FSE 2025
Mon 23 - Fri 27 June 2025 Trondheim, Norway
co-located with ISSTA 2025
Mon 23 Jun 2025 17:00 - 17:20 at Aurora A - Mobile Apps Chair(s): Kelly Blincoe

The advent of MiniApps, operating within larger SuperApps, has revolutionized user experiences by offering a wide range of services without the need for individual app downloads. However, this convenience has raised significant privacy concerns, as these MiniApps often require access to sensitive data, potentially leading to privacy violations. Despite existing privacy regulations and platform guidelines, there is a lack of effective mechanisms to safeguard user privacy fully. To address this critical gap, we introduce MiniScope, a novel two-phase hybrid analysis approach, specifically designed for the MiniApp environment. This approach overcomes the limitations of existing static analysis techniques by incorporating UI transition states analysis, cross-package callback control flow resolution, and automated iterative UI exploration. This allows for a comprehensive understanding of MiniApps’ privacy practices, addressing the unique challenges of sub-package loading and event-driven callbacks. Our empirical evaluation of over 120K MiniApps using MiniScope demonstrates its effectiveness in identifying privacy inconsistencies. The results reveal significant issues, with 5.7% of MiniApps over-collecting private data and 33.4% overclaiming data collection. We have responsibly disclosed our findings to 2,282 developers, receiving 44 acknowledgments. These findings emphasize the urgent need for more precise privacy monitoring systems and highlight the responsibility of SuperApp operators to enforce stricter privacy measures.

Mon 23 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:00 - 18:00
16:00
10m
Talk
DynDebloater: Dynamically Debloating Unwanted Features of Android Apps without APK Modification
Demonstrations
Zicheng Zhang School of Computing and Information Systems, Singapore Management University, Jiakun Liu Singapore Management University, Ferdian Thung Singapore Management University, Xing Hu Zhejiang University, Wei Minn Singapore Management University, Yan Naing Tun Singapore Management University, Lwin Khin Shar Singapore Management University, David Lo Singapore Management University, Debin Gao Singapore Management University
16:10
20m
Talk
HapRepair: Learn to Repair OpenHarmony Apps
Industry Papers
Zhihao Lin , Mingyi Zhou Beihang University, Wei Ma , chichen , Yun Yang Yunnan University, Jun Wang Post Luxembourg, Chunming Hu Beihang University, Li Li Beihang University
16:30
20m
Talk
Are iOS Apps Immune to Abusive Advertising Practices?
Industry Papers
Tianming Liu Monash Univerisity, Jiapeng Deng Huazhong University of Science and Technology, Yanjie Zhao Huazhong University of Science and Technology, Xiao Chen University of Newcastle, Xiaoning Du Monash University, Li Li Beihang University, Haoyu Wang Huazhong University of Science and Technology
16:50
10m
Talk
Toward LLM-Driven GDPR Compliance Checking for Android Apps
Ideas, Visions and Reflections
Marco Alecci University of Luxembourg, Nicolas Sannier University of Luxembourg, SnT, Marcello Ceci University of Luxembourg, Sallam Abualhaija University of Luxembourg, Jordan Samhi University of Luxembourg, Luxembourg, Domenico Bianculli University of Luxembourg, Tegawendé F. Bissyandé University of Luxembourg, Jacques Klein University of Luxembourg
17:00
20m
Talk
MiniScope: Automated UI Exploration and Privacy Inconsistency Detection of MiniApps via Two-phase Iterative Hybrid Analysis
Journal First
Shenao Wang Huazhong University of Science and Technology, Yuekang Li UNSW, Kailong Wang Huazhong University of Science and Technology, Yi Liu Nanyang Technological University, Hui Li Samsung Electronics (China) R&D Centre, Yang Liu Nanyang Technological University, Haoyu Wang Huazhong University of Science and Technology
17:20
20m
Talk
Temporal-Incremental Learning for Android Malware Detection
Journal First
Tiezhu Sun University of Luxembourg, Nadia Daoudi Luxembourg Institute of Science and Technology, Weiguo Pian University of Luxembourg, Kisub Kim Singapore Management University, Singapore, Kevin Allix Independent Researcher, Tegawendé F. Bissyandé University of Luxembourg, Jacques Klein University of Luxembourg
17:40
20m
Talk
Mitigating Emergent Malware Label Noise in DNN-Based Android Malware Detection
Research Papers
haodong li Beijing University of Posts and Telecommunications, Xiao Cheng Macquarie University, Guohan Zhang Beijing University of Posts and Telecommunications, Guosheng Xu Beijing University of Posts and Telecommunications, Guoai Xu Harbin Institute of Technology, Shenzhen, Haoyu Wang Huazhong University of Science and Technology
DOI

Information for Participants
Mon 23 Jun 2025 16:00 - 18:00 at Aurora A - Mobile Apps Chair(s): Kelly Blincoe
Info for room Aurora A:

Aurora A is the first room in the Aurora wing.

When facing the main Cosmos Hall, access to the Aurora wing is on the right, close to the side entrance of the hotel.

:
:
:
: