{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,3,29]],"date-time":"2022-03-29T17:03:43Z","timestamp":1648573423133},"reference-count":24,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"11","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Inf. & Syst."],"published-print":{"date-parts":[[2018,11,1]]},"DOI":"10.1587\/transinf.2017icp0009","type":"journal-article","created":{"date-parts":[[2018,10,31]],"date-time":"2018-10-31T22:46:45Z","timestamp":1541026005000},"page":"2576-2583","source":"Crossref","is-referenced-by-count":0,"title":["Towards Finding Code Snippets on a Question and Answer Website Causing Mobile App Vulnerabilities"],"prefix":"10.1587","volume":"E101.D","author":[{"given":"Hiroki","family":"NAKANO","sequence":"first","affiliation":[{"name":"Graduate School of Environment and Information Sciences, Yokohama National University"},{"name":"NTT Secure Platform Laboratories"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fumihiro","family":"KANEI","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Laboratories"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuta","family":"TAKATA","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Laboratories"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mitsuaki","family":"AKIYAMA","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Laboratories"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Katsunari","family":"YOSHIOKA","sequence":"additional","affiliation":[{"name":"Graduate School of Environment and Information Sciences\/Institute of Advance Sciences, Yokohama National University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"532","reference":[{"key":"1","unstructured":"[1] \u201cGoogle Play.\u201d https:\/\/play.google.com\/store"},{"key":"2","unstructured":"[2] \u201cHow to address WebView SSL Error Handler alerts in your apps.-Google Help.\u201d https:\/\/support.google.com\/faqs\/answer\/7071387"},{"key":"3","unstructured":"[3] \u201cHow to resolve Insecure Hostnameverifier-Google Help.\u201d https:\/\/support.google.com\/faqs\/answer\/7188426"},{"key":"4","unstructured":"[4] \u201cHow to address OpenSSL vulnerabilities in your apps-Google Help.\u201d https:\/\/support.google.com\/faqs\/answer\/6376725"},{"key":"5","unstructured":"[5] \u201cVulnerable apps on Google Play put millions of users at risk of an attack.\u201d https:\/\/www.digitaltrends.com\/mobile\/google-play-open-port-attacks\/"},{"key":"6","unstructured":"[6] \u201cOver 400 Apps On Google's Play Store Found To Be Vulnerable To Open Port Attacks.\u201d http:\/\/www.ibtimes.com\/over-400-apps-googles-play-store-found-be-vulnerable-open-port-attacks-2534541"},{"key":"7","unstructured":"[7] \u201cGoogle launched a new bug bounty program to root out vulnerabilities in third-party apps on Google Play-The Verge.\u201d https:\/\/www.theverge.com\/2017\/10\/22\/16516670\/google-play-security-rewards-program-vulnerabilities-bug-bounty"},{"key":"8","unstructured":"[8] \u201cStack Overflow-Where Developers Learn, Share, & Build Careers.\u201d http:\/\/stackoveflow.com\/"},{"key":"9","unstructured":"[9] \u201cProjects\/OWASP Mobile Security Project - Top Ten Mobile Risks -OWASP, howpublished = https:\/\/www.owasp.org\/index.php\/projects\/owasp_mobile_security_project_-_top_ten_mobile_risks.\u201d"},{"key":"10","unstructured":"[10] \u201cGithub-Androbugs.\u201d https:\/\/github.com\/AndroBugs\/AndroBugs_Framework"},{"key":"11","unstructured":"[11] \u201cQihoo 360 Mobile Assistant.\u201d http:\/\/zhushou.360.cn\/"},{"key":"12","doi-asserted-by":"crossref","unstructured":"[12] S. Fahl, M. Harbach, T. Muders, L. Baumg\u00e4rtner, B. Freisleben, and M. Smith, \u201cWhy eve and mallory love android: An analysis of android ssl (in) security,\u201d Proceedings of the 2012 ACM conference on Computer and communications security, pp.50-61, ACM, 2012. 10.1145\/2382196.2382205","DOI":"10.1145\/2382196.2382205"},{"key":"13","doi-asserted-by":"crossref","unstructured":"[13] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel, \u201cAn empirical study of cryptographic misuse in android applications,\u201d Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp.73-84, ACM, 2013. 10.1145\/2508859.2516693","DOI":"10.1145\/2508859.2516693"},{"key":"14","unstructured":"[14] R. Furukawa, T. Nagai, H. Kumagai, M. Kamizono, Y. Shiraishi, Y. Takano, M. Mohri, Y. Hoshizawa, and M. Morii, \u201cA vulnerability analysis of android applications from the view of third-party-libraries,\u201d IPSJ Journal, pp.1843-1855, 2017."