{"id":"https://openalex.org/W4400242574","doi":"https://doi.org/10.1145/3643991.3644901","title":"Keep Me Updated: An Empirical Study on Embedded Javascript Engines in Android Apps","display_name":"Keep Me Updated: An Empirical Study on Embedded Javascript Engines in Android Apps","publication_year":2024,"publication_date":"2024-04-15","ids":{"openalex":"https://openalex.org/W4400242574","doi":"https://doi.org/10.1145/3643991.3644901"},"language":"en","primary_location":{"id":"doi:10.1145/3643991.3644901","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3643991.3644901","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 21st International Conference on Mining Software Repositories","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087703163","display_name":"Elliott Wen","orcid":"https://orcid.org/0000-0002-0340-9392"},"institutions":[{"id":"https://openalex.org/I154130895","display_name":"University of Auckland","ror":"https://ror.org/03b94tp07","country_code":"NZ","type":"education","lineage":["https://openalex.org/I154130895"]}],"countries":["NZ"],"is_corresponding":true,"raw_author_name":"Elliott Wen","raw_affiliation_strings":["The University of Auckland, Auckland, New Zealand"],"affiliations":[{"raw_affiliation_string":"The University of Auckland, Auckland, New Zealand","institution_ids":["https://openalex.org/I154130895"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076397001","display_name":"Jiaxiang Zhou","orcid":"https://orcid.org/0009-0007-0504-9478"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Jiaxiang Zhou","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100400376","display_name":"Xiapu Luo","orcid":"https://orcid.org/0000-0002-9082-3208"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Xiapu Luo","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hong Kong, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hong Kong, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072751099","display_name":"Giovanni Russello","orcid":"https://orcid.org/0000-0001-6987-0803"},"institutions":[{"id":"https://openalex.org/I154130895","display_name":"University of Auckland","ror":"https://ror.org/03b94tp07","country_code":"NZ","type":"education","lineage":["https://openalex.org/I154130895"]}],"countries":["NZ"],"is_corresponding":false,"raw_author_name":"Giovanni Russello","raw_affiliation_strings":["University of Auckland, Auckland, New Zealand"],"affiliations":[{"raw_affiliation_string":"University of Auckland, Auckland, New Zealand","institution_ids":["https://openalex.org/I154130895"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075091948","display_name":"Jens Dietrich","orcid":"https://orcid.org/0000-0001-9019-6550"},"institutions":[{"id":"https://openalex.org/I41156924","display_name":"Victoria University of Wellington","ror":"https://ror.org/0040r6f76","country_code":"NZ","type":"education","lineage":["https://openalex.org/I41156924"]}],"countries":["NZ"],"is_corresponding":false,"raw_author_name":"Jens Dietrich","raw_affiliation_strings":["Victoria University of Wellington, Wellington, New Zealand"],"affiliations":[{"raw_affiliation_string":"Victoria University of Wellington, Wellington, New Zealand","institution_ids":["https://openalex.org/I41156924"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5087703163"],"corresponding_institution_ids":["https://openalex.org/I154130895"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.10078723,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"361","last_page":"372"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12799","display_name":"Mobile and Web Applications","score":0.9898999929428101,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.8597766160964966},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8347001075744629},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7647274136543274},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5034710764884949},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.451789915561676},{"id":"https://openalex.org/keywords/empirical-research","display_name":"Empirical