ISSTA 2025
Wed 25 - Sat 28 June 2025 Trondheim, Norway

This program is tentative and subject to change.

Wed 25 Jun 2025 16:50 - 17:15 at Aurora A - Mobile and Concurrency Testing

Android malware detection remains a critical challenge in cybersecurity research. Recent advancements leverage AI techniques, particularly deep neural networks (DNNs), to train a detection model, but their effectiveness is often compromised by the pronounced imbalance among malware families in commonly used training datasets. This imbalance leads to overfitting in dominant categories and poor performance in underrepresented ones, increasing predictive uncertainty for less common malware families. To address the suboptimal performance of many DNN models, we introduce MalTutor, a novel framework that enhances model robustness through an optimized training process. Our primary insight lies in transforming uncertainties from ‘‘liabilities’’ into ‘‘assets’’ by strategically incorporating them into DNN training methodologies. Specifically, we begin by evaluating the predictive uncertainty of DNN models throughout various training epochs, which guides our sample categorization. Incorporating Curriculum Learning strategies, we commence training with easy-to-learn samples with lower uncertainty, progressively incorporating difficult-to-learn ones with higher uncertainty. Our experimental results demonstrate that MalTutor significantly improves the performance of models trained on imbalanced datasets, increasing accuracy by 31.0%, elevating the F1 score by 138.8%, and specifically boosting the average accuracy in detecting various types of malicious apps by 133.9%. Our findings provide valuable insights into the potential benefits of incorporating uncertainty to improve the robustness of DNN models for prediction-oriented software engineering tasks.

This program is tentative and subject to change.

Wed 25 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:00 - 17:30
Mobile and Concurrency TestingResearch Papers / Tool Demonstrations at Aurora A
16:00
25m
Talk
Intention-based GUI Test Migration for Mobile Apps using Large Language Models
Research Papers
Shaoheng Cao Nanjing University, Minxue Pan Nanjing University, Yuanhong Lan Nanjing University, Xuandong Li Nanjing University
16:25
25m
Talk
GoPV: Detecting Blocking Concurrency Bugs Related to Shared-Memory Synchronization in Go
Research Papers
Wei Song Nanjing University of Science and Technology, Xiaofan Xu Nanjing University of Science and Technology, Jeff Huang Texas A&M University
16:50
25m
Talk
Understanding Model Weaknesses: A Path to Strengthening DNN-Based Android Malware Detection
Research Papers
haodong li Beijing University of Posts and Telecommunications, Xiao Cheng UNSW, Yanjie Zhao Huazhong University of Science and Technology, Guosheng Xu Beijing University of Posts and Telecommunications, Guoai Xu Harbin Institute of Technology, Shenzhen, Haoyu Wang Huazhong University of Science and Technology
17:15
15m
Demonstration
GoPV: A Static Analyzer for Finding Blocking Concurrency Bugs Due to Misuse of Shared-Memory Synchronization in Go
Tool Demonstrations
Xiaofan Xu Nanjing University of Science and Technology, Wei Song Nanjing University of Science and Technology, Jeff Huang Texas A&M University