions},
  isbn =	 {978-1-4503-4427-2},
  pages =	 {1--10},
  crossref =	 "ESEM2016",
}

@inproceedings{Yang:appcontext:ICSE:2015,
  author =	 {Yang, Wei and Xiao, Xusheng and Andow, Benjamin and
                  Li, Sihan and Xie, Tao and Enck, William},
  title =	 {AppContext: Differentiating Malicious and Benign
                  Mobile App Behaviors Using Context},
  crossref =	 "ICSE2015",
  isbn =	 {978-1-4799-1934-5},
  pages =	 {303--313},
  publisher =	 {IEEE Press},
}

@inproceedings{Nan:uipicker:USENIXSEC:2015,
  author =	 {Nan, Yuhong and Yang, Min and Yang, Zhemin and Zhou,
                  Shunfan and Gu, Guofei and Wang, XiaoFeng},
  title =	 {UIPicker: User-input Privacy Identification in
                  Mobile Applications},
  crossref =	 "USENIXSec2015",
  isbn =	 {978-1-931971-232},
  pages =	 {993--1008},
}

@inproceedings{Huang:SUPOR:USENIXSEC:2015,
  author =	 {Huang, Jianjun and Li, Zhichun and Xiao, Xusheng and
                  Wu, Zhenyu and Lu, Kangjie and Zhang, Xiangyu and
                  Jiang, Guofei},
  title =	 {{SUPOR}: Precise and Scalable Sensitive User Input
                  Detection for Android Apps},
  crossref =	 "USENIXSec2015",
  isbn =	 {978-1-931971-232},
  pages =	 {977--992},
}

@techreport{Fuchs:scandroid:2009,
  title =	 {Scandroid: Automated security certification of
                  android},
  author =	 {Fuchs, Adam P and Chaudhuri, Avik and Foster,
                  Jeffrey S},
  year =	 {2009},
  institution =	 {Department of Computer Science, University of
                  Maryland, College Park},
  number =	 {CS-TR-4991},
  month =	 nov,
}
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650

@inproceedings{Octeau:Dare:FSE:2012,
  author =	 {Octeau, Damien and Jha, Somesh and McDaniel,
                  Patrick},
  title =	 {Retargeting Android Applications to Java Bytecode},
  crossref =	 "FSE2012",
  isbn =	 {978-1-4503-1614-9},
  pages =	 {1--11},
  doi =		 {10.1145/2393596.2393600},
  keywords =	 {Android, Dalvik bytecode, Dalvik retargeting},
}

@inproceedings{Bartel:Dexpler:SOAP:2012,
  author =	 {Bartel, Alexandre and Klein, Jacques and Le Traon,
                  Yves and Monperrus, Martin},
  title =	 {Dexpler: Converting Android Dalvik Bytecode to
                  Jimple for Static Analysis with Soot},
  crossref =	 "SOAP2012",
  isbn =	 {978-1-4503-1490-9},
  pages =	 {27--38},
  keywords =	 {Android, Dalvik bytecode, Jimple, Soot, code
                  generation, static analysis},
}

@Misc{smali,
  key =		 {smali},
  title =	 {{Smali/baksmali, an assembler/disassembler for the
                  dex format used by Dalvik}},
  note =	 {\url{https://code.google.com/p/smali}}
}

@inproceedings{Enck:Taintdroid:OSDI:2010,
  author =	 {Enck, William and Gilbert, Peter and Chun, Byung-Gon
                  and Cox, Landon P. and Jung, Jaeyeon and McDaniel,
                  Patrick and Sheth, Anmol N.},
  title =	 {{TaintDroid}: An Information-flow Tracking System
                  for Realtime Privacy Monitoring on Smartphones},
  crossref =	 "OSDI2010",
  pages =	 {1--6},
}

@inproceedings{Arzt:FlowDroid:PLDI:2014,
  author =	 {Arzt, Steven and Rasthofer, Siegfried and Fritz,
                  Christian and Bodden, Eric and Bartel, Alexandre and
                  Klein, Jacques and Le Traon, Yves and Octeau, Damien
                  and McDaniel, Patrick},
  title =	 {{FlowDroid}: Precise Context, Flow, Field,
                  Object-sensitive and Lifecycle-aware Taint Analysis
                  for {Android} Apps},
  crossref =	 "PLDI2014",
  isbn =	 {978-1-4503-2784-8},
  pages =	 {259--269},
  doi =		 {10.1145/2594291.2594299},
}

