{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:31:54Z","timestamp":1750221114979,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":46,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,3,13]],"date-time":"2019-03-13T00:00:00Z","timestamp":1552435200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"JSPS Grant-in-Aid for Scientific Research B","award":["Grant Number 16H02832"],"award-info":[{"award-number":["Grant Number 16H02832"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,3,13]]},"DOI":"10.1145\/3292006.3300020","type":"proceedings-article","created":{"date-parts":[[2019,3,21]],"date-time":"2019-03-21T12:22:04Z","timestamp":1553170924000},"page":"13-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Understanding the Responsiveness of Mobile App Developers to Software Library Updates"],"prefix":"10.1145","author":[{"given":"Tatsuhiko","family":"Yasumatsu","sequence":"first","affiliation":[{"name":"Waseda University, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Takuya","family":"Watanabe","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Labs & Waseda University, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fumihiro","family":"Kanei","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Labs, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eitaro","family":"Shioji","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Labs, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mitsuaki","family":"Akiyama","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Labs, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tatsuya","family":"Mori","sequence":"additional","affiliation":[{"name":"Waseda University & RIKEN AIP, Tokyo, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,3,13]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Retrieved","author":"Inc. {n. d.}. AdColony -","year":"2018","unstructured":"AdColony, Inc. {n. d.}. AdColony - Elevating mobile advertising across today's hottest apps . Retrieved September 22, 2018 from https:\/\/www.adcolony.com\/ AdColony, Inc. {n. d.}. AdColony - Elevating mobile advertising across today's hottest apps. Retrieved September 22, 2018 from https:\/\/www.adcolony.com\/"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_2_1","DOI":"10.1002\/cpe.3447"},{"volume-title":"Retrieved","year":"2018","unstructured":"AppBrain. 2018 . Google Play stats . Retrieved September 22, 2018 from http: \/\/www.appbrain.com\/stats\/ AppBrain. 2018. Google Play stats. Retrieved September 22, 2018 from http: \/\/www.appbrain.com\/stats\/","key":"e_1_3_2_1_3_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_4_1","DOI":"10.1145\/2976749.2978333"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_5_1","DOI":"10.1109\/TSE.2014.2367027"},{"key":"e_1_3_2_1_6_1","volume-title":"Retrieved","author":"Manes Ben","year":"2018","unstructured":"Ben Manes . 2018 . GitHub - Gradle Versions Plugin . Retrieved September 24, 2018 from https:\/\/github.com\/ben-manes\/gradle-versions-plugin Ben Manes. 2018. GitHub - Gradle Versions Plugin. Retrieved September 24, 2018 from https:\/\/github.com\/ben-manes\/gradle-versions-plugin"},{"key":"e_1_3_2_1_7_1","first-page":"1021","article-title":"Brahmastra: Driving Apps to Test the Security of Third-Party Components","volume":"2014","author":"Bhoraskar Ravi","year":"2014","unstructured":"Ravi Bhoraskar , Seungyeop Han , Jinseong Jeon , Tanzirul Azim , Shuo Chen , Jaeyeon Jung , Suman Nath , Rui Wang , and David Wetherall . 2014 . Brahmastra: Driving Apps to Test the Security of Third-Party Components .. In Proc. of USENIX Security , 2014. 1021 -- 1036 . Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall. 2014. Brahmastra: Driving Apps to Test the Security of Third-Party Components.. In Proc. of USENIX Security, 2014. 1021--1036.","journal-title":"Proc. of USENIX Security"},{"key":"e_1_3_2_1_8_1","volume-title":"Wallach","author":"Book Theodore","year":"2013","unstructured":"Theodore Book , Adam Pridgen , and Dan S . Wallach . 2013 . Longitudinal Analysis of Android Ad Library Permissions . CoRR abs\/1303.0857 (2013). arXiv:1303.0857 http:\/\/arxiv.org\/abs\/1303.0857 Theodore Book, Adam Pridgen, and Dan S. Wallach. 