Bitte benutzen Sie diese Kennung, um auf die Ressource zu verweisen:
https://doi.org/10.21256/zhaw-22733
Publikationstyp: | Beitrag in wissenschaftlicher Zeitschrift |
Art der Begutachtung: | Peer review (Publikation) |
Titel: | Exposed! : a case study on the vulnerability-proneness of Google Play Apps |
Autor/-in: | Di Sorbo, Andrea Panichella, Sebastiano |
et. al: | No |
DOI: | 10.1007/s10664-021-09978-0 10.21256/zhaw-22733 |
Erschienen in: | Empirical Software Engineering |
Band(Heft): | 26 |
Heft: | 4 |
Seite(n): | 78 |
Erscheinungsdatum: | 8-Jun-2021 |
Verlag / Hrsg. Institution: | Springer |
ISSN: | 1382-3256 1573-7616 |
Sprache: | Englisch |
Fachgebiet (DDC): | 005: Computerprogrammierung, Programme und Daten |
Zusammenfassung: | Mobile applications are used for accomplishing everyday life activities, such as shopping, banking, and social communications. To leverage the features of mobile apps, users often need to share sensitive information. However, recent research demonstrated that most of such apps present critical security and privacy defects. In this context, we define as vulnerability-proneness the risk level(s) that users meet in downloading specific apps, to better understand whether (1) users select apps with lower risk levels and if (2) vulnerability-proneness of an app might affect its success. We use as proxy to measure such risk level the “number of different types of potential security issues exhibited by the app”. We conjecture that the vulnerability-proneness levels may vary based on (i) the types of data handled by the app, and (ii) the operations for which the app is supposed to be used. Hence, we investigate how the vulnerability-proneness of apps varies when observing (i) different app categories, and (ii) apps with different success levels. Finally, to increase the awareness of both users and developers on the vulnerability-proneness of apps, we evaluate the extent to which contextual information provided by the app market can be exploited to estimate the vulnerability-proneness levels of mobile apps. Results of our study show that apps in the Medical category exhibit the lowest levels of vulnerability-proneness. Besides, while no strong relations between vulnerability-proneness and average rating are observed, apps with a higher number of downloads tend to have higher vulnerability-proneness levels, but lower vulnerability-proneness density. Finally, we found that apps’ contextual information can be used to predict, in the early stages, the vulnerability-proneness levels of mobile apps. |
Weitere Angaben: | This is a post-peer-review, pre-copyedit version of an article published in Empirical Software Engineering. The final authenticated version is available online at: https://doi.org/10.1007/s10664-021-09978-0 |
URI: | https://digitalcollection.zhaw.ch/handle/11475/22733 |
Volltext Version: | Akzeptierte Version |
Lizenz (gemäss Verlagsvertrag): | Lizenz gemäss Verlagsvertrag |
Gesperrt bis: | 2022-06-09 |
Departement: | School of Engineering |
Organisationseinheit: | Institut für Informatik (InIT) |
Publiziert im Rahmen des ZHAW-Projekts: | COSMOS – DevOps for Complex Cyber-physical Systems of Systems |
Enthalten in den Sammlungen: | Publikationen School of Engineering |
Dateien zu dieser Ressource:
Datei | Beschreibung | Größe | Format | |
---|---|---|---|---|
2021_DiSorbo-Panichella_Exposed-a-case-study-on-the-vulnerability-proneness-of-Google-Play-Apps.pdf | Accepted Version | 559.71 kB | Adobe PDF | Öffnen/Anzeigen |
Zur Langanzeige
Di Sorbo, A., & Panichella, S. (2021). Exposed! : a case study on the vulnerability-proneness of Google Play Apps. Empirical Software Engineering, 26(4), 78. https://doi.org/10.1007/s10664-021-09978-0
Di Sorbo, A. and Panichella, S. (2021) ‘Exposed! : a case study on the vulnerability-proneness of Google Play Apps’, Empirical Software Engineering, 26(4), p. 78. Available at: https://doi.org/10.1007/s10664-021-09978-0.
A. Di Sorbo and S. Panichella, “Exposed! : a case study on the vulnerability-proneness of Google Play Apps,” Empirical Software Engineering, vol. 26, no. 4, p. 78, Jun. 2021, doi: 10.1007/s10664-021-09978-0.
DI SORBO, Andrea und Sebastiano PANICHELLA, 2021. Exposed! : a case study on the vulnerability-proneness of Google Play Apps. Empirical Software Engineering. 8 Juni 2021. Bd. 26, Nr. 4, S. 78. DOI 10.1007/s10664-021-09978-0
Di Sorbo, Andrea, and Sebastiano Panichella. 2021. “Exposed! : A Case Study on the Vulnerability-Proneness of Google Play Apps.” Empirical Software Engineering 26 (4): 78. https://doi.org/10.1007/s10664-021-09978-0.
Di Sorbo, Andrea, and Sebastiano Panichella. “Exposed! : A Case Study on the Vulnerability-Proneness of Google Play Apps.” Empirical Software Engineering, vol. 26, no. 4, June 2021, p. 78, https://doi.org/10.1007/s10664-021-09978-0.
Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt, soweit nicht anderweitig angezeigt.