{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T06:14:42Z","timestamp":1769753682111,"version":"3.49.0"},"reference-count":57,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2019,6,30]],"date-time":"2019-06-30T00:00:00Z","timestamp":1561852800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Ministero dell\u00f0Istruzione, dell\u00f0Universit\u00e0 e della Ricerca","award":["PRIN 2015KWREMX"],"award-info":[{"award-number":["PRIN 2015KWREMX"]}]},{"DOI":"10.13039\/100011199","name":"European Research Council","doi-asserted-by":"publisher","award":["CONSOLIDATOR GRANT 646867"],"award-info":[{"award-number":["CONSOLIDATOR GRANT 646867"]}],"id":[{"id":"10.13039\/100011199","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Auton. Adapt. Syst."],"published-print":{"date-parts":[[2019,6,30]]},"abstract":"<jats:p>Android applications are executed on smartphones equipped with a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively affected. For example, apps must properly acquire, use, and release microphones, cameras, and other multimedia devices, otherwise the behavior of the apps that use the same resources might be compromised.<\/jats:p>\n          <jats:p>Unfortunately, several apps do not use resources correctly, for instance, due to faults and inaccurate design decisions. By interacting with these apps, users may experience unexpected behaviors, which in turn may cause instability and sporadic failures, especially when resources are accessed.<\/jats:p>\n          <jats:p>\n            In this article, we present an approach that lets users\n            <jats:italic>protect<\/jats:italic>\n            their environment from the apps that use resources improperly by enforcing the correct usage protocol. This is achieved by using\n            <jats:italic>software enforcers<\/jats:italic>\n            that can observe executions and change them when necessary. For instance, enforcers can detect that a resource has been acquired but not released and automatically perform the release operation, thus giving the possibility to use that same resource to the other apps.\n          <\/jats:p>\n          <jats:p>\n            The main idea is that software libraries, in particular, the ones controlling access to resources, can be augmented with enforcers that can be activated and deactivated on demand by users to protect their environment from unwanted app behaviors. We call the software libraries augmented with one or more enforcers\n            <jats:italic>proactive libraries<\/jats:italic>\n            , because the activation of the enforcer decorates the library with\n            <jats:italic>proactive behaviors<\/jats:italic>\n            that can guarantee the correctness of the execution despite the invocation of the operations implemented by the library. For example, enforcers can detect that a resource has not been released on time and proactively release it.\n          <\/jats:p>\n          <jats:p>Our experimental results with 27 possible misuses of resources in real Android apps reveal that proactive libraries are able to effectively correct library misuses with negligible runtime overheads.<\/jats:p>","DOI":"10.1145\/3368087","type":"journal-article","created":{"date-parts":[[2019,12,9]],"date-time":"2019-12-09T13:35:27Z","timestamp":1575898527000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Controlling Interactions with Libraries in Android Apps Through Runtime Enforcement"],"prefix":"10.1145","volume":"14","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2120-2894","authenticated-orcid":false,"given":"Oliviero","family":"Riganelli","sequence":"first","affiliation":[{"name":"University of Milano - Bicocca, Milan, MI, Italy"}]},{"given":"Daniela","family":"Micucci","sequence":"additional","affiliation":[{"name":"University of Milano - Bicocca, Milan, MI, Italy"}]},{"given":"Leonardo","family":"Mariani","sequence":"additional","affiliation":[{"name":"University of Milano - Bicocca, Milan, MI, Italy"}]}],"member":"320","published-online":{"date-parts":[[2019,12,6]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Proceedings of the International Conference on Software Testing, Verification and Validation Workshops (ICSTW\u201913)","author":"Amalfitano D."},{"key":"e_1_2_1_2_1","volume-title":"Proceedings of the International Conference on Mining Software Repositories (MSR\u201916)","author":"Amani S."},{"key":"e_1_2_1_3_1","unstructured":"Android. 2019. The Activity Lifecycle. Retrieved from https:\/\/developer.android.com\/guide\/components\/activities\/activity-lifecycle.html.  Android. 2019. The Activity Lifecycle. Retrieved from https:\/\/developer.android.com\/guide\/components\/activities\/activity-lifecycle.html."