2013. Longitudinal Analysis of Android Ad Library Permissions. CoRR abs\/1303.0857 (2013). arXiv:1303.0857 http:\/\/arxiv.org\/abs\/1303.0857"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_9_1","DOI":"10.1145\/2808797.2808823"},{"key":"e_1_3_2_1_10_1","first-page":"357","article-title":"Following devil's footprints: Cross-platform analysis of potentially harmful libraries on android and ios","volume":"2016","author":"Chen Kai","year":"2016","unstructured":"Kai Chen , Xueqiang Wang , Yi Chen , Peng Wang , Yeonjoon Lee , XiaoFeng Wang , Bin Ma , Aohui Wang , Yingjun Zhang , and Wei Zou . 2016 . Following devil's footprints: Cross-platform analysis of potentially harmful libraries on android and ios . In Proc. of the IEEE SP , 2016. 357 -- 376 . Kai Chen, Xueqiang Wang, Yi Chen, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Bin Ma, Aohui Wang, Yingjun Zhang, and Wei Zou. 2016. Following devil's footprints: Cross-platform analysis of potentially harmful libraries on android and ios. In Proc. of the IEEE SP, 2016. 357--376.","journal-title":"Proc. of the IEEE SP"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_11_1","DOI":"10.1145\/3133956.3134059"},{"key":"e_1_3_2_1_12_1","volume-title":"Retrieved","author":"Hinchcliffe Dion","year":"2017","unstructured":"Dion Hinchcliffe . 2017 . The advent of the citizen developer . Retrieved September 22, 2018 from https:\/\/www.zdnet.com\/article\/ the-advent-of-the-citizen-developer\/ Dion Hinchcliffe. 2017. The advent of the citizen developer. Retrieved September 22, 2018 from https:\/\/www.zdnet.com\/article\/ the-advent-of-the-citizen-developer\/"},{"unstructured":"Facebook Inc. {n. d.}. Android SDK - Facebook for Developers. Retrieved September 22 2018 from https:\/\/developers.facebook.com\/docs\/android\/  Facebook Inc. {n. d.}. Android SDK - Facebook for Developers. Retrieved September 22 2018 from https:\/\/developers.facebook.com\/docs\/android\/","key":"e_1_3_2_1_13_1"},{"key":"e_1_3_2_1_14_1","first-page":"121","article-title":"Stack Overflow Considered Harmful? The Impact of Copy amp;Paste on Android Application Security","volume":"2017","author":"Fischer F.","year":"2017","unstructured":"F. Fischer , K. B\u00f6ttinger , H. Xiao , C. Stransky , Y. Acar , M. Backes , and S. Fahl . 2017 . Stack Overflow Considered Harmful? The Impact of Copy amp;Paste on Android Application Security . In Proc. of the IEEE SP , 2017. 121 -- 136 . F. Fischer, K. B\u00f6ttinger, H. Xiao, C. Stransky, Y. Acar, M. Backes, and S. Fahl. 2017. Stack Overflow Considered Harmful? The Impact of Copy amp;Paste on Android Application Security. In Proc. of the IEEE SP, 2017. 121--136.","journal-title":"Proc. of the IEEE SP"},{"volume-title":"Retrieved","year":"2017","unstructured":"Fisher, Anne. 2017 . How Companies Are Developing More Apps With Fewer Developers . Retrieved September 22, 2018 from http:\/\/fortune.com\/2016\/08\/30\/ quickbase-coding-apps-developers\/ Fisher, Anne. 2017. How Companies Are Developing More Apps With Fewer Developers. Retrieved September 22, 2018 from http:\/\/fortune.com\/2016\/08\/30\/ quickbase-coding-apps-developers\/","key":"e_1_3_2_1_15_1"},{"key":"e_1_3_2_1_16_1","volume-title":"Retrieved","author":"Incident Response Forum","year":"2018","unstructured":"Forum of Incident Response and Security Teams . {n. d.}. Common Vulnerability Scoring System SIG . Retrieved September 22, 2018 from https:\/\/www.first.org\/ cvss\/ Forum of Incident Response and Security Teams. {n. d.}. Common Vulnerability Scoring System SIG. Retrieved September 22, 2018 from https:\/\/www.first.org\/ cvss\/"},{"key":"e_1_3_2_1_17_1","volume-title":"Retrieved","author":"Incident Response Forum","year":"2018","unstructured":"Forum of Incident Response and Security Teams . {n. d.}. Common Vulnerability Scoring System v3.0: Specification Document . Retrieved September 22, 2018 from https:\/\/www.first.org\/cvss\/specification-document Forum of Incident Response and Security Teams. {n. d.}. Common Vulnerability Scoring System v3.0: Specification Document. Retrieved September 22, 2018 from https:\/\/www.first.org\/cvss\/specification-document"},{"key":"e_1_3_2_1_18_1","volume-title":"Retrieved","author":"Software Foundation The Apache","year":"2018","unstructured":"The Apache Software Foundation . {n. d.}. Apache Commons Collections Security Vulnerabilities . Retrieved September 22, 2018 from https:\/\/commons.apache. org\/proper\/commons-collections\/security-reports.html The Apache Software Foundation. {n. d.