{"id":"https://openalex.org/W4415034655","doi":"https://doi.org/10.1109/scam67354.2025.00022","title":"Plaintext in the Wild: Investigating Secure Connection Label Accuracy for Android Apps","display_name":"Plaintext in the Wild: Investigating Secure Connection Label Accuracy for Android Apps","publication_year":2025,"publication_date":"2025-09-08","ids":{"openalex":"https://openalex.org/W4415034655","doi":"https://doi.org/10.1109/scam67354.2025.00022"},"language":"en","primary_location":{"id":"doi:10.1109/scam67354.2025.00022","is_oa":false,"landing_page_url":"https://doi.org/10.1109/scam67354.2025.00022","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Source Code Analysis &amp;amp; Manipulation (SCAM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5119937874","display_name":"Yusei Sakuraba","orcid":null},"institutions":[{"id":"https://openalex.org/I163770644","display_name":"Okayama University","ror":"https://ror.org/02pc6pc55","country_code":"JP","type":"education","lineage":["https://openalex.org/I163770644"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Yusei Sakuraba","raw_affiliation_strings":["Okayama University,Okayama,Japan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Okayama University,Okayama,Japan","institution_ids":["https://openalex.org/I163770644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075037207","display_name":"Hiroki Inayoshi","orcid":"https://orcid.org/0000-0003-3355-8804"},"institutions":[{"id":"https://openalex.org/I163770644","display_name":"Okayama University","ror":"https://ror.org/02pc6pc55","country_code":"JP","type":"education","lineage":["https://openalex.org/I163770644"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hiroki Inayoshi","raw_affiliation_strings":["Okayama University,Okayama,Japan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Okayama University,Okayama,Japan","institution_ids":["https://openalex.org/I163770644"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024503170","display_name":"Shoichi Saito","orcid":"https://orcid.org/0000-0003-3103-9656"},"institutions":[{"id":"https://openalex.org/I197274945","display_name":"Nagoya Institute of Technology","ror":"https://ror.org/055yf1005","country_code":"JP","type":"education","lineage":["https://openalex.org/I197274945"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Shoichi Saito","raw_affiliation_strings":["Nagoya Institute of Technology,Aichi,Japan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Nagoya Institute of Technology,Aichi,Japan","institution_ids":["https://openalex.org/I197274945"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5078686662","display_name":"Akito Monden","orcid":"https://orcid.org/0000-0003-4295-207X"},"institutions":[{"id":"https://openalex.org/I163770644","display_name":"Okayama University","ror":"https://ror.org/02pc6pc55","country_code":"JP","type":"education","lineage":["https://openalex.org/I163770644"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Akito Monden","raw_affiliation_strings":["Okayama University,Okayama,Japan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Okayama University,Okayama,Japan","institution_ids":["https://openalex.org/I163770644"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.30394584,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"145","last_page":"156"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13999","display_name":"Digital Rights Management and Security","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9923999905586243,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7961999773979187},{"id":"https://openalex.org/keywords/plaintext","display_name":"Plaintext","score":0.7735000252723694},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.7348999977111816},{"id":"https://openalex.org/keywords/consistency","display_name":"Consistency (knowledge bases)","score":0.4984999895095825},{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.4867999851703644},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.4399000108242035},{"id":"https://openalex.org/keywords/data-consistency","display_name":"Data consistency","score":0.375},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.3693000078201294}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7961999773979187},{"id":"https://openalex.org/C92717368","wikidata":"https://www.wikidata.org/wiki/Q1162538","display_name":"Plaintext","level":3,"score":0.7735000252723694},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.7348999977111816},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7203999757766724},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6144000291824341},{"id":"https://openalex.org/C2776436953","wikidata":"https://www.wikidata.org/wiki/Q5163215","display_name":"Consistency (knowledge bases)","level":2,"score":0.4984999895095825},{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.4867999851703644},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.46230000257492065},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.4399000108242035},{"id":"https://openalex.org/C93361087","wikidata":"https://www.wikidata.org/wiki/Q4426698","display_name":"Data