{"title":"Mining apps for anomalies","authors":"A. Zeller","doi":"10.1145/2975961.2990476","DOIUrl":null,"url":null,"abstract":"When interacting with mobile apps, do users always get what they expect? We have mined thousands of Android apps for common features such as descriptions, APIs used, data flows, and (recently) user interfaces and callbacks. Associating these with each other allows us to detect outliers: Apps whose description does not fit their behavior; apps whose sensitive data flow is usual; and user interface elements whose text or icon suggests one action, but which actually are tied to other actions. Such anomalies not only reveal bugs, but actual security issues – and there is a huge treasure trove worth of data to be mined, abstracted, and analyzed.","PeriodicalId":106703,"journal":{"name":"Proceedings of the 5th International Workshop on Software Mining","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 5th International Workshop on Software Mining","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2975961.2990476","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
When interacting with mobile apps, do users always get what they expect? We have mined thousands of Android apps for common features such as descriptions, APIs used, data flows, and (recently) user interfaces and callbacks. Associating these with each other allows us to detect outliers: Apps whose description does not fit their behavior; apps whose sensitive data flow is usual; and user interface elements whose text or icon suggests one action, but which actually are tied to other actions. Such anomalies not only reveal bugs, but actual security issues – and there is a huge treasure trove worth of data to be mined, abstracted, and analyzed.