What did really change with the new release of the app?

Calciati, Paolo and Kuznetsov, Konstantin and Bai, Xue and Gorla, Alessandra (2018). What did really change with the new release of the app?. In: "15th International Conference on Mining Software Repositories (MSR '18)", 28-29 May 2018, Gothenburg, Suecia. ISBN 978-1-4503-5716-6. pp. 142-152. https://doi.org/10.1145/3196398.3196449.

Description

Title: What did really change with the new release of the app?
Author/s:
  • Calciati, Paolo
  • Kuznetsov, Konstantin
  • Bai, Xue
  • Gorla, Alessandra
Item Type: Presentation at Congress or Conference (Article)
Event Title: 15th International Conference on Mining Software Repositories (MSR '18)
Event Dates: 28-29 May 2018
Event Location: Gothenburg, Suecia
Title of Book: Proceedings of the 15th International Conference on Mining Software Repositories
Date: 2018
ISBN: 978-1-4503-5716-6
Volume: 1
Subjects:
Freetext Keywords: Android; App evolution; Behavior change
Faculty: E.T.S. de Ingenieros Informáticos (UPM)
Department: Otro
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (3MB) | Preview

Abstract

The mobile app market is evolving at a very fast pace. In order to stay in the market and fulfill user's growing demands, developers have to continuously update their apps either to fix issues or to add new features. Users and market managers may have a hard time understanding what really changed in a new release though, and therefore may not make an informative guess of whether updating the app is recommendable, or whether it may pose new security and privacy threats for the user. We propose a ready-to-use framework to analyze the evolution of Android apps. Our framework extracts and visualizes various information ---such as how an app uses sensitive data, which third-party libraries it relies on, which URLs it connects to, etc.--- and combines it to create a comprehensive report on how the app evolved. Besides, we present the results of an empirical study on 235 applications with at least 50 releases using our framework. Our analysis reveals that Android apps tend to have more leaks of sensitive data over time, and that the majority of API calls relative to dangerous permissions are added to the code in releases posterior to the one where the corresponding permission was requested.

Funding Projects

TypeCodeAcronymLeaderTitle
Madrid Regional GovernmentS2013/ICE- 2731N-Greens SoftwareUniversidad Politécnica de MadridNext-GeneRation Energy-EfficieNt Secure Software
FP7291803AMAROUT IIImdea SoftwareUnspecified
Government of SpainTIN2015- 70713-RDEDETISImdea SoftwareDetección y defensa contra amenazas a la sociedad de información

More information

Item ID: 53928
DC Identifier: http://oa.upm.es/53928/
OAI Identifier: oai:oa.upm.es:53928
DOI: 10.1145/3196398.3196449
Official URL: https://dl.acm.org/citation.cfm?id=3196449
Deposited by: Memoria Investigacion
Deposited on: 26 Mar 2019 10:27
Last Modified: 26 Mar 2019 10:27
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM