{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T18:54:10Z","timestamp":1775069650359,"version":"3.50.1"},"reference-count":122,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"10","license":[{"start":{"date-parts":[[2022,10,1]],"date-time":"2022-10-01T00:00:00Z","timestamp":1664582400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,10,1]],"date-time":"2022-10-01T00:00:00Z","timestamp":1664582400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,10,1]],"date-time":"2022-10-01T00:00:00Z","timestamp":1664582400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001321","name":"National Research Foundation","doi-asserted-by":"publisher","award":["AISG2-RP-2020-019"],"award-info":[{"award-number":["AISG2-RP-2020-019"]}],"id":[{"id":"10.13039\/501100001321","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001321","name":"National Research Foundation","doi-asserted-by":"publisher","award":["NRFI06-2020-0022-0001"],"award-info":[{"award-number":["NRFI06-2020-0022-0001"]}],"id":[{"id":"10.13039\/501100001321","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Cybersecurity R&#x0026;D Program","award":["NRF2018NCR-NCR005-0001"],"award-info":[{"award-number":["NRF2018NCR-NCR005-0001"]}]},{"name":"National Cybersecurity R&#x0026;D Program","award":["NRF2018NCR-NSOE003-0001"],"award-info":[{"award-number":["NRF2018NCR-NSOE003-0001"]}]},{"DOI":"10.13039\/501100001381","name":"Singapore National Research Foundation","doi-asserted-by":"crossref","award":["NRF2018NCR-NSOE004-0001"],"award-info":[{"award-number":["NRF2018NCR-NSOE004-0001"]}],"id":[{"id":"10.13039\/501100001381","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100000923","name":"Australian Research Council","doi-asserted-by":"publisher","award":["DE200100016"],"award-info":[{"award-number":["DE200100016"]}],"id":[{"id":"10.13039\/501100000923","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100000923","name":"Australian Research Council","doi-asserted-by":"publisher","award":["DP200100020"],"award-info":[{"award-number":["DP200100020"]}],"id":[{"id":"10.13039\/501100000923","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Hong Kong RGC Projects","award":["PolyU15222317"],"award-info":[{"award-number":["PolyU15222317"]}]},{"name":"Hong Kong RGC Projects","award":["PolyU15223918"],"award-info":[{"award-number":["PolyU15223918"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62102284"],"award-info":[{"award-number":["62102284"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62102197"],"award-info":[{"award-number":["62102197"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IIEEE Trans. Software Eng."],"published-print":{"date-parts":[[2022,10,1]]},"DOI":"10.1109\/tse.2021.3114381","type":"journal-article","created":{"date-parts":[[2021,9,21]],"date-time":"2021-09-21T20:13:45Z","timestamp":1632255225000},"page":"4181-4213","source":"Crossref","is-referenced-by-count":41,"title":["Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature Review"],"prefix":"10.1109","volume":"48","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9814-5977","authenticated-orcid":false,"given":"Xian","family":"Zhan","sequence":"first","affiliation":[{"name":"Hong Kong Polytechnic University, Hong Kong"}]},{"given":"Tianming","family":"Liu","sequence":"additional","affiliation":[{"name":"Monash University, Clayton, VIC, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2428-9297","authenticated-orcid":false,"given":"Lingling","family":"Fan","sequence":"additional","affiliation":[{"name":"College of Cyber Science, Nankai University, Nankai, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2990-1614","authenticated-orcid":false,"given":"Li","family":"Li","sequence":"additional","affiliation":[{"name":"Monash University, Clayton, VIC, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9477-4100","authenticated-orcid":false,"given":"Sen","family":"Chen","sequence":"additional","affiliation":[{"name":"College of Intelligence and Computing, Tianjin University, Tianjin, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9082-3208","authenticated-orcid":false,"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[{"name":"Hong Kong Polytechnic University, Hong Kong"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7300-9215","authenticated-orcid":false,"given":"Yang","family":"Liu","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Nanyang Technological University, Singapore, Singapore"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-C.2017.79"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-C.2017.161"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/Trustcom\/BigDataSE\/ICESS.2017.230"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2656460"},{"key":"ref7","first-page":"314","article-title":"Android applications: Data leaks via advertising libraries","volume-title":"Proc. Int. Symp. Inf. Theory Appl.","author":"Moonsamy"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/MASS.2014.131"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23082"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2016.55"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2886875"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2018.11.049"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ICSA.2017.18"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2013.6654845"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523652"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2742647.2742668"},{"key":"ref17","article-title":"AdSplit: Separating smartphone advertising from applications","volume-title":"Proc. 21st USENIX Conf. Secur. Symp.","author":"Shekhar"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414498"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236045"},{"key":"ref20","first-page":"57","article-title":"DECAF: Detecting and characterizing ad fraud in mobile app","volume-title":"Proc. 11th USENIX Conf. Netw. Syst. Des. Implementation","author":"Liu"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/2594368.2594391"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380242"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978333"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300020"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134048"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/3395351.3399346"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00150"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2185448.2185464"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236056"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00068"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3368089.3409689"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME46990.2020.00014"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2019.8667975"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2016.52"},{"key":"ref35","first-page":"659","article-title":"Finding unknown malice in 10 seconds: Mass vetting for new threats at the Google-play scale","volume-title":"Proc. 24th USENIX Conf. Secur. Symp.","author":"Kai"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1145\/2133601.2133640"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664275"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2016.67"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2017.2730198"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.38"},{"key":"ref41","first-page":"653","article-title":"LibRadar: Fast and accurate detection of third-party libraries in android apps","volume-title":"Proc. IEEE\/ACM 38th Int. Conf. Softw. Eng. Companion","author":"Ma"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330563"},{"key":"ref43","first-page":"13","article-title":"ORLIS: Obfuscation-resilient library detection for android","volume-title":"Proc. IEEE\/ACM 5th Int. Conf. Mobile Softw. Eng. Syst.","author":"Wang"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/2601248.2601268"},{"key":"ref45","article-title":"Guidelines for performing systematic literature reviews in software engineering","year":"2007"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2017.04.001"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2901679"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2018.2865733"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2018.8486010"},{"key":"ref55","first-page":"1373","article-title":"Automated detection and classification of third-party libraries in large scale android apps","volume":"28","year":"2017","journal-title":"J. Softw. Chin."},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2019.2953609"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2872958"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23485"},{"key":"ref59","first-page":"919","article-title":"Automated third-party library detection for android applications: Are we there yet?","volume-title":"Proc. 35th IEEE\/ACM Int. Conf. Automated Softw. Eng.","author":"Zhan"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/SANER48275.2020.9054845"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1145\/3395351.3399346"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2020.3003336"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2020.2983399"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-019-09766-x"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313549"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-019-09754-1"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2019.8668009"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2018.8330204"},{"key":"ref69","first-page":"255","article-title":"Do developers update third-party libraries in mobile apps?","volume-title":"Proc. IEEE\/ACM 26th Int. Conf. Program Comprehension","author":"Salza"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1145\/3177102.3177113"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-018-5456-4"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/CANDARW.2018.00088"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2017.23"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1145\/3131704.3131721"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134059"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-59870-3_5"},{"key":"ref77","first-page":"1","article-title":"What aspects of mobile ads do users care about? An empirical study of mobile in-app ad reviews","author":"Gui"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23407"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_23"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.29"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC.2016.017"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2014.81"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23234"},{"key":"ref84","first-page":"1","article-title":"The price of free: Privacy leakage in personalized mobile in-app ads","volume-title":"Proc. 23rd Annu. Netw. Distrib. Syst. Secur. Symp.","author":"Wei"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1145\/2742647.2742653"},{"key":"ref86","first-page":"1","article-title":"An empirical study of mobile ad targeting","author":"Book"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2015.23008"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.32"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2015.62"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/Trustcom.2015.377"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1109\/ISSNIP.2014.6827639"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590314"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557560"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1145\/2627393.2627404"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1145\/2627393.2627396"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOMW.2014.6849290"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2014.79"},{"key":"ref98","first-page":"1021","article-title":"Brahmastra: Driving apps to test the security of third-party components","volume-title":"Proc. 23rd USENIX Secur. Symp.","author":"Bhoraskar"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1145\/2516760.2516762"},{"key":"ref100","article-title":"Longitudinal analysis of android ad library permissions","volume-title":"Proc. Mobile Secur. Technol.","author":"Book"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36516-4_7"},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.2012.6405311"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1145\/2162081.2162084"},{"key":"ref104","first-page":"1","article-title":"Investigating user privacy in android ad libraries","volume-title":"Proc. Workshop Mobile Secur. Technol.","author":"Stevens"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1145\/2398776.2398812"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2016.2615307"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00069"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3077654"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1109\/ICPC.2016.7503721"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766508"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37300-8_4"},{"key":"ref113","doi-asserted-by":"publisher","DOI":"10.1145\/2627393.2627395"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568286"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-43936-4_9"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40203-6_11"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1145\/2771783.2771795"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435377"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00083"},{"key":"ref134","article-title":"QUIRE: Lightweight provenance for smart phone operating systems","volume-title":"Proc. 20th USENIX Conf. Secur.","author":"Dietz"},{"issue":"4","key":"ref139","doi-asserted-by":"crossref","first-page":"331","DOI":"10.1023\/A:1021240730564","article-title":"Hybrid recommender systems: Survey and experiments","volume":"12","author":"Burke","year":"2002","journal-title":"User Model. User-Adapted Interact."},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.1162\/jmlr.2003.3.4-5.993"},{"key":"ref141","doi-asserted-by":"publisher","DOI":"10.1109\/MobileSoft52590.2021.00013"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2901679"},{"key":"ref144","doi-asserted-by":"publisher","DOI":"10.1109\/ISDFS.2018.8355388"},{"key":"ref145","doi-asserted-by":"publisher","DOI":"10.1145\/3417978"},{"key":"ref146","first-page":"3","article-title":"A survey of android security threats and defenses","volume":"6","author":"Rashidi","year":"2015","journal-title":"J. Wireless Mob. Netw. Ubiquitous Comput. Dependable Appl."},{"key":"ref147","doi-asserted-by":"publisher","DOI":"10.1145\/2733306"},{"key":"ref148","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2014.2386139"},{"key":"ref149","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.89"}],"container-title":["IEEE Transactions on Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/32\/9923560\/09542854.pdf?arnumber=9542854","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T23:03:39Z","timestamp":1705014219000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9542854\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,1]]},"references-count":122,"journal-issue":{"issue":"10"},"URL":"https:\/\/doi.org\/10.1109\/tse.2021.3114381","relation":{},"ISSN":["0098-5589","1939-3520","2326-3881"],"issn-type":[{"value":"0098-5589","type":"print"},{"value":"1939-3520","type":"electronic"},{"value":"2326-3881","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,1]]}}}