},{"key":"e_1_2_1_4_1","unstructured":"Android. 2019. Android API. Retrieved from https:\/\/developer.android.com\/guide\/index.html.  Android. 2019. Android API. Retrieved from https:\/\/developer.android.com\/guide\/index.html."},{"key":"e_1_2_1_5_1","unstructured":"Android. 2019. Android Studio. Retrieved from https:\/\/developer.android.com\/studio\/index.html.  Android. 2019. Android Studio. Retrieved from https:\/\/developer.android.com\/studio\/index.html."},{"key":"e_1_2_1_6_1","volume-title":"Proceedings of the International Conference on Automated Software Engineering (ASE\u201914)","author":"Azim M. T."},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE\u201914)","author":"Banerjee A."},{"key":"e_1_2_1_8_1","volume-title":"Proceedings of the International Conference on Software Engineering (ICSE\u201909)","author":"Chang H."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2522920.2522923"},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of the International Conference on Software Engineering (ICSE\u201917)","author":"Cornejo O."},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the International Conference on Cloud Computing (CloudCom\u201909)","author":"Dai Y."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2522920.2522921"},{"key":"e_1_2_1_13_1","volume-title":"Proceedings of the International Conference on Software Engineering (ICSE\u201908)","author":"Dig D."},{"key":"e_1_2_1_14_1","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer 8 Communications Security (CCS\u201913)","author":"Egele M."},{"key":"e_1_2_1_15_1","volume-title":"Proceedings of the Annual International Conference on Mobile Computing and Networking (MobiCom\u201915)","author":"Elmalaki S."},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of the International Conference on Runtime Verification (RV\u201912)","author":"Falcone Y."},{"key":"e_1_2_1_17_1","unstructured":"Eclipse Foundation. 2019. Acceleo. Retrieved from https:\/\/www.eclipse.org\/acceleo\/.  Eclipse Foundation. 2019. Acceleo. Retrieved from https:\/\/www.eclipse.org\/acceleo\/."},{"key":"e_1_2_1_18_1","unstructured":"Eclipse Foundation. 2019. Eclipse. Retrieved from http:\/\/www.eclipse.org\/.  Eclipse Foundation. 2019. Eclipse. Retrieved from http:\/\/www.eclipse.org\/."},{"key":"e_1_2_1_19_1","unstructured":"Eclipse Foundation. 2019. Eclipse Modeling Framework. Retrieved from https:\/\/www.eclipse.org\/modeling\/emf\/.  Eclipse Foundation. 2019. Eclipse Modeling Framework. Retrieved from https:\/\/www.eclipse.org\/modeling\/emf\/."},{"key":"e_1_2_1_20_1","unstructured":"Eclipse Foundation. 2019. Graphical Modeling Project. Retrieved from http:\/\/www.eclipse.org\/modeling\/gmp\/.  Eclipse Foundation. 2019. Graphical Modeling Project. Retrieved from http:\/\/www.eclipse.org\/modeling\/gmp\/."},{"key":"e_1_2_1_21_1","unstructured":"JS Foundation. 2019. Retrieved from Appium. http:\/\/appium.io.  JS Foundation. 2019. Retrieved from Appium. http:\/\/appium.io."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2017.2755013"},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the International Symposium on Empirical Software Engineering and Measurement (ESEM\u201913)","author":"Joorabchi M. E."},{"key":"e_1_2_1_24_1","doi-asserted-by":"crossref","volume-title":"Domain-Specific Modeling: Enabling Full Code Generation","author":"Kelly S.","DOI":"10.1002\/9780470249260"},{"key":"e_1_2_1_25_1","volume-title":"Proceedings of the Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201914)","author":"Khalid H."},{"key":"e_1_2_1_26_1","volume-title":"Proceedings of the European Conference on Object-Oriented Programming (ECOOP\u201997)","author":"Kiczales G."},{"key":"e_1_2_1_27_1","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS\u201915)","author":"Kong D."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2593743.2593750"},{"key":"e_1_2_1_29_1","volume-title":"Proceedings of the International Symposium on Software Testing and Analysis (ISSTA\u201916)","author":"Li L."},{"key":"e_1_2_1_30_1","volume-title":"Proceedings of the European Software Engineering Conference held jointly with the ACM SIGSOFT International Symposium on Foundations of Software Engineering (ESEC\/FSE\u201905)","author":"Li Z."},{"key":"e_1_2_1_31_1","first-page":"1","article-title":"2005. Edit automata: Enforcement mechanisms for run-time security policies","volume":"4","author":"Ligatti J.","year":"2005","journal-title":"Int. J. Info. Secur."},{"key":"e_1_2_1_32_1","volume-title":"Proceedings of the Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201913)","author":"Linares-V\u00e1squez M."