Write a Blog >>
Tue 11 Oct 2022 14:00 - 14:20 at Gold A - Technical Session 8 - Mobile Apps II Chair(s): Wei Yang

Mobile apps, an essential technology in today’s world, should provide equal access to all, including 15% of the world population with disabilities. Assistive Technologies (AT), with the help of Accessibility APIs, provide alternative ways of interaction with apps for disabled users who cannot see or touch the screen. Prior studies have shown that mobile apps are prone to the \textit{under-access} problem, i.e., a condition in which functionalities in an app are not accessible to disabled users, even with the use of ATs. We study the dual of this problem, called the \textit{over-access} problem, and defined as a condition in which an AT can be used to gain access to functionalities in an app that are inaccessible otherwise. Over-access has severe security and privacy implications, allowing one to bypass protected functionalities using ATs, e.g., using VoiceOver to read notes on a locked phone. Over-access also degrades the accessibility of apps by presenting to disabled users information that is actually not intended to be available on a screen, thereby confusing and hindering their ability to effectively navigate. In this work, we first empirically study overly accessible elements in Android apps and define a set of conditions that can result in over-access problem. We then present OverSight, an automated framework that leverages these conditions to detect overly accessible elements and verifies their accessibility dynamically using an AT. Our empirical evaluation of OverSight on real-world apps demonstrates OverSight’s effectiveness in detecting previously unknown security threats, workflow violations, and accessibility issues.

Tue 11 Oct

Displayed time zone: Eastern Time (US & Canada) change

14:00 - 15:30
Technical Session 8 - Mobile Apps IIResearch Papers / Tool Demonstrations at Gold A
Chair(s): Wei Yang University of Texas at Dallas
14:00
20m
Research paper
Too Much Accessibility is Harmful! Automated Detection and Analysis of Overly Accessible Elements in Mobile Apps
Research Papers
Forough Mehralian University of California at Irvine, Navid Salehnamadi University of California at Irvine, Syed Fatiul Huq University of California, Irvine, Sam Malek University of California at Irvine, USA
14:20
20m
Research paper
Groundhog: An Automated Accessibility Crawler for Mobile Apps
Research Papers
Navid Salehnamadi University of California at Irvine, Forough Mehralian University of California at Irvine, Sam Malek University of California at Irvine, USA
14:40
20m
Research paper
Unsupervised Summarization of Privacy Concerns in Mobile Application Reviews
Research Papers
Fahimeh Ebrahimi Louisiana State University, Anas "Nash" Mahmoud Louisiana State University
15:00
10m
Demonstration
ecoCode: a SonarQube Plugin to Remove Energy Smells from Android Projects
Tool Demonstrations
Olivier Le Goaër LIUPPA, Université de Pau et des Pays de l'Adour, Julien Hertout Snapp'
DOI File Attached
15:10
20m
Research paper
The Metamorphosis: Automatic Detection of Scaling Issues for Mobile AppsVirtual
Research Papers
Yuhui Su Institute of Software, Chinese Academy of Sciences, Chunyang Chen Monash University, Junjie Wang Institute of Software at Chinese Academy of Sciences, Zhe Liu Institute of Software, Chinese Academy of Sciences, Dandan Wang Institute of Software, Chinese Academy of Sciences, Shoubin Li ISCAS, Qing Wang Institute of Software at Chinese Academy of Sciences
Pre-print