}. Apache Commons Collections Security Vulnerabilities. Retrieved September 22, 2018 from https:\/\/commons.apache. org\/proper\/commons-collections\/security-reports.html"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1007\/978-3-319-20550-2_15"},{"key":"e_1_3_2_1_20_1","first-page":"187","article-title":"Measuring code reuse in Android apps","volume":"2016","author":"Gonzalez Hugo","year":"2016","unstructured":"Hugo Gonzalez , Natalia Stakhanova , and Ali A. Ghorbani . 2016 . Measuring code reuse in Android apps . In Proc. of PST , 2016. 187 -- 195 . Hugo Gonzalez, Natalia Stakhanova, and Ali A. Ghorbani. 2016. Measuring code reuse in Android apps. In Proc. of PST, 2016. 187--195.","journal-title":"Proc. of PST"},{"unstructured":"Google Inc. 2018. App Security Improvement Program. https:\/\/developer.android. com\/google\/play\/asi.html  Google Inc. 2018. App Security Improvement Program. https:\/\/developer.android. com\/google\/play\/asi.html","key":"e_1_3_2_1_21_1"},{"key":"e_1_3_2_1_22_1","volume-title":"Retrieved","author":"Inc.","year":"2018","unstructured":"Google, Inc. 2018 . GitHub - google\/gson: A Java serialization\/deserialization library to convert Java Objects into JSON and back . Retrieved September 22, 2018 from https:\/\/sites.google.com\/site\/gson\/ Google, Inc. 2018. GitHub - google\/gson: A Java serialization\/deserialization library to convert Java Objects into JSON and back. Retrieved September 22, 2018 from https:\/\/sites.google.com\/site\/gson\/"},{"key":"e_1_3_2_1_23_1","volume-title":"Play API 2012","author":"Google","year":"2018","unstructured":"Google Play API 2012 . Google Play API. Retrieved September 22, 2018 from https:\/\/github.com\/egirault\/googleplay-api Google Play API 2012. Google Play API. Retrieved September 22, 2018 from https:\/\/github.com\/egirault\/googleplay-api"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.1145\/2185448.2185464"},{"key":"e_1_3_2_1_25_1","first-page":"1090","article-title":"Android malware development on public malware scanning platforms: A large-scale data-driven study","volume":"2016","author":"Huang Heqing","year":"2016","unstructured":"Heqing Huang , Cong Zheng , Junyuan Zeng , Wu Zhou , Sencun Zhu , Peng Liu , Suresh Chari , and Ce Zhang . 2016 . Android malware development on public malware scanning platforms: A large-scale data-driven study . In Proc. of IEEE Big Data , 2016. 1090 -- 1099 . Heqing Huang, Cong Zheng, Junyuan Zeng, Wu Zhou, Sencun Zhu, Peng Liu, Suresh Chari, and Ce Zhang. 2016. Android malware development on public malware scanning platforms: A large-scale data-driven study. In Proc. of IEEE Big Data, 2016. 1090--1099.","journal-title":"Proc. of IEEE Big Data"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_26_1","DOI":"10.1145\/2875475.2875480"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_27_1","DOI":"10.1145\/3121264.3121267"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_28_1","DOI":"10.1109\/SANER.2016.52"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_29_1","DOI":"10.1109\/ICSE.2017.38"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_30_1","DOI":"10.1145\/2889160.2889178"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_31_1","DOI":"10.1109\/ICSM.2013.18"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_32_1","DOI":"10.1007\/s10664-015-9388-2"},{"key":"e_1_3_2_1_33_1","volume-title":"Retrieved","author":"MITRE Corporation","year":"2018","unstructured":"MITRE Corporation . 2018 . CVE - Common Vulnerabilities and Exposures (CVE) . Retrieved September 22, 2018 from https:\/\/cve.mitre.org\/ MITRE Corporation. 2018. CVE - Common Vulnerabilities and Exposures (CVE). Retrieved September 22, 2018 from https:\/\/cve.mitre.org\/"},{"unstructured":"The Hacker News. 2014. Facebook SDK Vulnerability Puts Millions of Smart- phone Users' Accounts at Risk. https:\/\/thehackernews.com\/2014\/07\/ facebook-sdk-vulnerability-puts.html  The Hacker News. 2014. Facebook SDK Vulnerability Puts Millions of Smart- phone Users' Accounts at Risk. https:\/\/thehackernews.com\/2014\/07\/ facebook-sdk-vulnerability-puts.html","key":"e_1_3_2_1_34_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_35_1","DOI":"10.1109\/MS.2014.79"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_36_1","DOI":"10.1109\/MS.2014.81"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_37_1","DOI":"10.1145\/3052973.3052990"},{"key":"e_1_3_2_1_38_1","volume-title":"Retrieved","author":"Preston-Werner Tom","year":"2018","unstructured":"Tom Preston-Werner . {n. d.