@article{Kechagia:AndroidFailures:EMSE:2014,
  author =	 {Kechagia, Maria and Mitropoulos, Dimitris and
                  Spinellis, Diomidis},
  title =	 {Charting the {API} minefield using software
                  telemetry data},
  journal =	 "JEmpiricalSE",
  year =	 {2014},
  pages =	 {1--46},  
  issn =	 {1382-3256},
  doi =		 {10.1007/s10664-014-9343-7},
  url =		 {http://dx.doi.org/10.1007/s10664-014-9343-7},
  publisher =	 {Springer US},
  keywords =	 {Application programming interfaces; Stack traces;
                  Reliability; Mobile applications},
}
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681

@article{CoRR:2013:Book,
  author =	 {Book, Theodore and Pridgen, Adam and Wallach, Dan
                  S.},
  journal =	 {CoRR},
  title =	 {Longitudinal Analysis of Android Ad Library
                  Permissions},
  volume =	 {abs/1303.0857},
  year =	 2013
}

@article{Bogdanas:DPerm:17,
  author =	 {Denis Bogdanas},
  title =	 {DPerm: Assisting the Migration of Android Apps to
                  Runtime Permissions},
  journal =	 {CoRR},
  volume =	 {abs/1706.05042},
  year =	 {2017},
  url =		 {http://arxiv.org/abs/1706.05042},
}

@inproceedings{Ren:BugFixesPrivacy:NDSS:2018,
  author =	 {Ren, Jingjing and Lindorfer, Martina and Dubois,
                  Daniel J. and Rao, Ashwin and Choffnes, David and
                  Vallina-Rodriguez, Narseo},
  title =	 {Bug Fixes, Improvements, ... and Privacy Leaks},
  crossref =	 "NDSS2018",
  isbn =	 {1-1891562-49-5},
  keywords =	 {Software evolution, mobile applications, mobile
                  software engineering},
}
Paolo Calciati's avatar
Paolo Calciati committed
682

683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
@article{Moreno:2017:AAA,
  author =	 {L. Moreno and G. Bavota and M. D. Penta and
                  R. Oliveto and A. Marcus and G. Canfora},
  journal =	 "IEEESE",
  title =	 {{ARENA}: An Approach for the Automated Generation of
                  Release Notes},
  year =	 {2017},
  volume =	 {43},
  number =	 {2},
  pages =	 {106--127},
  keywords =	 {Libraries;Licenses;Feature
                  extraction;Documentation;Computer bugs;Open source
                  software},
  doi =		 {10.1109/TSE.2016.2591536},
  ISSN =	 {0098-5589},
  month =	 feb,
Paolo Calciati's avatar
Paolo Calciati committed
699
}
Paolo Calciati's avatar
Paolo Calciati committed
700
701

@InProceedings{Salza:2018:DDU,
702
703
  author =	 {Pasquale Salza and Fabio Palomba and Dario Di Nucci
                  and Cosmo D'Uva and Andrea De Lucia and Filomena
Paolo Calciati's avatar
Paolo Calciati committed
704
                  Ferrucci},
705
706
707
708
  title =	 "Do Developers Update Third-Party Libraries in Mobile
                  Apps?",
  crossref =	 "ICPC2018",
  month =	 may,
Paolo Calciati's avatar
Paolo Calciati committed
709
}
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793

@inproceedings{rencon:piileaks:mobisys:2016,
  title =	 {Recon: Revealing and controlling pii leaks in mobile
                  network traffic},
  author =	 {Ren, Jingjing and Rao, Ashwin and Lindorfer, Martina
                  and Legout, Arnaud and Choffnes, David},
  crossref =	 "MobiSys2016",
  pages =	 {361--374},
}

