{"id":"https://openalex.org/W4412620785","doi":"https://doi.org/10.1145/3685528","title":"Understanding Mobile App Reviews to Guide Misuse Audits","display_name":"Understanding Mobile App Reviews to Guide Misuse Audits","publication_year":2025,"publication_date":"2025-07-24","ids":{"openalex":"https://openalex.org/W4412620785","doi":"https://doi.org/10.1145/3685528"},"language":"en","primary_location":{"id":"doi:10.1145/3685528","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3685528","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3685528","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3685528","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086156118","display_name":"Vaibhav Garg","orcid":"https://orcid.org/0009-0007-4917-2515"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vaibhav Garg","raw_affiliation_strings":["North Carolina State University, Social AI Lab, Raleigh, North Carolina, United States"],"raw_orcid":"https://orcid.org/0009-0007-4917-2515","affiliations":[{"raw_affiliation_string":"North Carolina State University, Social AI Lab, Raleigh, North Carolina, United States","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052094601","display_name":"Hui Guo","orcid":"https://orcid.org/0000-0003-4887-6354"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hui Guo","raw_affiliation_strings":["Quora, California, California, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Quora, California, California, United States","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024218069","display_name":"Nirav Ajmeri","orcid":"https://orcid.org/0000-0003-3627-097X"},"institutions":[{"id":"https://openalex.org/I36234482","display_name":"University of Bristol","ror":"https://ror.org/0524sp257","country_code":"GB","type":"education","lineage":["https://openalex.org/I36234482"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Nirav Ajmeri","raw_affiliation_strings":["University of Bristol, Bristol, Bristol, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Bristol, Bristol, Bristol, United Kingdom","institution_ids":["https://openalex.org/I36234482"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046430194","display_name":"Saikath Bhattacharya","orcid":"https://orcid.org/0000-0002-7986-1641"},"institutions":[{"id":"https://openalex.org/I50702494","display_name":"Milwaukee School of Engineering","ror":"https://ror.org/04h7cfr36","country_code":"US","type":"education","lineage":["https://openalex.org/I50702494"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Saikath Bhattacharya","raw_affiliation_strings":["Milwaukee School of Engineering, Milwaukee, Wisconsin, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Milwaukee School of Engineering, Milwaukee, Wisconsin, United States","institution_ids":["https://openalex.org/I50702494"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020679327","display_name":"Munindar P. Singh","orcid":"https://orcid.org/0000-0003-3599-3893"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Munindar P. Singh","raw_affiliation_strings":["North Carolina State University, Social AI Lab, Raleigh, North Carolina, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"North Carolina State University, Social AI Lab, Raleigh, North Carolina, United States","institution_ids":["https://openalex.org/I137902535"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18481281,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"68","issue":"8","first_page":"62","last_page":"71"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.6476138830184937},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.6451963186264038},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5544612407684326},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.38751035928726196},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3755418658256531},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.29144132137298584},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2842383086681366},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.17072126269340515}],"concepts":[{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.6476138830184937},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.6451963186264038},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5544612407684326},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.38751035928726196},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3755418658256531},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.29144132137298584},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2842383086681366},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.17072126269340515}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3685528","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3685528","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3685528","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3685528","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3685528","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3685528","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G106298974","display_name":"Equitable privacy","funder_award_id":"EP/W025361/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320306078","display_name":"U.S. Department of Defense","ror":"https://ror.org/0447fe631"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4412620785.pdf","grobid_xml":"https://content.openalex.org/works/W4412620785.grobid-xml"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W1491356120","https://openalex.org/W2060646286","https://openalex.org/W2069268700","https://openalex.org/W2075566100","https://openalex.org/W2112143630","https://openalex.org/W2122347864","https://openalex.org/W2735683705","https://openalex.org/W2757826646","https://openalex.org/W2794995912","https://openalex.org/W2898081700","https://openalex.org/W2933817227","https://openalex.org/W2951035739","https://openalex.org/W2985186227","https://openalex.org/W3015248122","https://openalex.org/W3029022248","https://openalex.org/W3084027408","https://openalex.org/W3088691441","https://openalex.org/W3091053693","https://openalex.org/W3135804521","https://openalex.org/W3161583595","https://openalex.org/W3197001686","https://openalex.org/W3209096362","https://openalex.org/W4283809908","https://openalex.org/W4285252511","https://openalex.org/W6911585942"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2808363712"],"abstract_inverted_index":{"Problem:":[0],"We":[1,30,55],"address":[2],"the":[3,32,84,122,148],"challenge":[4],"in":[5],"responsible":[6],"computing":[7],"where":[8],"an":[9],"exploitable":[10,48,61,88,145,157,163,171],"mobile":[11],"app":[12,17,57],"is":[13],"misused":[14],"by":[15,104,115,129],"one":[16],"user":[18,24],"(an":[19],"abuser":[20],")":[21],"against":[22],"another":[23],"or":[25],"bystander":[26],"(":[27],"victim":[28],").":[29],"introduce":[31],"idea":[33],"of":[34,38,43,100,162,179,183],"a":[35,41,72,180],"misuse":[36,177],"audit":[37],"apps":[39,62,89,146,158,172],"as":[40],"way":[42],"determining":[44],"if":[45],"they":[46],"are":[47],"without":[49],"access":[50],"to":[51,59,75],"their":[52,64,91,174],"implementation.":[53],"Method:":[54],"leverage":[56],"reviews":[58,78,128],"identify":[60,76,87,119,170],"and":[63,90,106,173],"functionalities":[65],"that":[66],"enable":[67],"misuse.":[68,125,149],"First,":[69],"we":[70,86,94,142,155],"build":[71],"computational":[73],"model":[74],"alarming":[77],"(which":[79],"report":[80],"misuse).":[81],"Second,":[82],"using":[83],"model,":[85],"functionalities.":[92,164],"Third,":[93],"validate":[95],"them":[96],"through":[97],"manual":[98],"inspection":[99],"reviews.":[101],"Findings:":[102],"Stories":[103],"abusers":[105],"victims":[107],"mostly":[108,118],"focus":[109],"on":[110,151],"past":[111],"misuses,":[112],"whereas":[113],"stories":[114,120],"third":[116],"parties":[117],"indicating":[121],"potential":[123],"for":[124],"Surprisingly,":[126],"positive":[127],"abusers,":[130],"which":[131],"exhibit":[132],"language":[133],"with":[134],"high":[135],"dominance,":[136],"also":[137],"reveal":[138],"misuses.":[139],"In":[140],"total,":[141],"confirmed":[143],"156":[144],"facilitating":[147,176],"Based":[150],"our":[152],"qualitative":[153],"analysis,":[154],"found":[156],"exhibiting":[159],"four":[160],"types":[161],"Implications:":[165],"Our":[166],"method":[167],"can":[168],"help":[169],"functionalities,":[175],"audits":[178],"large":[181],"pool":[182],"apps.":[184]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}