}. Semantic Versioning 2.0.0 . Retrieved September 22, 2018 from https:\/\/semver.org Tom Preston-Werner. {n. d.}. Semantic Versioning 2.0.0. Retrieved September 22, 2018 from https:\/\/semver.org"},{"key":"e_1_3_2_1_39_1","volume-title":"Retrieved","author":"U.S. National Institute of Standards and Technology.","year":"2017","unstructured":"U.S. National Institute of Standards and Technology. 2017 . CVE-2014--8889 Detail . Retrieved September 22, 2018 from https:\/\/nvd.nist.gov\/vuln\/detail\/ CVE-2014--8889 U.S. National Institute of Standards and Technology. 2017. CVE-2014--8889 Detail. Retrieved September 22, 2018 from https:\/\/nvd.nist.gov\/vuln\/detail\/ CVE-2014--8889"},{"key":"e_1_3_2_1_40_1","volume-title":"Retrieved","author":"U.S. National Institute of Standards and Technology.","year":"2017","unstructured":"U.S. National Institute of Standards and Technology. 2017 . CVE-2016--2402 Detail . Retrieved September 22, 2018 from https:\/\/nvd.nist.gov\/vuln\/detail\/ CVE-2016--2402 U.S. National Institute of Standards and Technology. 2017. CVE-2016--2402 Detail. Retrieved September 22, 2018 from https:\/\/nvd.nist.gov\/vuln\/detail\/ CVE-2016--2402"},{"key":"e_1_3_2_1_41_1","volume-title":"Retrieved","author":"U.S. National Institute of Standards and Technology.","year":"2018","unstructured":"U.S. National Institute of Standards and Technology. 2018 . National Vulnerability Database . Retrieved September 22, 2018 from https:\/\/nvd.nist.gov\/ U.S. National Institute of Standards and Technology. 2018. National Vulnerability Database. Retrieved September 22, 2018 from https:\/\/nvd.nist.gov\/"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_42_1","DOI":"10.1145\/2591971.2592003"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_43_1","DOI":"10.1109\/MSR.2017.23"},{"key":"e_1_3_2_1_44_1","first-page":"678","article-title":"Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps","volume":"2017","author":"Wu Daoyuan","year":"2017","unstructured":"Daoyuan Wu , Ximing Liu , Jiayun Xu , David Lo , and Debin Gao . 2017 . Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps . In Proc. of WASA , 2017. 678 -- 690 . Daoyuan Wu, Ximing Liu, Jiayun Xu, David Lo, and Debin Gao. 2017. Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps. In Proc. of WASA, 2017. 678--690.","journal-title":"Proc. of WASA"},{"key":"e_1_3_2_1_45_1","first-page":"141","article-title":"Detecting third-party libraries in Android applications with high precision and recall","volume":"2018","author":"Zhang Yuan","year":"2018","unstructured":"Yuan Zhang , Jiarun Dai , Xiaohan Zhang , Sirong Huang , Zhemin Yang , Min Yang , and Hao Chen . 2018 . Detecting third-party libraries in Android applications with high precision and recall . In Proc. of SANER , 2018. 141 -- 152 . Yuan Zhang, Jiarun Dai, Xiaohan Zhang, Sirong Huang, Zhemin Yang, Min Yang, and Hao Chen. 2018. Detecting third-party libraries in Android applications with high precision and recall. In Proc. of SANER, 2018. 141--152.","journal-title":"Proc. of SANER"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_46_1","DOI":"10.1145\/2766498.2766499"}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"CODASPY '19","name":"CODASPY '19: Ninth ACM Conference on Data and Application Security and Privacy","location":"Richardson Texas USA"},"container-title":["Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3292006.3300020","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3292006.3300020","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:02:02Z","timestamp":1750208522000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3292006.3300020"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,3,13]]},"references-count":46,"alternative-id":["10.1145\/3292006.3300020","10.1145\/3292006"],"URL":"https:\/\/doi.org\/10.1145\/3292006.3300020","relation":{},"subject":[],"published":{"date-parts":[[2019,3,13]]},"assertion":[{"value":"2019-03-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}