@article{xu:secureAndroidecosystem:CSUR:2016,
  title =	 {Toward engineering a secure android ecosystem: A
                  survey of existing techniques},
  author =	 {Xu, Meng and Song, Chengyu and Ji, Yang and Shih,
                  Ming-Wei and Lu, Kangjie and Zheng, Cong and Duan,
                  Ruian and Jang, Yeongjin and Lee, Byoungyoung and
                  Qian, Chenxiong and others},
  journal =	 CSUR,
  volume =	 {49},
  number =	 {2},
  pages =	 {38},
  year =	 {2016},
  publisher =	 {ACM}
}

@inproceedings{wei:fragmentation:ASE:2016,
  title =	 {Taming Android fragmentation: Characterizing and
                  detecting compatibility issues for Android apps},
  author =	 {Wei, Lili and Liu, Yepang and Cheung, Shing-Chi},
  crossref =	 "ASE2016",
  pages =	 {226--237},
  organization = {IEEE}
}

@inproceedings{linares:supportingevolution:ICSE:2014,
  title =	 {Supporting evolution and maintenance of Android
                  apps},
  author =	 {Linares-V{\'a}squez, Mario},
  crossref =	 "ICSE2014",
  pages =	 {714--717},
  organization = {ACM}
}

@inproceedings{clapp2016minimizing,
  title =	 {Minimizing GUI event traces},
  author =	 {Clapp, Lazaro and Bastani, Osbert and Anand, Saswat
                  and Aiken, Alex},
  crossref =	 "FSE2016",
  pages =	 {422--434},
  organization = {ACM}
}

@inproceedings{wu2016static,
  title =	 {Static detection of energy defect patterns in
                  Android applications},
  author =	 {Wu, Haowei and Yang, Shengqian and Rountev, Atanas},
  crossref =	 "CC2016",
  pages =	 {185--195},
  organization = {ACM}
}

%%% ***

@inproceedings{leung2016should,
  title =	 {Should you use the app for that?: Comparing the
                  privacy implications of app-and web-based online
                  services},
  author =	 {Leung, Christophe and Ren, Jingjing and Choffnes,
                  David and Wilson, Christo},
  booktitle =	 {Proceedings of the 2016 Internet Measurement
                  Conference},
  pages =	 {365--372},
  year =	 {2016},
  organization = {ACM}
}

@article{reaves2016droid,
  title =	 {* droid: Assessment and Evaluation of Android
                  Application Analysis Tools},
  author =	 {Reaves, Bradley and Bowers, Jasmine and Gorski III,
                  Sigmund Albert and Anise, Olabode and Bobhate, Rahul
                  and Cho, Raymond and Das, Hiranava and Hussain,
                  Sharique and Karachiwala, Hamza and Scaife, Nolen
                  and others},
Alessandra Gorla's avatar
merged    
Alessandra Gorla committed
794
  journal =	 CSUR,
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
  volume =	 {49},
  number =	 {3},
  pages =	 {55},
  year =	 {2016},
  publisher =	 {ACM}
}

@inproceedings{cai2017understanding,
  title =	 {Understanding Android application programming and
                  security: A dynamic study},
  author =	 {Cai, Haipeng and Ryder, Barbara G},
  booktitle =	 {Software Maintenance and Evolution (ICSME), 2017
                  IEEE International Conference on},
  pages =	 {364--375},
  year =	 {2017},
  organization = {IEEE}
}

@inproceedings{grano2017exploring,
  title =	 {Exploring the integration of user feedback in
                  automated testing of android applications},
  author =	 {Grano, Giovanni and Ciurumelea, Adelina and
                  Panichella, Sebastiano and Palomba, Fabio and Gall,
                  Harald C},
  booktitle =	 {IEEE 25th International Conference on Software
                  Analysis, Evolution and Reengineering, SANER 2018,
                  Campobasso, Italy},
  year =	 {2017}
}

@inproceedings{kang2016diagdroid,
  title={DiagDroid: Android performance diagnosis via anatomizing asynchronous executions},
  author={Kang, Yu and Zhou, Yangfan and Xu, Hui and Lyu, Michael R},
  booktitle={Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering},
  pages={410--421},
  year={2016},
  organization={ACM}
}

@inproceedings{koch2017semi,
  title={Semi-automated discovery of server-based information oversharing vulnerabilities in Android applications},
  author={Koch, William and Chaabane, Abdelberi and Egele, Manuel and Robertson, William and Kirda, Engin},
  booktitle={Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis},
  pages={147--157},
  year={2017},
  organization={ACM}
}

