{"id":"https://openalex.org/W2962992914","doi":"https://doi.org/10.1145/3321408.3326665","title":"DCDroid","display_name":"DCDroid","publication_year":2019,"publication_date":"2019-05-17","ids":{"openalex":"https://openalex.org/W2962992914","doi":"https://doi.org/10.1145/3321408.3326665","mag":"2962992914"},"language":"en","primary_location":{"id":"doi:10.1145/3321408.3326665","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3321408.3326665","pdf_url":null,"source":{"id":"https://openalex.org/S4306523950","display_name":"Proceedings of the ACM Turing Celebration Conference - China","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Turing Celebration Conference - China","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100349995","display_name":"Yingjie Wang","orcid":"https://orcid.org/0000-0001-8792-8570"},"institutions":[{"id":"https://openalex.org/I21193070","display_name":"Beijing Jiaotong University","ror":"https://ror.org/01yj56c84","country_code":"CN","type":"education","lineage":["https://openalex.org/I21193070"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yingjie Wang","raw_affiliation_strings":["Beijing Jiaotong University"],"affiliations":[{"raw_affiliation_string":"Beijing Jiaotong University","institution_ids":["https://openalex.org/I21193070"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100381433","display_name":"Xing Liu","orcid":"https://orcid.org/0000-0001-6531-5001"},"institutions":[{"id":"https://openalex.org/I21193070","display_name":"Beijing Jiaotong University","ror":"https://ror.org/01yj56c84","country_code":"CN","type":"education","lineage":["https://openalex.org/I21193070"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xing Liu","raw_affiliation_strings":["Beijing Jiaotong University"],"affiliations":[{"raw_affiliation_string":"Beijing Jiaotong University","institution_ids":["https://openalex.org/I21193070"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071959448","display_name":"Weixuan Mao","orcid":"https://orcid.org/0000-0002-6123-616X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Weixuan Mao","raw_affiliation_strings":["Coordination Center of China"],"affiliations":[{"raw_affiliation_string":"Coordination Center of China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100777576","display_name":"Wei Wang","orcid":"https://orcid.org/0000-0002-5974-1589"},"institutions":[{"id":"https://openalex.org/I71920554","display_name":"King Abdullah University of Science and Technology","ror":"https://ror.org/01q3tbs38","country_code":"SA","type":"education","lineage":["https://openalex.org/I71920554"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Wei Wang","raw_affiliation_strings":["Beijing Jiaotong University and King Abdullah University of Science and Technology (KAUST) Thuwal, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"Beijing Jiaotong University and King Abdullah University of Science and Technology (KAUST) Thuwal, Saudi Arabia","institution_ids":["https://openalex.org/I71920554"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100349995"],"corresponding_institution_ids":["https://openalex.org/I21193070"],"apc_list":null,"apc_paid":null,"fwci":1.7124,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.8395574,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.987500011920929,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8307825326919556},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.6917731761932373},{"id":"https://openalex.org/keywords/transport-layer-security","display_name":"Transport Layer Security","score":0.6640943288803101},{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.6632445454597473},{"id":"https://openalex.org/keywords/man-in-the-middle-attack","display_name":"Man-in-the-middle attack","score":0.6342378258705139},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.6314855813980103},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6071255207061768},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.512519359588623},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.4913248121738434},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.44924822449684143},{"id":"https://openalex.org/keywords/application-security","display_name":"Application security","score":0.4336729645729065},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.28666436672210693},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.22967642545700073},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.19084137678146362},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.18220090866088867},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.17518889904022217},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.16098028421401978},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.12219396233558655},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.09130901098251343},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.08170732855796814}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8307825326919556},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.6917731761932373},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.6640943288803101},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.6632445454597473},{"id":"https://openalex.org/C196491621","wikidata":"https://www.wikidata.org/wiki/Q554830","display_name":"Man-in-the-middle