},{"key":"e_1_2_1_33_1","volume-title":"Proceedings of the Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201913)","author":"Linares-V\u00e1squez M."},{"key":"e_1_2_1_34_1","volume-title":"Proceedings of the International Symposium on Software Reliability Engineering (ISSRE\u201916)","author":"Liu J."},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2700325"},{"key":"e_1_2_1_36_1","volume-title":"Proceedings of the International Workshop on Self-adaptation and Self-managing Systems (SEAMS\u201906)","author":"Mancinelli F."},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.93"},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the International Conference on Software Maintenance (ICSM\u201913)","author":"McDonnell T."},{"key":"e_1_2_1_39_1","volume-title":"Proceedings of the International Workshop on Automation of Software Test (AST\u201912)","author":"Muccini H."},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the Annual Computer Security Applications Conference (ACSAC\u201913)","author":"Mulliner C."},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.07.005"},{"key":"e_1_2_1_42_1","unstructured":"OMG. 2012. Object Constraint Language. Retrieved from https:\/\/modeling-languages.com\/ocl-tutorial\/.  OMG. 2012. Object Constraint Language. Retrieved from https:\/\/modeling-languages.com\/ocl-tutorial\/."},{"key":"e_1_2_1_43_1","volume-title":"Proceedings of the International Workshop on Software Faults (IWSF\u201916)","author":"Riganelli O."},{"key":"e_1_2_1_44_1","volume-title":"Proceedings of the International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS\u201917)","author":"Riganelli O."},{"key":"e_1_2_1_45_1","volume-title":"Proceedings of the International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISOLA\u201918)","author":"Riganelli O."},{"key":"e_1_2_1_46_1","first-page":"3","article-title":"2019. From source code to test cases: A comprehensive benchmark for resource leak detection in android apps. Software","volume":"49","author":"Riganelli O.","year":"2019","journal-title":"Pract. Exper."},{"key":"e_1_2_1_47_1","volume-title":"Proceedings of the International Conference on Runtime Verification (RV\u201917)","author":"Riganelli O."},{"key":"e_1_2_1_48_1","volume-title":"Proceedings of the International Conference on Mining Software Repositories (MSR\u201919)","author":"Riganelli O."},{"key":"e_1_2_1_49_1","volume-title":"Proceedings of the Workshop on Mobile Middleware: Embracing the Personal Communication Device (MobMid\u201908)","author":"Rouvoy R."},{"key":"e_1_2_1_50_1","volume-title":"Toward an execution system for self-healing workflows in cyber-physical systems. Software Syst. Model. 17, 2","author":"Seiger Ronny","year":"2018"},{"key":"e_1_2_1_51_1","volume-title":"Proceedings of the ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA\u201916)","author":"Shan Z."},{"key":"e_1_2_1_52_1","unstructured":"T. Stahl and M. Voelter. 2006. Model-Driven Software Development: Technology Engineering Management. John Wiley 8 Sons.  T. Stahl and M. Voelter. 2006. Model-Driven Software Development: Technology Engineering Management. John Wiley 8 Sons."},{"key":"e_1_2_1_53_1","volume-title":"Proceedings of the IEEE\/ACM International Conference on Automated Software Engineering (ASE\u201909)","author":"Wasylkowski A."},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970312"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2016.2547385"},{"key":"e_1_2_1_56_1","unstructured":"XDA. 2019. Xposed. Retrieved from http:\/\/repo.xposed.info\/.  XDA. 2019. Xposed. Retrieved from http:\/\/repo.xposed.info\/."},{"key":"e_1_2_1_57_1","volume-title":"Proceedings of the Annual Network and Distributed System Security Symposium (NDSS\u201914)","author":"Zhang M."}],"container-title":["ACM Transactions on Autonomous and Adaptive Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368087","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3368087","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:44:39Z","timestamp":1750203879000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368087"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,6,30]]},"references-count":57,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2019,6,30]]}},"alternative-id":["10.1145\/3368087"],"URL":"https:\/\/doi.org\/10.1145\/3368087","relation":{},"ISSN":["1556-4665","1556-4703"],"issn-type":[{"value":"1556-4665","type":"print"},{"value":"1556-4703","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,6,30]]},"assertion":[{"value":"2018-03-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-09-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-12-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}