@inproceedings{leung2016should,
  title={Should you use the app for that?: Comparing the privacy implications of app-and web-based online services},
  author={Leung, Christophe and Ren, Jingjing and Choffnes, David and Wilson, Christo},
  booktitle={Proceedings of the 2016 Internet Measurement Conference},
  pages={365--372},
  year={2016},
  organization={ACM}
}

@inproceedings{majeed2016model,
  title={Model-based replay testing for event-driven software},
  author={Majeed, Shakaiba and Ryu, Minsoo},
  booktitle={Proceedings of the 31st Annual ACM Symposium on Applied Computing},
  pages={1527--1533},
  year={2016},
  organization={ACM}
}

@inproceedings{liu2017realdroid,
  title={RealDroid: Large-Scale Evasive Malware Detection on" Real Devices"},
  author={Liu, Lang and Gu, Yacong and Li, Qi and Su, Purui},
  booktitle={Computer Communication and Networks (ICCCN), 2017 26th International Conference on},
  pages={1--8},
  year={2017},
  organization={IEEE}
}

@article{dong2017fraudroid,
  title={FrauDroid: An Accurate and Scalable Approach to Automated Mobile Ad Fraud Detection},
  author={Dong, Feng and Wang, Haoyu and Li, Yuanchun and Guo, Yao and Li, Li and Zhang, Shaodong and Xu, Guoai},
  journal={arXiv preprint arXiv:1709.01213},
  year={2017}
}

@inproceedings{dong2018mobile,
  title={How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries?},
  author={Dong, Feng and Wang, Haoyu and Li, Li and Guo, Yao and Xu, Guoai and Zhang, Shaodong},
  booktitle={Proceedings of the 19th International Workshop on Mobile Computing Systems \& Applications},
  pages={75--80},
  year={2018},
  organization={ACM}
}

@article{yerima2018droidfusion,
  title={DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection},
  author={Yerima, Suleiman Y and Sezer, Sakir},
  journal={IEEE Transactions on Cybernetics},
  year={2018},
  publisher={IEEE}
}

@article{eskandari2017analyzing,
  title={Analyzing Remote Server Locations for Personal Data Transfers in Mobile Apps},
  author={Eskandari, Mojtaba and Kessler, Bruno and Ahmad, Maqsood and de Oliveira, Anderson Santana and Crispo, Bruno},
  journal={Proceedings on Privacy Enhancing Technologies},
  volume={2017},
  number={1},
  pages={118--131},
  year={2017},
  publisher={De Gruyter Open}
}

@inproceedings{bao2018mining,
  title={Mining sandboxes: Are we there yet?},
  author={Bao, Lingfeng and Le, Tien-Duy B and Lo, David},
  booktitle={2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER)},
  pages={445--455},
  year={2018},
  organization={IEEE}
}
Alessandra Gorla's avatar
merged    
Alessandra Gorla committed
913

914
915
916
917
918
919
920
921
922
923
@inproceedings{Wang:2018:WAA,
 author = {Wang, Haoyu and Li, Hao and Li, Li and Guo, Yao and Xu, Guoai},
 title = {Why Are Android Apps Removed from Google Play?: A Large-scale Empirical Study},
 crossref = "MSR2018",
 isbn = {978-1-4503-5716-6},
 pages = {231--242},
 doi = {10.1145/3196398.3196412},
 publisher = {ACM},
 keywords = {Android, app mining, app store, malware},
}
924
925
926
927
928
929
930
931
932
933
934

@inproceedings{Nayebi:2018:AFD,
 author = {Nayebi, Maleknaz and Kuznetsov, Konstantin and Chen, Paul and Zeller, Andreas and Ruhe, Guenther},
 title = {Anatomy of Functionality Deletion: An Exploratory Study on Mobile Apps},
 crossref = "MSR2018",
 isbn = {978-1-4503-5716-6},
 pages = {243--253},
 doi = {10.1145/3196398.3196410},
 publisher = {ACM},
 keywords = {app store mining, deletion, functionality, mobile apps, survey, taxonomy},
}