Related papers: Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow

Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow

URL: http://arxiv.org/abs/2409.07926v2
Date: Sat, 14 Sep 2024 05:43:56 GMT
Title: Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow
Authors: Timothy Huo, Ana Catarina Araújo, Jake Imanaka, Anthony Peruma, Rick Kazman,
Abstract summary: We mine Stack Overflow for questions on mobile app security, which we analyze using quantitative and qualitative techniques. The findings reveal that Stack Overflow is a major resource for developers seeking help with mobile app security, especially for Android apps. Insights from this research can inform the development of tools, techniques, and resources by the research and vendor community.
Score: 10.342268145364242
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The widespread use of smartphones and tablets has made society heavily reliant on mobile applications (apps) for accessing various resources and services. These apps often handle sensitive personal, financial, and health data, making app security a critical concern for developers. While there is extensive research on software security topics like malware and vulnerabilities, less is known about the practical security challenges mobile app developers face and the guidance they seek. In this study, we mine Stack Overflow for questions on mobile app security, which we analyze using quantitative and qualitative techniques. The findings reveal that Stack Overflow is a major resource for developers seeking help with mobile app security, especially for Android apps, and identifies seven main categories of security questions: Secured Communications, Database, App Distribution Service, Encryption, Permissions, File-Specific, and General Security. Insights from this research can inform the development of tools, techniques, and resources by the research and vendor community to better support developers in securing their mobile apps.

Related papers

Foundations and Recent Trends in Multimodal Mobile Agents: A Survey [57.677161006710065]
Mobile agents are essential for automating tasks in complex and dynamic mobile environments. Recent advancements enhance real-time adaptability and multimodal interaction. We categorize these advancements into two main approaches: prompt-based methods and training-based methods.
arXiv Detail & Related papers (2024-11-04T11:50:58Z)
Security Analysis of Top-Ranked mHealth Fitness Apps: An Empirical Study [0.32885740436059047]
We investigate the security vulnerabilities of ten top-ranked Android health and fitness apps, a set that accounts for 237 million downloads. Our findings revealed many vulnerabilities, such as insecure coding, hardcoded sensitive information, over-privileged permissions, misconfiguration, and excessive communication with third-party domains.
arXiv Detail & Related papers (2024-09-27T08:11:45Z)
A Developer-Centric Study Exploring Mobile Application Security Practices and Challenges [10.342268145364242]
This study explores the common practices and challenges that developers face in securing their apps. Our findings show that developers place high importance on security, frequently implementing features such as authentication and secure storage. We envision our findings leading to improved security practices, better-designed tools and resources, and more effective training programs.
arXiv Detail & Related papers (2024-08-16T22:03:06Z)
Analysis of Longitudinal Changes in Privacy Behavior of Android Applications [79.71330613821037]
In this paper, we examine the trends in how Android apps have changed over time with respect to privacy. We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers. We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
arXiv Detail & Related papers (2021-12-28T16:21:31Z)
Android Security using NLP Techniques: A Review [1.218340575383456]
Android is among the most targeted platform by attackers. Traditional solutions based on static and dynamic analysis have been evolving. This study aims to explore possible research directions for future studies by presenting state-of-the-art in this domain.
arXiv Detail & Related papers (2021-07-07T08:33:00Z)
Context-Aware Target Apps Selection and Recommendation for Enhancing Personal Mobile Assistants [42.25496752260081]
This paper addresses two research problems that are vital for developing effective personal mobile assistants: target apps selection and recommendation. Here we focus on context-aware models to leverage the rich contextual information available to mobile devices. We propose a family of context-aware neural models that take into account the sequential, temporal, and personal behavior of users.
arXiv Detail & Related papers (2021-01-09T17:07:47Z)
Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)
Urban Sensing based on Mobile Phone Data: Approaches, Applications and Challenges [67.71975391801257]
Much concern in mobile data analysis is related to human beings and their behaviours. This work aims to review the methods and techniques that have been implemented to discover knowledge from mobile phone data.
arXiv Detail & Related papers (2020-08-29T15:14:03Z)
Emerging App Issue Identification via Online Joint Sentiment-Topic Tracing [66.57888248681303]
We propose a novel emerging issue detection approach named MERIT. Based on the AOBST model, we infer the topics negatively reflected in user reviews for one app version. Experiments on popular apps from Google Play and Apple's App Store demonstrate the effectiveness of MERIT.
arXiv Detail & Related papers (2020-08-23T06:34:05Z)
An Empirical Study on Developing Secure Mobile Health Apps: The Developers Perspective [0.0]
MHealth apps (mHealth apps for short) are becoming integral part of mobile and pervasive computing to improve the availability and quality of healthcare services. Despite the offered benefits, mHealth apps face a critical challenge, i.e., security of health critical data that is produced and consumed by the app. Several studies have revealed that security specific issues of mHealth apps have not been adequately addressed.
arXiv Detail & Related papers (2020-08-07T08:23:21Z)
SeMA: Extending and Analyzing Storyboards to Develop Secure Android Apps [0.0]
SeMA is a mobile app development methodology that builds on existing mobile app design artifacts such as storyboards. An evaluation of the effectiveness of SeMA shows the methodology can detect and help prevent 49 vulnerabilities known to occur in Android apps.
arXiv Detail & Related papers (2020-01-27T20:10:52Z)

This list is automatically generated from the titles and abstracts of the papers in this site.