{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T20:03:24Z","timestamp":1778789004072,"version":"3.51.4"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030616373","type":"print"},{"value":"9783030616380","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-61638-0_29","type":"book-chapter","created":{"date-parts":[[2020,10,13]],"date-time":"2020-10-13T23:08:28Z","timestamp":1602630508000},"page":"523-541","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["On the Evolution of Security Issues in\u00a0Android App Versions"],"prefix":"10.1007","author":[{"given":"Anatoli","family":"Kalysch","sequence":"first","affiliation":[]},{"given":"Joschua","family":"Schilling","sequence":"additional","affiliation":[]},{"given":"Tilo","family":"M\u00fcller","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,10,14]]},"reference":[{"key":"29_CR1","unstructured":"APKpure Inc.: APKPure (2014). \nhttps:\/\/apkpure.com\n\n. Accessed 13 Mar 2020"},{"key":"29_CR2","unstructured":"Burns, J.: Mobile application security on Android. In: Black Hat 2009 (2009)"},{"key":"29_CR3","doi-asserted-by":"crossref","unstructured":"Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239\u2013252. ACM (2011)","DOI":"10.1145\/1999995.2000018"},{"key":"29_CR4","doi-asserted-by":"crossref","unstructured":"Clark, S., Frei, S., Blaze, M., Smith, J.: Familiarity breeds contempt: the honeymoon effect and the role of legacy code in zero-day vulnerabilities. In: Proceedings of the 26th Annual Computer Security Applications Conference, pp. 251\u2013260 (2010)","DOI":"10.1145\/1920261.1920299"},{"key":"29_CR5","doi-asserted-by":"crossref","unstructured":"Egele, M., Brumley, D., Fratantonio, Y., Kruegel, C.: An empirical study of cryptographic misuse in Android applications. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 73\u201384 (2013)","DOI":"10.1145\/2508859.2516693"},{"key":"29_CR6","unstructured":"Enck, W., Octeau, D., McDaniel, P.D., Chaudhuri, S.: A study of Android application security. In: USENIX Security Symposium, vol. 2, p. 2 (2011)"},{"key":"29_CR7","doi-asserted-by":"crossref","unstructured":"Fratantonio, Y., Qian, C., Chung, S.P., Lee, W.: Cloak and dagger: from two permissions to complete control of the UI feedback loop. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 1041\u20131057. IEEE (2017)","DOI":"10.1109\/SP.2017.39"},{"key":"29_CR8","doi-asserted-by":"crossref","unstructured":"Gao, J., Li, L., Kong, P., Bissyand\u00e9, T.F., Klein, J.: Understanding the evolution of Android app vulnerabilities. IEEE Trans. Reliab. (2019)","DOI":"10.1109\/TR.2019.2956690"},{"key":"29_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-642-37300-8_4","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S Hanna","year":"2013","unstructured":"Hanna, S., Huang, L., Wu, E., Li, S., Chen, C., Song, D.: Juxtapp: a scalable system for detecting code reuse among Android applications. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 62\u201381. Springer, Heidelberg (2013). \nhttps:\/\/doi.org\/10.1007\/978-3-642-37300-8_4"},{"key":"29_CR10","doi-asserted-by":"crossref","unstructured":"Hay, R., Tripp, O., Pistoia, M.: Dynamic detection of inter-application communication vulnerabilities in Android. In: Proceedings of the 2015 International Symposium on Software Testing and Analysis, pp. 118\u2013128. ACM (2015)","DOI":"10.1145\/2771783.2771800"},{"key":"29_CR11","doi-asserted-by":"crossref","unstructured":"Jang, Y., Song, C., Chung, S.P., Wang, T., Lee, W.: A11y attacks: exploiting accessibility in operating systems. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 103\u2013115. ACM (2014)","DOI":"10.1145\/2660267.2660295"},{"key":"29_CR12","doi-asserted-by":"crossref","unstructured":"Jimenez, M., Papadakis, M., Bissyand\u00e9, T.F., Klein, J.: Profiling Android vulnerabilities. In: 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp. 222\u2013229. IEEE (2016)","DOI":"10.1109\/QRS.2016.34"},{"key":"29_CR13","doi-asserted-by":"crossref","unstructured":"Kalysch, A., Bove, D., M\u00fcller, T.: How Android\u2019s UI security is undermined by accessibility. In: Proceedings of the 2nd Reversing and Offensive-Oriented Trends Symposium, pp. 1\u201310 (2018)","DOI":"10.1145\/3289595.3289597"},{"key":"29_CR14","unstructured":"Kalysch, A., Deutel, M., M\u00fcller, T.: Template-based Android inter process communication fuzzing. In: Proceedings of the 12th International Conference on Availability, Reliability and Security. ACM (2020). \nhttps:\/\/faui1-files.cs.fau.de\/public\/publications\/Template_based_Android_Inter_Process_Communication_Fuzzing.pdf"},{"key":"29_CR15","doi-asserted-by":"crossref","unstructured":"Li, L., et al.: IccTA: detecting inter-component privacy leaks in Android apps. In: Proceedings of the 37th International Conference on Software Engineering-Volume 1, pp. 280\u2013291. IEEE Press (2015)","DOI":"10.1109\/ICSE.2015.48"},{"key":"29_CR16","doi-asserted-by":"crossref","unstructured":"Linares-V\u00e1squez, M., Bavota, G., Escobar-Vel\u00e1squez, C.: An empirical study on Android-related vulnerabilities. In: 2017 IEEE\/ACM 14th International Conference on Mining Software Repositories (MSR), pp. 2\u201313. IEEE (2017)","DOI":"10.1109\/MSR.2017.60"},{"key":"29_CR17","doi-asserted-by":"crossref","unstructured":"Maji, A.K., Arshad, F.A., Bagchi, S., Rellermeyer, J.S.: An empirical study of the robustness of inter-component communication in Android. In: 2012 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1\u201312. IEEE (2012)","DOI":"10.1109\/DSN.2012.6263963"},{"key":"29_CR18","unstructured":"OWASP