research","score":0.4445193409919739}],"concepts":[{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.8597766160964966},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8347001075744629},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7647274136543274},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5034710764884949},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.451789915561676},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.4445193409919739},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3643991.3644901","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3643991.3644901","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 21st International Conference on Mining Software Repositories","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W36948825","https://openalex.org/W2119249378","https://openalex.org/W2148009765","https://openalex.org/W2167661907","https://openalex.org/W2407313496","https://openalex.org/W2529726445","https://openalex.org/W2532717356","https://openalex.org/W2560459036","https://openalex.org/W2735146101","https://openalex.org/W2765843494","https://openalex.org/W2766169223","https://openalex.org/W2789158367","https://openalex.org/W2790170320","https://openalex.org/W2798334860","https://openalex.org/W2801591443","https://openalex.org/W2808406842","https://openalex.org/W2883777656","https://openalex.org/W2883931463","https://openalex.org/W2963923573","https://openalex.org/W2987774250","https://openalex.org/W3036270494","https://openalex.org/W3078296483","https://openalex.org/W3106490093","https://openalex.org/W3133764566","https://openalex.org/W3134814164","https://openalex.org/W3150814957","https://openalex.org/W3205884146","https://openalex.org/W3211023664","https://openalex.org/W4285490441","https://openalex.org/W4296880682","https://openalex.org/W4308391531","https://openalex.org/W4313549796","https://openalex.org/W4387298286","https://openalex.org/W6631155369"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2461078469","https://openalex.org/W123790205","https://openalex.org/W2085515337","https://openalex.org/W3087706721","https://openalex.org/W4287664162","https://openalex.org/W2808406842","https://openalex.org/W1565885216","https://openalex.org/W2208447305","https://openalex.org/W2337406499"],"abstract_inverted_index":{"Although":[0],"JavaScript":[1],"(JS)":[2],"has":[3],"been":[4],"widely":[5],"used":[6],"in":[7,45],"mobile":[8],"development,":[9],"little":[10],"is":[11],"known":[12,109],"about":[13],"the":[14,41,102,148,168],"security":[15,159,175],"implications":[16],"of":[17,87,101,116,122,147],"utilizing":[18],"JS":[19,43,74,128,164],"engines":[20,44,78,105,129],"shipped":[21],"as":[22,134],"native":[23],"app":[24,178],"libraries.":[25],"In":[26],"this":[27],"paper,":[28],"we":[29,142],"conduct":[30],"an":[31],"empirical":[32],"study":[33],"by":[34],"designing":[35],"a":[36],"JS-Inspector":[37],"pipeline":[38],"to":[39,108,120],"identify":[40],"embedded":[42,73,104,163],"Android":[46,56],"apps":[47,57,71,88,118,150],"and":[48,62,76,139,151,173],"assess":[49],"their":[50,77,94,126],"security.":[51],"We":[52,111],"investigate":[53],"over":[54,99],"65,000":[55],"released":[58],"between":[59],"Jan":[60],"2018":[61],"July":[63],"2023.":[64],"The":[65],"results":[66],"show":[67],"that":[68],"many":[69],"popular":[70,117],"use":[72],"engines,":[75],"remain":[79],"outdated":[80],"for":[81,170],"extended":[82],"periods.":[83],"Moreover,":[84],"approximately":[85],"85%":[86],"have":[89],"not":[90],"received":[91],"updates":[92,172],"since":[93],"initial":[95],"release.":[96],"As":[97],"such,":[98],"70%":[100],"identified":[103],"are":[106],"vulnerable":[107],"exploits.":[110],"further":[112],"present":[113],"case":[114],"studies":[115],"catering":[119],"millions":[121],"users.":[123],"By":[124],"exploiting":[125],"unpatched":[127],"through":[130],"various":[131],"strategies,":[132],"such":[133],"man-in-the-middle":[135],"attacks,":[136],"intent":[137],"abuse,":[138],"malicious":[140],"mini-apps,":[141],"can":[143],"easily":[144],"seize":[145],"control":[146],"targeted":[149],"execute":[152],"arbitrary":[153],"code.":[154],"This":[155],"work":[156],"highlights":[157],"critical":[158],"concerns":[160],"associated":[161],"with":[162],"engines.":[165],"It":[166],"emphasizes":[167],"urgency":[169],"timely":[171],"enhanced":[174],"measures":[176],"during":[177],"development.":[179]},"counts_by_year":[],"updated_date":"2025-12-26T23:08:49.675405","created_date":"2025-10-10T00:00:00"}