移动应用程序安全趋势和主题:对 Stack Overflow 问题的研究

Timothy Huo, Ana Catarina Araújo, Jake Imanaka, Anthony Peruma, Rick Kazman
{"title":"移动应用程序安全趋势和主题:对 Stack Overflow 问题的研究","authors":"Timothy Huo, Ana Catarina Araújo, Jake Imanaka, Anthony Peruma, Rick Kazman","doi":"arxiv-2409.07926","DOIUrl":null,"url":null,"abstract":"The widespread use of smartphones and tablets has made society heavily\nreliant on mobile applications (apps) for accessing various resources and\nservices. These apps often handle sensitive personal, financial, and health\ndata, making app security a critical concern for developers. While there is\nextensive research on software security topics like malware and\nvulnerabilities, less is known about the practical security challenges mobile\napp developers face and the guidance they seek. \\rev{In this study, we mine\nStack Overflow for questions on mobile app security, which we analyze using\nquantitative and qualitative techniques.} The findings reveal that Stack\nOverflow is a major resource for developers seeking help with mobile app\nsecurity, especially for Android apps, and identifies seven main categories of\nsecurity questions: Secured Communications, Database, App Distribution Service,\nEncryption, Permissions, File-Specific, and General Security. Insights from\nthis research can inform the development of tools, techniques, and resources by\nthe research and vendor community to better support developers in securing\ntheir mobile apps.","PeriodicalId":501278,"journal":{"name":"arXiv - CS - Software Engineering","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow\",\"authors\":\"Timothy Huo, Ana Catarina Araújo, Jake Imanaka, Anthony Peruma, Rick Kazman\",\"doi\":\"arxiv-2409.07926\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The widespread use of smartphones and tablets has made society heavily\\nreliant on mobile applications (apps) for accessing various resources and\\nservices. These apps often handle sensitive personal, financial, and health\\ndata, making app security a critical concern for developers. While there is\\nextensive research on software security topics like malware and\\nvulnerabilities, less is known about the practical security challenges mobile\\napp developers face and the guidance they seek. \\\\rev{In this study, we mine\\nStack Overflow for questions on mobile app security, which we analyze using\\nquantitative and qualitative techniques.} The findings reveal that Stack\\nOverflow is a major resource for developers seeking help with mobile app\\nsecurity, especially for Android apps, and identifies seven main categories of\\nsecurity questions: Secured Communications, Database, App Distribution Service,\\nEncryption, Permissions, File-Specific, and General Security. Insights from\\nthis research can inform the development of tools, techniques, and resources by\\nthe research and vendor community to better support developers in securing\\ntheir mobile apps.\",\"PeriodicalId\":501278,\"journal\":{\"name\":\"arXiv - CS - Software Engineering\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.07926\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.07926","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

智能手机和平板电脑的广泛使用使社会高度依赖移动应用程序(App)来访问各种资源和服务。这些应用程序通常会处理敏感的个人、财务和健康数据,因此应用程序的安全性成为开发人员关注的焦点。虽然对恶意软件和漏洞等软件安全主题有广泛的研究,但对移动应用开发者面临的实际安全挑战和他们寻求的指导却知之甚少。\rev{在这项研究中,我们挖掘了Stack Overflow中有关移动应用安全的问题,并使用定量和定性技术对其进行了分析。}研究结果表明,StackOverflow 是开发人员寻求移动应用程序安全帮助的主要资源,尤其是针对安卓应用程序,并确定了七大类安全问题:安全通信、数据库、应用程序分发服务、加密、权限、特定文件和一般安全。这项研究的启示可以为研究人员和供应商开发工具、技术和资源提供参考,从而更好地支持开发人员保护其移动应用程序的安全。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow
The widespread use of smartphones and tablets has made society heavily reliant on mobile applications (apps) for accessing various resources and services. These apps often handle sensitive personal, financial, and health data, making app security a critical concern for developers. While there is extensive research on software security topics like malware and vulnerabilities, less is known about the practical security challenges mobile app developers face and the guidance they seek. \rev{In this study, we mine Stack Overflow for questions on mobile app security, which we analyze using quantitative and qualitative techniques.} The findings reveal that Stack Overflow is a major resource for developers seeking help with mobile app security, especially for Android apps, and identifies seven main categories of security questions: Secured Communications, Database, App Distribution Service, Encryption, Permissions, File-Specific, and General Security. Insights from this research can inform the development of tools, techniques, and resources by the research and vendor community to better support developers in securing their mobile apps.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信