},{"key":"15","doi-asserted-by":"crossref","unstructured":"[15] Y. Acar, M. Backes, S. Fahl, D. Kim, M.L. Mazurek, and C. Stransky, \u201cYou get where you're looking for: The impact of information sources on code security,\u201d Security and Privacy (SP), 2016 IEEE Symposium on, pp.289-305, IEEE, 2016. 10.1109\/sp.2016.25","DOI":"10.1109\/SP.2016.25"},{"key":"16","doi-asserted-by":"crossref","unstructured":"[16] H. Wang, Z. Liu, Y. Guo, X. Chen, M. Zhang, G. Xu, and J. Hong, \u201cAn explorative study of the mobile app ecosystem from app developers' perspective,\u201d Proceedings of the 26th International Conference on World Wide Web, pp.163-172, International World Wide Web Conferences Steering Committee, 2017. 10.1145\/3038912.3052712","DOI":"10.1145\/3038912.3052712"},{"key":"17","doi-asserted-by":"crossref","unstructured":"[17] K. Chen, P. Liu, and Y. Zhang, \u201cAchieving accuracy and scalability simultaneously in detecting application clones on android markets,\u201d Proceedings of the 36th International Conference on Software Engineering, pp.175-186, ACM, 2014. 10.1145\/2568225.2568286","DOI":"10.1145\/2568225.2568286"},{"key":"18","doi-asserted-by":"crossref","unstructured":"[18] J. Crussell, C. Gibler, and H. Chen, \u201cAttack of the clones: Detecting cloned applications on android markets.,\u201d ESORICS, vol.7459, pp.37-54, Springer, 2012. 10.1007\/978-3-642-33167-1_3","DOI":"10.1007\/978-3-642-33167-1_3"},{"key":"19","doi-asserted-by":"publisher","unstructured":"[19] J. Crussell, C. Gibler, and H. Chen, \u201cAndarwin: Scalable detection of semantically similar android applications,\u201d European Symposium on Research in Computer Security, vol.8134, pp.182-199, Springer, 2013. 10.1007\/978-3-642-40203-6_11","DOI":"10.1007\/978-3-642-40203-6_11"},{"key":"20","doi-asserted-by":"publisher","unstructured":"[20] I. Keivanloo, C.K. Roy, and J. Rilling, \u201cSebyte: Scalable clone and similarity search for bytecode,\u201d Science of Computer Programming, vol.95, pp.426-444, 2014. 10.1016\/j.scico.2013.10.006","DOI":"10.1016\/j.scico.2013.10.006"},{"key":"21","doi-asserted-by":"crossref","unstructured":"[21] S. Hanna, L. Huang, E. Wu, S. Li, C. Chen, and D. Song, \u201cJuxtapp: A scalable system for detecting code reuse among android applications,\u201d International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, vol.7591, pp.62-81, Springer, 2012. 10.1007\/978-3-642-37300-8_4","DOI":"10.1007\/978-3-642-37300-8_4"},{"key":"22","doi-asserted-by":"crossref","unstructured":"[22] W. Zhou, Y. Zhou, M. Grace, X. Jiang, and S. Zou, \u201cFast, scalable detection of piggybacked mobile applications,\u201d Proceedings of the third ACM conference on Data and application security and privacy, pp.185-196, ACM, 2013. 10.1145\/2435349.2435377","DOI":"10.1145\/2435349.2435377"},{"key":"23","doi-asserted-by":"crossref","unstructured":"[23] Y. Liu, Y. Liu, K. Zhou, M. Zhang, and S. Ma, \u201cDetecting collusive spamming activities in community question answering,\u201d Proceedings of the 26th International Conference on World Wide Web, pp.1073-1082, International World Wide Web Conferences Steering Committee, 2017. 10.1145\/3038912.3052594","DOI":"10.1145\/3038912.3052594"},{"key":"24","doi-asserted-by":"crossref","unstructured":"[24] F. Fischer, K. B\u00f6ttinger, H. Xiao, C. Stransky, Y. Acar, M. Backes, and S. Fahl, \u201cStack overflow considered harmful? the impact of copy&paste on android application security,\u201d 2017 IEEE Symposium on Security and Privacy (SP), pp.121-136, 2017. 10.1109\/sp.2017.31","DOI":"10.1109\/SP.2017.31"}],"container-title":["IEICE Transactions on Information and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E101.D\/11\/E101.D_2017ICP0009\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,30]],"date-time":"2019-10-30T08:51:12Z","timestamp":1572425472000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E101.D\/11\/E101.D_2017ICP0009\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11,1]]},"references-count":24,"journal-issue":{"issue":"11","published-print":{"date-parts":[[2018]]}},"URL":"https:\/\/doi.org\/10.1587\/transinf.2017icp0009","relation":{},"ISSN":["0916-8532","1745-1361"],"issn-type":[{"value":"0916-8532","type":"print"},{"value":"1745-1361","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,11,1]]}}}