{"id":"https://openalex.org/W4400484866","doi":"https://doi.org/10.1145/3663529.3663824","title":"Automated End-to-End Dynamic Taint Analysis for WhatsApp","display_name":"Automated End-to-End Dynamic Taint Analysis for WhatsApp","publication_year":2024,"publication_date":"2024-07-10","ids":{"openalex":"https://openalex.org/W4400484866","doi":"https://doi.org/10.1145/3663529.3663824"},"language":"en","primary_location":{"id":"doi:10.1145/3663529.3663824","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3663529.3663824","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5098959742","display_name":"Sopot Cela","orcid":"https://orcid.org/0009-0002-1396-1049"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Sopot Cela","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035353472","display_name":"Andrea Ciancone","orcid":"https://orcid.org/0009-0007-2990-6366"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Andrea Ciancone","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018662273","display_name":"Per Gustafsson","orcid":"https://orcid.org/0009-0006-0682-5056"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Per Gustafsson","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020279781","display_name":"\u00c1kos Hajdu","orcid":"https://orcid.org/0000-0001-8001-8865"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"\u00c1kos Hajdu","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050661929","display_name":"Yue Jia","orcid":"https://orcid.org/0009-0004-2871-2285"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Yue Jia","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029380246","display_name":"Timotej Kapus","orcid":"https://orcid.org/0009-0002-8261-9650"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Timotej Kapus","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100494965","display_name":"Maksym Koshtenko","orcid":"https://orcid.org/0009-0006-4316-316X"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Maksym Koshtenko","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086568489","display_name":"W B LEWIS","orcid":"https://orcid.org/0009-0001-7615-5709"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Will Lewis","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014851285","display_name":"Ke Mao","orcid":"https://orcid.org/0000-0003-3956-9184"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Ke Mao","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100494964","display_name":"Dragos Martac","orcid":"https://orcid.org/0009-0003-1797-4645"},"institutions":[{"id":"https://openalex.org/I4210111288","display_name":"Meta (United Kingdom)","ror":"https://ror.org/020ye1821","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210111288","https://openalex.org/I4210114444"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Dragos Martac","raw_affiliation_strings":["Meta, London, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Meta, London, United Kingdom","institution_ids":["https://openalex.org/I4210111288"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5098959742"],"corresponding_institution_ids":["https://openalex.org/I4210111288"],"apc_list":null,"apc_paid":null,"fwci":0.6884,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.66267423,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"21","last_page":"26"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9940999746322632,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/end-to-end-principle","display_name":"End-to-end principle","score":0.6611319184303284},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.653913140296936},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6524319648742676},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2643824815750122},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.22256645560264587},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.051438212394714355}],"concepts":[{"id":"https://openalex.org/C74296488","wikidata":"https://www.wikidata.org/wiki/Q2527392","display_name":"End-to-end principle","level":2,"score":0.6611319184303284},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.653913140296936},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6524319648742676},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2643824815750122},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.22256645560264587},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.051438212394714355}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3663529.3663824","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3663529.3663824","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1983189940","https://openalex.org/W1996256636","https://openalex.org/W2125357166","https://openalex.org/W2138788987","https://openalex.org/W2147478478","https://openalex.org/W2463553622","https://openalex.org/W2794864670","https://openalex.org/W2888272748","https://openalex.org/W3108350045","https://openalex.org/W3131125225","https://openalex.org/W3193330042","https://openalex.org/W3195440983","https://openalex.org/W4244726870","https://openalex.org/W4282550244","https://openalex.org/W4294841234","https://openalex.org/W4383898419","https://openalex.org/W4384345690","https://openalex.org/W4389164865","https://openalex.org/W4389208992","https://openalex.org/W4399213670","https://openalex.org/W4399214554"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2029684113","https://openalex.org/W2060629665","https://openalex.org/W3154138117","https://openalex.org/W2063408151","https://openalex.org/W3179968364","https://openalex.org/W3144105599","https://openalex.org/W999383042","https://openalex.org/W2893160992"],"abstract_inverted_index":{"Taint":[0],"analysis":[1,25],"aims":[2],"to":[3,34,85,89,118],"track":[4,50],"data":[5,42,51],"flows":[6,67,95,107],"in":[7,68],"systems,":[8],"with":[9],"potential":[10],"use":[11,30],"cases":[12],"for":[13,27],"security,":[14],"privacy":[15],"and":[16,38,47,58,82,101],"performance.":[17],"This":[18],"paper":[19],"describes":[20],"an":[21],"end-to-end":[22],"dynamic":[23],"taint":[24],"solution":[26],"WhatsApp.":[28],"We":[29],"exploratory":[31],"UI":[32],"testing":[33],"generate":[35],"realistic":[36],"interactions":[37],"inputs,":[39],"serving":[40],"as":[41],"sources":[43],"on":[44,55,78],"the":[45,69],"clients":[46],"then":[48],"we":[49],"propagation":[52],"towards":[53],"sinks":[54],"both":[56],"client":[57],"server":[59],"sides.":[60],"Finally,":[61],"a":[62],"reporting":[63],"pipeline":[64],"localizes":[65],"tainted":[66],"source":[70],"code,":[71],"applies":[72],"deduplication,":[73],"filters":[74],"false":[75],"positives":[76],"based":[77],"production":[79],"call":[80],"sites,":[81],"files":[83],"tasks":[84],"code":[86],"owners.":[87],"Applied":[88],"WhatsApp,":[90],"our":[91],"approach":[92],"found":[93],"89":[94],"that":[96,108,113],"were":[97],"fixed":[98],"by":[99,120],"engineers,":[100],"caught":[102],"50%":[103],"of":[104],"all":[105],"privacy-related":[106],"required":[109],"escalation,":[110],"including":[111],"instances":[112],"would":[114],"have":[115],"been":[116],"difficult":[117],"uncover":[119],"conventional":[121],"testing.":[122]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-06T07:47:59.780226","created_date":"2025-10-10T00:00:00"}