consistency","level":2,"score":0.375},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.3693000078201294},{"id":"https://openalex.org/C557945733","wikidata":"https://www.wikidata.org/wiki/Q389772","display_name":"Data transmission","level":2,"score":0.3465999960899353},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.34470000863075256},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.3424000144004822},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3061000108718872},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.29660001397132874},{"id":"https://openalex.org/C3017891749","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android application","level":3,"score":0.29429998993873596},{"id":"https://openalex.org/C2988045736","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android app","level":3,"score":0.2892000079154968},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2802000045776367},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.27140000462532043},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.26409998536109924},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.259799987077713},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.2572999894618988},{"id":"https://openalex.org/C761482","wikidata":"https://www.wikidata.org/wiki/Q118093","display_name":"Transmission (telecommunications)","level":2,"score":0.2531999945640564},{"id":"https://openalex.org/C71901391","wikidata":"https://www.wikidata.org/wiki/Q7126699","display_name":"Upload","level":2,"score":0.2522999942302704}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/scam67354.2025.00022","is_oa":false,"landing_page_url":"https://doi.org/10.1109/scam67354.2025.00022","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Source Code Analysis &amp;amp; Manipulation (SCAM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W2060692877","https://openalex.org/W2108554506","https://openalex.org/W2166743230","https://openalex.org/W2376050373","https://openalex.org/W4223563577","https://openalex.org/W4225091435","https://openalex.org/W4225105530","https://openalex.org/W4283704264","https://openalex.org/W4293783507","https://openalex.org/W4293783549","https://openalex.org/W4312801410","https://openalex.org/W4313563619","https://openalex.org/W4315836263","https://openalex.org/W4323966546","https://openalex.org/W4384304731","https://openalex.org/W4385412223","https://openalex.org/W4385412382","https://openalex.org/W4385412496","https://openalex.org/W4386603793","https://openalex.org/W4388925631","https://openalex.org/W4391631538","https://openalex.org/W4393927885","https://openalex.org/W4396833238","https://openalex.org/W4401871184","https://openalex.org/W4405181945","https://openalex.org/W4408358229","https://openalex.org/W4410475035","https://openalex.org/W4411105461","https://openalex.org/W4411337389"],"related_works":[],"abstract_inverted_index":{"Smartphones":[0],"have":[1],"become":[2],"deeply":[3],"integrated":[4],"into":[5],"daily":[6],"life,":[7],"prompting":[8],"widespread":[9],"concern":[10],"over":[11,82,101],"how":[12],"mobile":[13],"apps":[14,29,90],"handle":[15],"user":[16,31],"data.":[17],"The":[18],"Google":[19],"Play":[20],"Store":[21],"requires":[22],"Android":[23,85],"developers":[24,150],"to":[25,124,175],"disclose":[26,137],"whether":[27],"their":[28,51],"encrypt":[30,125],"data":[32,73,93,126,145],"during":[33],"transmission":[34,74],"via":[35],"a":[36,107,163],"\"secure":[37],"connection\"":[38],"label":[39,158],"in":[40,131,146,156],"the":[41,65,134,138,152,177],"Data":[42],"Safety":[43],"section.":[44],"However,":[45],"these":[46],"labels":[47,70],"are":[48],"self-declared,":[49],"and":[50,96,133,142,167,171],"consistency":[52,66],"with":[53,71],"actual":[54,168],"app":[55,183],"behavior":[56],"remains":[57],"unclear.":[58],"In":[59],"this":[60],"study,":[61],"we":[62],"empirically":[63],"evaluate":[64],"of":[67,110,117,140,151,179],"secure":[68],"connection":[69],"real-world":[72],"practices":[75,170],"by":[76],"dynamically":[77],"analyzing":[78],"network":[79],"traffic":[80],"from":[81],"12,000":[83],"top-ranked":[84],"apps.":[86],"We":[87,148],"identify":[88],"65":[89],"transmitting":[91,128],"sensitive":[92,129,144],"without":[94],"encryption,":[95],"they":[97],"collectively":[98],"account":[99],"for":[100],"5.842":[102],"billion":[103],"installs,":[104],"indicating":[105],"that":[106],"substantial":[108],"number":[109],"users":[111],"may":[112],"be":[113],"affected.":[114],"A":[115],"majority":[116],"them":[118],"(i.e.,":[119],"46":[120],"apps)":[121],"falsely":[122],"claim":[123],"while":[127],"information":[130],"plaintext,":[132],"others":[135],"correctly":[136],"lack":[139],"encryption":[141],"transmit":[143],"plaintext.":[147],"contacted":[149],"inconsistent":[153],"apps,":[154],"resulting":[155],"several":[157],"updates.":[159],"Our":[160],"findings":[161],"reveal":[162],"disconnect":[164],"between":[165],"declared":[166],"security":[169],"offer":[172],"concrete":[173],"recommendations":[174],"improve":[176],"integrity":[178],"privacy":[180],"disclosures":[181],"on":[182],"marketplaces.":[184]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}