Foundation: Mobile top 10 (2016). \nhttps:\/\/www.owasp.org\/index.php\/Mobile_Top_10_2016-Top_10\n\n. Accessed 22 June 2020"},{"key":"29_CR19","unstructured":"OWASP Foundation: Owasp mobile security project (2017). \nhttps:\/\/www.owasp.org\/index.php\/OWASP_Mobile_Security_Project\n\n. Accessed 22 June 2020"},{"key":"29_CR20","doi-asserted-by":"crossref","unstructured":"Ranganath, V.P., Mitra, J.: Are free Android app security analysis tools effective in detecting known vulnerabilities? arXiv preprint \narXiv:1806.09059\n\n (2018)","DOI":"10.1007\/s10664-019-09749-y"},{"issue":"1","key":"29_CR21","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1504\/IJSN.2014.059327","volume":"9","author":"M Rangwala","year":"2014","unstructured":"Rangwala, M., Zhang, P., Zou, X., Li, F.: A taxonomy of privilege escalation attacks in Android applications. Int. J. Secure. Network. 9(1), 40\u201355 (2014)","journal-title":"Int. J. Secure. Network."},{"issue":"6","key":"29_CR22","doi-asserted-by":"publisher","first-page":"492","DOI":"10.1109\/TSE.2016.2615307","volume":"43","author":"A Sadeghi","year":"2016","unstructured":"Sadeghi, A., Bagheri, H., Garcia, J., Malek, S.: A taxonomy and qualitative comparison of program analysis techniques for security assessment of Android software. IEEE Trans. Software Eng. 43(6), 492\u2013530 (2016)","journal-title":"IEEE Trans. Software Eng."},{"key":"29_CR23","doi-asserted-by":"crossref","unstructured":"Sadeghi, A., Bagheri, H., Malek, S.: Analysis of Android inter-app security vulnerabilities using covert. In: Proceedings of the 37th International Conference on Software Engineering-Volume 2, pp. 725\u2013728. IEEE Press (2015)","DOI":"10.1109\/ICSE.2015.233"},{"key":"29_CR24","doi-asserted-by":"crossref","unstructured":"Sasnauskas, R., Regehr, J.: Intent fuzzer: crafting intents of death. In: Proceedings of the 2014 Joint International Workshop on Dynamic Analysis (WODA) and Software and System Performance Testing, Debugging, and Analytics (PERTEA), pp. 1\u20135. ACM (2014)","DOI":"10.1145\/2632168.2632169"},{"key":"29_CR25","doi-asserted-by":"crossref","unstructured":"Scandariato, R., Walden, J.: Predicting vulnerable classes in an Android application. In: Proceedings of the 4th International Workshop on Security Measurements and Metrics, pp. 11\u201316 (2012)","DOI":"10.1145\/2372225.2372231"},{"key":"29_CR26","doi-asserted-by":"crossref","unstructured":"Sch\u00fctte, J., Fedler, R., Titze, D.: ConDroid: targeted dynamic analysis of Android applications. In: 2015 IEEE 29th International Conference on Advanced Information Networking and Applications, pp. 571\u2013578. IEEE (2015)","DOI":"10.1109\/AINA.2015.238"},{"key":"29_CR27","doi-asserted-by":"crossref","unstructured":"Sounthiraraj, D., Sahs, J., Greenwood, G., Lin, Z., Khan, L.: SMV-HUNTER: large scale, automated detection of SSL\/TLS man-in-the-middle vulnerabilities in Android apps. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS 2014). Citeseer (2014)","DOI":"10.14722\/ndss.2014.23205"},{"key":"29_CR28","doi-asserted-by":"crossref","unstructured":"Taylor, V.F., Martinovic, I.: To update or not to update: insights from a two-year study of Android app evolution. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 45\u201357 (2017)","DOI":"10.1145\/3052973.3052990"},{"key":"29_CR29","doi-asserted-by":"crossref","unstructured":"Wang, H., et al.: Vulnerability assessment of OAuth implementations in Android applications. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 61\u201370 (2015)","DOI":"10.1145\/2818000.2818024"},{"key":"29_CR30","doi-asserted-by":"crossref","unstructured":"Wei, F., Roy, S., Ou, X., et al.: Amandroid: a precise and general inter-component data flow analysis framework for security vetting of Android apps. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1329\u20131341. ACM (2014)","DOI":"10.1145\/2660267.2660357"},{"issue":"2","key":"29_CR31","first-page":"155","volume":"9","author":"P Xia","year":"2014","unstructured":"Xia, P., Matsushita, M., Yoshida, N., Inoue, K.: Studying reuse of out-dated third-party code in open source projects. Inf. Media Technol. 9(2), 155\u2013161 (2014)","journal-title":"Inf. Media Technol."}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security Workshops"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-61638-0_29","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,10,13]],"date-time":"2020-10-13T23:28:44Z","timestamp":1602631724000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-61638-0_29"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030616373","9783030616380"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-61638-0_29","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"14 October 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACNS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Cryptography and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rome","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 October 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 October 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acns2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/sites.google.com\/di.uniroma1.it\/ACNS2020","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"214","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"46","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.7","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Due to the Corona pandemic the conference was held virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}