{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:06:51Z","timestamp":1750309611743,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,3,31]],"date-time":"2025-03-31T00:00:00Z","timestamp":1743379200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,3,31]]},"DOI":"10.1145\/3672608.3707956","type":"proceedings-article","created":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T18:26:54Z","timestamp":1747247214000},"page":"1877-1885","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Detection of Device Triggerable Vulnerabilities in Android Companion Apps through Interactive Triaging"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-0186-3170","authenticated-orcid":false,"given":"Aditya Vardhan","family":"Padala","sequence":"first","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4239-5632","authenticated-orcid":false,"given":"Saurabh","family":"Bagchi","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5124-6818","authenticated-orcid":false,"given":"Aravind Kumar","family":"Machiry","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,5,14]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2020.2988293"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.3390\/s24175465"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00013"},{"key":"e_1_3_2_1_4_1","volume-title":"https:\/\/www.forescout.com\/blog\/amnesia33forescout-research-labs-finds-33-new-vulnerabilities-in-open-source-tcp-ip-stacks\/. (Dec","author":"Foresout Research Labs Amnesia","year":"2020","unstructured":"Amnesia 2020. AMNESIA:33 - Foresout Research Labs Finds 33 New Vulnerabilities in Open Source TCP\/IP Stacks. https:\/\/www.forescout.com\/blog\/amnesia33forescout-research-labs-finds-33-new-vulnerabilities-in-open-source-tcp-ip-stacks\/. (Dec. 2020)."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF01840365"},{"key":"e_1_3_2_1_6_1","unstructured":"Bayesian network 2024. Bayesian network - Wikipedia. https:\/\/en.wikipedia.org\/wiki\/Bayesian_network. (2024). (Accessed on 10\/02\/2024)."},{"key":"e_1_3_2_1_7_1","unstructured":"Binary Ninja 2024. Binary Ninja. https:\/\/binary.ninja\/. (2024). (Accessed on 10\/04\/2024)."},{"key":"e_1_3_2_1_8_1","unstructured":"bncallgraph. 2024. psifertex\/callgraph: Binary Ninja Call Graph plugin. https:\/\/github.com\/psifertex\/callgraph. (2024). (Accessed on 10\/02\/2024)."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the International Conference on Software Engineering Research and Practice (SERP). The Steering Committee of The World Congress in Computer Science, Computer . . ., 46\u201352","author":"Boxler Dan","year":"2018","unstructured":"Dan Boxler and Kristen R Walcott. 2018. Static taint analysis tools to detect information flows. In Proceedings of the International Conference on Software Engineering Research and Practice (SERP). The Steering Committee of The World Congress in Computer Science, Computer . . ., 46\u201352."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23159"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/dsn.2014.30"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.89"},{"key":"e_1_3_2_1_13_1","unstructured":"Steven Arzt Christian Fritz and Siegfried Rasthofer. 2024. secure-software-engineering\/DroidBench: A micro-benchmark suite to assess the stability of taint-analysis tools for Android. https:\/\/github.com\/secure-software-engineering\/DroidBench. (2024). (Accessed on 09\/17\/2024)."},{"key":"e_1_3_2_1_14_1","unstructured":"Datalog. 2024. Datalog - Wikipedia. https:\/\/en.wikipedia.org\/wiki\/Datalog. (2024). (Accessed on 10\/02\/2024)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753462"},{"key":"e_1_3_2_1_16_1","unstructured":"Flowdroid. 2024. secure-software-engineering\/FlowDroid: FlowDroid Static Data Flow Tracker. https:\/\/github.com\/secure-software-engineering\/FlowDroid. (2024). (Accessed on 09\/16\/2024)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786873"},{"volume-title":"GNU\/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX. https:\/\/frida.re\/.","year":"2024","key":"e_1_3_2_1_18_1","unstructured":"Frida. 2024. Frida \u2022 A world-class dynamic instrumentation toolkit | Observe and reprogram running programs on Windows, macOS, GNU\/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX. https:\/\/frida.re\/. (2024). (Accessed on 09\/16\/2024)."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23089"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/151640.151643"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1414004.1414013"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510098"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1041685.1029909"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1760267.1760289"},{"key":"e_1_3_2_1_25_1","volume-title":"2021 IEEE Symposium on Security and Privacy (SP). IEEE, 1400\u20131415","author":"Li Ziyang","year":"2021","unstructured":"Ziyang Li, Aravind Machiry, Binghong Chen, Mayur Naik, Ke Wang, and Le Song. 2021. Arbitrar: User-guided api misuse detection. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 1400\u20131415."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3623278.3624759"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","unstructured":"Linghui Luo Felix Pauck Goran Piskachev Manuel Benz Ivan Pashchenko Martin Mory Eric Bodden Ben Hermann and Fabio Massacci. TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses. Empirical Software Engineering 27 1 (????) 16. 10.1007\/s10664-021-10013-5","DOI":"10.1007\/s10664-021-10013-5"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2491411.2491450"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2946563"},{"key":"e_1_3_2_1_30_1","unstructured":"Mariana Trench 2024. facebook\/mariana-trench: A security focused static analysis tool for Android and Java applications. https:\/\/github.com\/facebook\/marianatrench. (2024). (Accessed on 09\/16\/2024)."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2019.00042"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3127005.3127010"},{"key":"e_1_3_2_1_33_1","volume-title":"32nd USENIX Security Symposium. USENIX Association","author":"Nan Yuhong","year":"2023","unstructured":"Yuhong Nan, Xueqiang Wang, Luyi Xing, Xiaojing Liao, Ruoyu Wu, Jianliang Wu, Yifan Zhang, and XiaoFeng Wang. 2023. Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps. In 32nd USENIX Security Symposium. USENIX Association, Anaheim, CA, 6665\u20136682. https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/nan"},{"key":"e_1_3_2_1_34_1","unstructured":"Oracle. 2024. Introduction. https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/jni\/spec\/intro.html. (2024). (Accessed on 09\/16\/2024)."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236029"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192366.3192417"},{"key":"e_1_3_2_1_37_1","article-title":"Android Internal Analysis of APK by Droid_Safe & APK Tool","volume":"8","author":"Rawal Heena","year":"2017","unstructured":"Heena Rawal and Chandresh Parekh. 2017. Android Internal Analysis of APK by Droid_Safe & APK Tool. International Journal of Advanced Research in Computer Science 8, 5 (2017).","journal-title":"International Journal of Advanced Research in Computer Science"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00066"},{"key":"e_1_3_2_1_39_1","unstructured":"Ripple20 2024. Ripple20. https:\/\/www.jsof-tech.com\/disclosures\/ripple20\/. (2024)."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2746266.2746271"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.pmcj.2023.101786"},{"key":"e_1_3_2_1_42_1","unstructured":"Soot. 2024. soot-oss\/soot: Soot - A Java optimization framework. https:\/\/github.com\/soot-oss\/soot. (2024). (Accessed on 10\/02\/2024)."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3183575"},{"key":"e_1_3_2_1_44_1","volume-title":"Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities. In 33rd USENIX Security Symposium (USENIX Security 24)","author":"Wu Yuhao","year":"2024","unstructured":"Yuhao Wu, Jinwen Wang, Yujie Wang, Shixuan Zhai, Zihan Li, Yi He, Kun Sun, Qi Li, and Ning Zhang. 2024. Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities. In 33rd USENIX Security Symposium (USENIX Security 24). USENIX Association, Philadelphia, PA, 5627\u20135644. https:\/\/www.usenix.org\/conference\/usenixsecurity24\/presentation\/wu-yuhao"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.3390\/fi12020027"}],"event":{"name":"SAC '25: 40th ACM\/SIGAPP Symposium on Applied Computing","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing"],"location":"Catania International Airport Catania Italy","acronym":"SAC '25"},"container-title":["Proceedings of the 40th ACM\/SIGAPP Symposium on Applied Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3672608.3707956","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3672608.3707956","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:57:37Z","timestamp":1750298257000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3672608.3707956"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,31]]},"references-count":45,"alternative-id":["10.1145\/3672608.3707956","10.1145\/3672608"],"URL":"https:\/\/doi.org\/10.1145\/3672608.3707956","relation":{},"subject":[],"published":{"date-parts":[[2025,3,31]]},"assertion":[{"value":"2025-05-14","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}