attack","level":3,"score":0.6342378258705139},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.6314855813980103},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6071255207061768},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.512519359588623},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.4913248121738434},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.44924822449684143},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.4336729645729065},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.28666436672210693},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.22967642545700073},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.19084137678146362},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.18220090866088867},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.17518889904022217},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.16098028421401978},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.12219396233558655},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.09130901098251343},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.08170732855796814},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3321408.3326665","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3321408.3326665","pdf_url":null,"source":{"id":"https://openalex.org/S4306523950","display_name":"Proceedings of the ACM Turing Celebration Conference - China","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Turing Celebration Conference - China","raw_type":"proceedings-article"},{"id":"pmh:oai:repository.kaust.edu.sa:10754/660597","is_oa":false,"landing_page_url":"http://hdl.handle.net/10754/660597","pdf_url":null,"source":{"id":"https://openalex.org/S4306401596","display_name":"King Abdullah University of Science and Technology Repository (King Abdullah University of Science and Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I71920554","host_organization_name":"King Abdullah University of Science and Technology","host_organization_lineage":["https://openalex.org/I71920554"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Paper"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1231421488","display_name":null,"funder_award_id":"under","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3120769444","display_name":null,"funder_award_id":"U1736114","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W1517949462","https://openalex.org/W1699449651","https://openalex.org/W1865564993","https://openalex.org/W2013856010","https://openalex.org/W2045057497","https://openalex.org/W2068583268","https://openalex.org/W2087970742","https://openalex.org/W2103370348","https://openalex.org/W2145994642","https://openalex.org/W2146752727","https://openalex.org/W2166743230","https://openalex.org/W2350778671","https://openalex.org/W2403058635","https://openalex.org/W2574022511","https://openalex.org/W2599393174","https://openalex.org/W2611461819","https://openalex.org/W2613541621","https://openalex.org/W2800912855","https://openalex.org/W2802756541","https://openalex.org/W2809739892","https://openalex.org/W2906139053","https://openalex.org/W2919545980","https://openalex.org/W2931968245","https://openalex.org/W2964036702","https://openalex.org/W4244726870"],"related_works":["https://openalex.org/W2572573095","https://openalex.org/W2076357705","https://openalex.org/W4385671684","https://openalex.org/W2944340562","https://openalex.org/W2605858460","https://openalex.org/W2801930800","https://openalex.org/W2509010417","https://openalex.org/W2983839871","https://openalex.org/W199411532","https://openalex.org/W2962992914"],"abstract_inverted_index":{"Current":[0],"Android":[1,31,89,105,273],"applications":[2],"(apps)":[3],"often":[4],"use":[5],"Security":[6],"Socket":[7],"Layer(SSL)/Transport":[8],"Layer":[9],"Security(TLS)":[10],"protocols":[11],"to":[12,34,81,154,221,248,272,277],"transmit":[13],"users'":[14],"information,":[15],"as":[16],"the":[17,22,39,108,126,141,149,156,165,199,205,228,256,260,280],"implementation":[18,85,200],"of":[19,24,41,86,110,121,143,158,201,215,234,243,259],"SSL/TLS":[20,37,87,100,250,269,281],"secures":[21],"transmission":[23],"sensitive":[25],"information.":[26],"However,":[27],"for":[28],"various":[29],"reasons,":[30],"developers":[32,274],"fail":[33],"properly":[35],"implement":[36],"during":[38],"development":[40],"an":[42],"app,":[43],"resulting":[44],"in":[45,69,84,88,104,131,198,275],"security":[46,196],"risks.":[47,251],"The":[48,160,186],"improper":[49,65],"implementations":[50,66],"include":[51],"trusting":[52,55],"all":[53,56],"certificates,":[54],"domain":[57],"names,":[58],"or":[59,72],"ignoring":[60],"certificate":[61,270,282],"verification":[62,102,271,283],"errors.":[63],"These":[64],"may":[67],"result":[68],"Man-In-The-Middle(MITM)":[70],"attacks":[71],"phishing":[73,224],"attacks.":[74,225],"In":[75,136],"this":[76],"work,":[77],"we":[78,139,174,208,239],"are":[79,218,245],"motivated":[80],"detect":[82],"vulnerabilities":[83,103],"apps":[90,132,177,183,193,217,242],"by":[91,204],"designing":[92],"and":[93,113,124,168,181,223,231],"implementing":[94],"a":[95],"tool":[96],"called":[97],"DCDroid":[98,173],"(Detecting":[99],"Certificate":[101],"apps)":[106],"with":[107,133,151,279],"combination":[109],"static":[111,134,152,166,206],"analysis":[112,153,162,167],"dynamic":[114,137,161],"analysis.":[115,135],"We":[116,252,265],"focus":[117],"on":[118,148,268],"four":[119],"types":[120],"vulnerable":[122,128,220,237],"schema":[123],"locate":[125],"potential":[127,195],"code":[129],"snippets":[130],"analysis,":[138,207],"prioritize":[140],"triggering":[142],"User":[144],"Interface(UI)":[145],"components":[146],"based":[147],"results":[150,188],"confirm":[155,210],"misuse":[157],"SSL/TLS.":[159,202],"benefits":[163],"from":[164,178,184],"removes":[169],"false":[170],"positives.":[171],"With":[172],"analyze":[175],"960":[176],"Google":[179],"Play":[180],"1253":[182],"360app.":[185],"experimental":[187],"show":[189],"that":[190,211,241,255],"457":[191],"(20.65%)":[192],"contain":[194],"risks":[197],"Guided":[203],"further":[209],"248":[212],"(11.21%)":[213],"out":[214],"2213":[216],"truly":[219],"MITM":[222],"By":[226],"analyzing":[227],"categories,":[229],"ranks":[230],"version":[232],"evolution":[233],"these":[235],"detected":[236],"apps,":[238],"find":[240,254],"News&Books":[244],"more":[246],"likely":[247],"introduce":[249],"also":[253],"fix":[257],"cycle":[258],"risk":[261],"is":[262],"very":[263],"long.":[264],"provide":[266],"suggestions":[267],"order":[276],"deal":[278],"vulnerabilities.":[284]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2026-04-13T07:58:08.660418","created_date":"2019-07-30T00:00:00"}