Characterizing the Global Mobile App Developers: A Large-Scale Empirical Study

Wang, Haoyu; Wang, Xupu; Guo, Yao

doi:10.1109/mobilesoft.2019.00031

Cited by 14 publications

(7 citation statements)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Previous work leveraged static [22] and dynamic [41,79,109] analysis to identify security and privacy threats in mobile apps, reporting on: malicious and insecure behaviors [30,77,83,100,110,114,127], presence of third-party code [90,103,108,112,117] and lack of transparency when it comes to privacy [99,134]. Researchers have shown that privacy issues can occur in all types of Android apps, regardless of their origin [51,126], or target audience [113,123].…”

Section: Related Workmentioning

confidence: 99%

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Pradeep

Feal

Gamba

et al. 2023

PoPETs

View full text Add to dashboard Cite

The transparency and privacy behavior of mobile browsers has remained widely unexplored by the research community. In fact, as opposed to regular Android apps, mobile browsers may present contradicting privacy behaviors. On the one end, they can have access to (and can expose) a unique combination of sensitive user data, from users’ browsing history to permission-protected personally identifiable information (PII) such as unique identifiers and geolocation. However, on the other end, they also are in a unique position to protect users’ privacy by limiting data sharing with other parties by implementing ad-blocking features. In this paper, we perform a comparative and empirical analysis on how hundreds of Android web browsers protect or expose user data during browsing sessions. To this end, we collect the largest dataset of Android browsers to date, from the Google Play Store and four Chinese app stores. Then, we developed a novel analysis pipeline that combines static and dynamic analysis methods to find a wide range of privacy-enhancing (e.g., ad-blocking) and privacy-harming behaviors (e.g., sending browsing histories to third parties, not validating TLS certificates, and exposing PII---including non-resettable identifiers---to third parties) across browsers. We find that various popular apps on both Google Play and Chinese stores have these privacy-harming behaviors, including apps that claim to be privacy-enhancing in their descriptions. Overall, our study not only provides new insights into important yet overlooked considerations for browsers’ adoption and transparency, but also that automatic app analysis systems (e.g., sandboxes) need context-specific analysis to reveal such privacy behaviors.

show abstract

Section: Related Workmentioning

confidence: 99%

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Pradeep

Feal

Gamba

et al. 2023

PoPETs

View full text Add to dashboard Cite

show abstract

“…They observed that although the overall ecosystem shows promising progress, there still exists a considerable number of unsolved security issues. Besides, some studies were focused on app developers [56,59,62], app market maintenance behaviors [54,57,58], app clone detection [35,36,52], third-party libraries [25,40,50,64,65], security [24,31,32,38,39,49,55,68,69] and privacy issues [37,44,45,50,51,63] of the ecosystem, based on app binary analysis, UI analysis, app traffic analysis, and app metadata analysis, etc. This paper, investigates the mobile app ecosystem from a novel perspective, to understanding how the dynamic trajectory of the COVID-19 pandemic shapes mobile smartphone users' experiences.…”

Section: Related Work On the Mobile App Ecosystemmentioning

confidence: 99%

A Tale of Two Countries: A Longitudinal Cross-Country Study of Mobile Users' Reactions to the COVID-19 Pandemic Through the Lens of App Popularity

Wang,

Wang

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

The ongoing COVID-19 pandemic has profoundly impacted people's life around the world, including how they interact with mobile technologies. In this paper, we seek to develop an understanding of how the dynamic trajectory of a pandemic shapes mobile phone users' experiences. Through the lens of app popularity, we approach this goal from a cross-country perspective. We compile a dataset consisting of six-month daily snapshots of the most popular apps in the iOS App Store in China and the US, where the pandemic has exhibited distinct trajectories. Using this longitudinal dataset, our analysis provides detailed patterns of app ranking during the pandemic at both category and individual app levels. We reveal that app categories' rankings are correlated with the pandemic, contingent upon country-specific development trajectories. Our work offers rich insights into how the COVID-19, a typical global public health crisis, has influence people's day-to-day interaction with the Internet and mobile technologies.

show abstract

“…Mobile Ad Fraud Detection. Various research studies are proposed to investigate the malicious and fraudulent behaviors of mobile app developers [79,81], who aim to entice users to click ads or push notifications [21,28,29,50,52]. Our approach, targeting the devious behavior of advertisers, can be considered as a supplement of these studies towards building a trustworthy and clean ecosystem for mobile advertising.…”

Section: Related Workmentioning

confidence: 99%

MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps

Liu

Wang

et al. 2020

Proceedings of the Web Conference 2020

Self Cite

View full text Add to dashboard Cite

Advertisement drives the economy of the mobile app ecosystem. As a key component in the mobile ad business model, mobile ad content has been overlooked by the research community, which poses a number of threats, e.g., propagating malware and undesirable contents. To understand the practice of these devious ad behaviors, we perform a large-scale study on the app contents harvested through automated app testing. In this work, we first provide a comprehensive categorization of devious ad contents, including five kinds of behaviors belonging to two categories: ad loading content and ad clicking content. Then, we propose MadDroid, a framework for automated detection of devious ad contents. MadDroid leverages an automated app testing framework with a sophisticated ad view exploration strategy for effectively collecting ad-related network traffic and subsequently extracting ad contents. We then integrate dedicated approaches into the framework to identify devious ad contents. We have applied MadDroid to 40,000 Android apps and found that roughly 6% of apps deliver devious ad contents, e.g., distributing malicious apps that cannot be downloaded via traditional app markets. Experiment results indicate that devious ad contents are prevalent, suggesting that our community should invest more effort into the detection and mitigation of devious ads towards building a trustworthy mobile advertising ecosystem. CCS CONCEPTS• Security and privacy → Software and application security; • Information systems → Online advertising; • Human-centered computing → Ubiquitous and mobile computing.

show abstract

Characterizing the Global Mobile App Developers: A Large-Scale Empirical Study

Cited by 14 publications

References 53 publications

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

A Tale of Two Countries: A Longitudinal Cross-Country Study of Mobile Users' Reactions to the COVID-19 Pandemic Through the Lens of App Popularity

MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps

Contact Info

Product

Resources

About