Investigation of Security-related Commits in Android AppsPoster
Wed 14 Jun 2023 15:00 - 15:30 at Aurora Hall - Poster
Thu 15 Jun 2023 10:00 - 10:30 at Aurora Hall - Poster
Thu 15 Jun 2023 15:00 - 15:30 at Aurora Hall - Poster
The exponential increase in smartphone usage has fueled the rapid growth of Android applications (apps). Unfortunately, this growth has also resulted in an alarming rise in security vulnerabilities, posing a significant challenge for developers of smartphone apps. In this paper, we conducted a quantitative and qualitative study to analyze security-related issues in open-source Android apps available on GitHub. Our study included a total set of 689 security-related commits identified from 111,224 commits distributed over 2,187 apps. We proposed a taxonomy of ten distinct categories of security issues, which we identified using the card-sorting technique. Our findings showed that permission issues were the most prevalent in our dataset (370, 53.7%), followed by Login issues (160, 23.22%). Issues such as Privacy (5, 0.72%) and Framework (3, 0.43%) were rare in our dataset. Other security issues were related to Encryption, Authentication, Generic Security, Decryption, Network, and Database. Our taxonomy also included 91 sub-categories/sub-themes, with permission issues having the highest number of sub-categories (37). Developers discussed permission sub-categories, such as permission sub-categories in their commits are camera permission, WiFi permissions, storage permission, WRITE/READ_PHONE_STATE permission, and location permission, among others, in their code commits. These preliminary findings serve as an initial step towards comprehending the primary security concerns from the perspective of both developers and researchers. Furthermore, our long-term objective is to investigate how developers address these security issues in their apps and determine whether they effectively resolve them. This research could provide valuable insights into improving the security of Android apps and preventing potential security breaches.
Wed 14 JunDisplayed time zone: Athens change
10:00 - 10:30 | |||
10:00 30mPoster | Code Privacy in Detection of Web VulnerabilitiesPoster Short Papers and Posters Jorge Martins LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal, Ibéria Medeiros LaSIGE, Faculdade de Ciências da Universidade de Lisboa, Bernardo Ferreira LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal | ||
10:00 30mPoster | Investigation of Security-related Commits in Android AppsPoster Short Papers and Posters Teerath Das University of Jyväskylä, Adam Ali Mohammad Ali JInnah University, Tommi Mikkonen University of Jyvaskyla | ||
10:00 30mPoster | Does Code Smell Frequency Have a Relationship with Fault-proneness?Poster Short Papers and Posters Md. Masudur Rahman Institute of Information Technology (IIT), University of Dhaka, Toukir Ahammed Institute of Information Technology, University of Dhaka, Mahbubul Alam Joarder Institute of Information Technology (IIT), University of Dhaka, Kazi Sakib DOI Pre-print Media Attached File Attached | ||
10:00 30mPoster | Team Composition in Software Engineering EducationPoster Short Papers and Posters Sajid Ibrahim Hashmi M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland, Jouni Markkula M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland DOI Authorizer link File Attached | ||
15:00 - 15:30 | |||
15:00 30mPoster | Does Code Smell Frequency Have a Relationship with Fault-proneness?Poster Short Papers and Posters Md. Masudur Rahman Institute of Information Technology (IIT), University of Dhaka, Toukir Ahammed Institute of Information Technology, University of Dhaka, Mahbubul Alam Joarder Institute of Information Technology (IIT), University of Dhaka, Kazi Sakib DOI Pre-print Media Attached File Attached | ||
15:00 30mPoster | Code Privacy in Detection of Web VulnerabilitiesPoster Short Papers and Posters Jorge Martins LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal, Ibéria Medeiros LaSIGE, Faculdade de Ciências da Universidade de Lisboa, Bernardo Ferreira LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal | ||
15:00 30mPoster | Team Composition in Software Engineering EducationPoster Short Papers and Posters Sajid Ibrahim Hashmi M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland, Jouni Markkula M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland DOI Authorizer link File Attached | ||
15:00 30mPoster | Investigation of Security-related Commits in Android AppsPoster Short Papers and Posters Teerath Das University of Jyväskylä, Adam Ali Mohammad Ali JInnah University, Tommi Mikkonen University of Jyvaskyla | ||
Thu 15 JunDisplayed time zone: Athens change
10:00 - 10:30 | |||
10:00 30mPoster | Investigation of Security-related Commits in Android AppsPoster Short Papers and Posters Teerath Das University of Jyväskylä, Adam Ali Mohammad Ali JInnah University, Tommi Mikkonen University of Jyvaskyla | ||
10:00 30mPoster | Does Code Smell Frequency Have a Relationship with Fault-proneness?Poster Short Papers and Posters Md. Masudur Rahman Institute of Information Technology (IIT), University of Dhaka, Toukir Ahammed Institute of Information Technology, University of Dhaka, Mahbubul Alam Joarder Institute of Information Technology (IIT), University of Dhaka, Kazi Sakib DOI Pre-print Media Attached File Attached | ||
10:00 30mPoster | Code Privacy in Detection of Web VulnerabilitiesPoster Short Papers and Posters Jorge Martins LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal, Ibéria Medeiros LaSIGE, Faculdade de Ciências da Universidade de Lisboa, Bernardo Ferreira LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal | ||
10:00 30mPoster | Team Composition in Software Engineering EducationPoster Short Papers and Posters Sajid Ibrahim Hashmi M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland, Jouni Markkula M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland DOI Authorizer link File Attached | ||
15:00 - 15:30 | |||
15:00 30mPoster | Team Composition in Software Engineering EducationPoster Short Papers and Posters Sajid Ibrahim Hashmi M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland, Jouni Markkula M3S Research Unit Faculty of Information Technology and Electrical Engineering, University of Oulu, Finland DOI Authorizer link File Attached | ||
15:00 30mPoster | Does Code Smell Frequency Have a Relationship with Fault-proneness?Poster Short Papers and Posters Md. Masudur Rahman Institute of Information Technology (IIT), University of Dhaka, Toukir Ahammed Institute of Information Technology, University of Dhaka, Mahbubul Alam Joarder Institute of Information Technology (IIT), University of Dhaka, Kazi Sakib DOI Pre-print Media Attached File Attached | ||
15:00 30mPoster | Code Privacy in Detection of Web VulnerabilitiesPoster Short Papers and Posters Jorge Martins LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal, Ibéria Medeiros LaSIGE, Faculdade de Ciências da Universidade de Lisboa, Bernardo Ferreira LASIGE, Faculdade de Ciências, Universidade de Lisboa, Portugal | ||
15:00 30mPoster | Investigation of Security-related Commits in Android AppsPoster Short Papers and Posters Teerath Das University of Jyväskylä, Adam Ali Mohammad Ali JInnah University, Tommi Mikkonen University of Jyvaskyla | ||