{"id":"https://openalex.org/W2741823044","doi":"https://doi.org/10.1145/3121264.3121265","title":"Mining mobile app markets for prioritization of security assessment effort","display_name":"Mining mobile app markets for prioritization of security assessment effort","publication_year":2017,"publication_date":"2017-08-01","ids":{"openalex":"https://openalex.org/W2741823044","doi":"https://doi.org/10.1145/3121264.3121265","mag":"2741823044"},"language":"en","primary_location":{"id":"doi:10.1145/3121264.3121265","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3121264.3121265","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3121265&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd ACM SIGSOFT International Workshop on App Market Analytics","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=3121265&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5049093194","display_name":"Alireza Sadeghi","orcid":"https://orcid.org/0000-0002-5817-3911"},"institutions":[{"id":"https://openalex.org/I204250578","display_name":"University of California, Irvine","ror":"https://ror.org/04gyf1771","country_code":"US","type":"education","lineage":["https://openalex.org/I204250578"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Alireza Sadeghi","raw_affiliation_strings":["University of California at Irvine, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Irvine, USA","institution_ids":["https://openalex.org/I204250578"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111842903","display_name":"Naeem Esfahani","orcid":null},"institutions":[{"id":"https://openalex.org/I1291425158","display_name":"Google (United States)","ror":"https://ror.org/00njsd438","country_code":"US","type":"company","lineage":["https://openalex.org/I1291425158","https://openalex.org/I4210128969"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Naeem Esfahani","raw_affiliation_strings":["Google, USA"],"affiliations":[{"raw_affiliation_string":"Google, USA","institution_ids":["https://openalex.org/I1291425158"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5004407813","display_name":"Sam Malek","orcid":"https://orcid.org/0000-0001-6152-7402"},"institutions":[{"id":"https://openalex.org/I204250578","display_name":"University of California, Irvine","ror":"https://ror.org/04gyf1771","country_code":"US","type":"education","lineage":["https://openalex.org/I204250578"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sam Malek","raw_affiliation_strings":["University of California at Irvine, USA"],"affiliations":[{"raw_affiliation_string":"University of California at Irvine, USA","institution_ids":["https://openalex.org/I204250578"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5049093194"],"corresponding_institution_ids":["https://openalex.org/I204250578"],"apc_list":null,"apc_paid":null,"fwci":0.1849,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.44607742,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8175010681152344},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.7265802025794983},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.6676773428916931},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.6444600224494934},{"id":"https://openalex.org/keywords/prioritization","display_name":"Prioritization","score":0.6157634258270264},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5839781165122986},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5426571369171143},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5379593372344971},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.4888414740562439},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.41359743475914},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.32742273807525635},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.28146809339523315},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.133896142244339},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12730613350868225}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8175010681152344},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.7265802025794983},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.6676773428916931},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.6444600224494934},{"id":"https://openalex.org/C2777615720","wikidata":"https://www.wikidata.org/wiki/Q11888847","display_name":"Prioritization","level":2,"score":0.6157634258270264},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5839781165122986},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5426571369171143},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5379593372344971},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.4888414740562439},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.41359743475914},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.32742273807525635},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.28146809339523315},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.133896142244339},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12730613350868225},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3121264.3121265","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3121264.3121265","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3121265&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd ACM SIGSOFT International Workshop on App Market Analytics","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3121264.3121265","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3121264.3121265","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3121265&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd ACM SIGSOFT International Workshop on App Market Analytics","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3497170870","display_name":null,"funder_award_id":"CCF-1252644 and CCF-1217503","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3772943231","display_name":null,"funder_award_id":"W911NF-09-1-0273","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G7830792800","display_name":null,"funder_award_id":"D11AP00282","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320338281","display_name":"Army Research Office","ror":"https://ror.org/05epdh915"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2741823044.pdf","grobid_xml":"https://content.openalex.org/works/W2741823044.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W81879861","https://openalex.org/W179367048","https://openalex.org/W1496222301","https://openalex.org/W1565377632","https://openalex.org/W1994588724","https://openalex.org/W1999784982","https://openalex.org/W2003212765","https://openalex.org/W2041276426","https://openalex.org/W2043837581","https://openalex.org/W2044428238","https://openalex.org/W2100149279","https://openalex.org/W2131169221","https://openalex.org/W2139810625","https://openalex.org/W2154398797","https://openalex.org/W2156744053","https://openalex.org/W2161769853","https://openalex.org/W2168649891","https://openalex.org/W2529696250","https://openalex.org/W2536155187","https://openalex.org/W2914982603","https://openalex.org/W2969501138","https://openalex.org/W3142482686","https://openalex.org/W4225591807"],"related_works":["https://openalex.org/W1978034799","https://openalex.org/W4384518368","https://openalex.org/W2141388993","https://openalex.org/W2155353733","https://openalex.org/W2504659933","https://openalex.org/W2039943835","https://openalex.org/W2293245356","https://openalex.org/W1981466760","https://openalex.org/W1486481742","https://openalex.org/W2106371080"],"abstract_inverted_index":{"Like":[0],"any":[1],"other":[2],"software":[3,11,110],"engineering":[4],"activity,":[5],"assessing":[6],"the":[7,15,19,24,42,45,98,105,128,142,164,171,180,184],"security":[8,38],"of":[9,44,49,62,78,130,144,153,159,163,173],"a":[10,150],"system":[12],"entails":[13],"prioritizing":[14],"resources":[16],"and":[17,30,65,70,81,135,175,178],"minimizing":[18],"risks.":[20],"Techniques":[21],"ranging":[22],"from":[23,94],"manual":[25,71,181],"inspection":[26,72],"to":[27,36,41,59,86,126,140,169],"automated":[28],"static":[29,55,174],"dynamic":[31,68,176],"analyses":[32],"are":[33,73,116,147,167],"commonly":[34],"employed":[35],"identify":[37],"vulnerabilities":[39,95,134,145],"prior":[40],"release":[43],"software.":[46],"However,":[47],"none":[48],"these":[50,88],"techniques":[51,89],"is":[52,57],"perfect,":[53],"as":[54],"analysis":[56,69],"prone":[58],"producing":[60],"lots":[61],"false":[63],"positives":[64],"negatives,":[66],"while":[67],"unwieldy,":[74],"both":[75],"in":[76,97,112,149],"terms":[77],"required":[79],"time":[80],"cost.":[82],"This":[83],"research":[84],"aims":[85],"improve":[87,170],"by":[90],"mining":[91],"relevant":[92],"information":[93,160],"found":[96],"app":[99],"markets.":[100],"The":[101],"approach":[102],"relies":[103],"on":[104,183],"fact":[106],"that":[107,146],"many":[108],"modern":[109],"systems,":[111],"particular":[113],"mobile":[114],"software,":[115],"developed":[117],"using":[118],"rich":[119],"application":[120],"development":[121],"frameworks":[122],"(ADF),":[123],"allowing":[124],"us":[125],"raise":[127],"level":[129],"abstraction":[131],"for":[132],"detecting":[133],"thereby":[136],"making":[137],"it":[138],"possible":[139],"classify":[141],"types":[143],"encountered":[148],"given":[151],"category":[152],"application.":[154],"By":[155],"coupling":[156],"this":[157],"type":[158],"with":[161],"severity":[162],"vulnerabilities,":[165],"we":[166],"able":[168],"efficiency":[172],"analyses,":[177],"target":[179],"effort":[182],"riskiest":[185],"vulnerabilities.":[186]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}