{"id":"https://openalex.org/W4405673538","doi":"https://doi.org/10.1145/3709351","title":"<scp>MiniScope</scp> : Automated UI Exploration and Privacy Inconsistency Detection of MiniApps <i>via</i> Two-phase Iterative Hybrid Analysis","display_name":"<scp>MiniScope</scp> : Automated UI Exploration and Privacy Inconsistency Detection of MiniApps <i>via</i> Two-phase Iterative Hybrid Analysis","publication_year":2024,"publication_date":"2024-12-21","ids":{"openalex":"https://openalex.org/W4405673538","doi":"https://doi.org/10.1145/3709351"},"language":"en","primary_location":{"id":"doi:10.1145/3709351","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3709351","pdf_url":null,"source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029601880","display_name":"Shenao Wang","orcid":"https://orcid.org/0000-0003-3818-3343"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Shenao Wang","raw_affiliation_strings":["Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","Huazhong University of Science and Technology, China"],"affiliations":[{"raw_affiliation_string":"Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"Huazhong University of Science and Technology, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068561556","display_name":"Yuekang Li","orcid":"https://orcid.org/0000-0003-4382-0757"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yuekang Li","raw_affiliation_strings":["University of New South Wales, Sydney, Australia","University of New South Wales, Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales, Sydney, Australia","institution_ids":["https://openalex.org/I31746571"]},{"raw_affiliation_string":"University of New South Wales, Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000432413","display_name":"Kailong Wang","orcid":"https://orcid.org/0000-0002-3977-6573"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kailong Wang","raw_affiliation_strings":["Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","Huazhong University of Science and Technology, China"],"affiliations":[{"raw_affiliation_string":"Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"Huazhong University of Science and Technology, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100330541","display_name":"Yi Liu","orcid":"https://orcid.org/0000-0002-4978-127X"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yi Liu","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore","Nanyang Technological University, Singapore"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]},{"raw_affiliation_string":"Nanyang Technological University, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024453724","display_name":"Hui Li","orcid":"https://orcid.org/0000-0001-8310-7169"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hui Li","raw_affiliation_strings":["School of Cyber Engineering, Xidian University, Xian, China","Xidian University, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Engineering, Xidian University, Xian, China","institution_ids":["https://openalex.org/I149594827"]},{"raw_affiliation_string":"Xidian University, China","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore","Nanyang Technological University, Singapore"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]},{"raw_affiliation_string":"Nanyang Technological University, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5115695530","display_name":"Haoyu Wang","orcid":"https://orcid.org/0000-0003-1100-8633"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haoyu Wang","raw_affiliation_strings":["Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","Huazhong University of Science and Technology, China"],"affiliations":[{"raw_affiliation_string":"Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"Huazhong University of Science and Technology, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5029601880"],"corresponding_institution_ids":["https://openalex.org/I47720641"],"apc_list":null,"apc_paid":null,"fwci":0.615,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.69761649,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":"34","issue":"6","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12238","display_name":"Green IT and Sustainability","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12238","display_name":"Green IT and Sustainability","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9837999939918518,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7968305349349976},{"id":"https://openalex.org/keywords/callback","display_name":"Callback","score":0.726908802986145},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4948875308036804},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.47800174355506897},{"id":"https://openalex.org/keywords/privacy-by-design","display_name":"Privacy by Design","score":0.4392525851726532},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.4126075804233551}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7968305349349976},{"id":"https://openalex.org/C204495577","wikidata":"https://www.wikidata.org/wiki/Q1205349","display_name":"Callback","level":2,"score":0.726908802986145},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4948875308036804},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.47800174355506897},{"id":"https://openalex.org/C193934123","wikidata":"https://www.wikidata.org/wiki/Q7246028","display_name":"Privacy by Design","level":3,"score":0.4392525851726532},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.4126075804233551},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3709351","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3709351","pdf_url":null,"source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"},{"id":"pmh:oai:dr.ntu.edu.sg:10356/207528","is_oa":false,"landing_page_url":"https://hdl.handle.net/10356/207528","pdf_url":null,"source":{"id":"https://openalex.org/S4306402609","display_name":"DR-NTU (Nanyang Technological University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172675005","host_organization_name":"Nanyang Technological University","host_organization_lineage":["https://openalex.org/I172675005"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Journal Article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.49000000953674316,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1466374541","display_name":null,"funder_award_id":"62072046, 62302181, 62302176","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2802911279","display_name":null,"funder_award_id":"Young","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3481324499","display_name":null,"funder_award_id":"62302176","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7608752429","display_name":null,"funder_award_id":"Talent","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7659621868","display_name":null,"funder_award_id":"62072046","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320320924","display_name":"Schweizerischer Nationalfonds zur F\u00f6rderung der Wissenschaftlichen Forschung","ror":"https://ror.org/00yjd3n13"},{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W40327287","https://openalex.org/W1992114977","https://openalex.org/W2166743230","https://openalex.org/W2376050373","https://openalex.org/W2794864670","https://openalex.org/W2806439814","https://openalex.org/W2808617203","https://openalex.org/W3097802856","https://openalex.org/W3121930976","https://openalex.org/W3130179069","https://openalex.org/W3169031765","https://openalex.org/W3190695173","https://openalex.org/W3214522776","https://openalex.org/W4205596332","https://openalex.org/W4234590960","https://openalex.org/W4239249613","https://openalex.org/W4240601173","https://openalex.org/W4281666641","https://openalex.org/W4284666087","https://openalex.org/W4284690649","https://openalex.org/W4285586701","https://openalex.org/W4308391531","https://openalex.org/W4311000454","https://openalex.org/W4313563535","https://openalex.org/W4380687292","https://openalex.org/W4380992530","https://openalex.org/W4380993336","https://openalex.org/W4381082394","https://openalex.org/W4384302769","https://openalex.org/W4384345632","https://openalex.org/W4384811674","https://openalex.org/W4384948702","https://openalex.org/W4385413429","https://openalex.org/W4388483160","https://openalex.org/W4388958893","https://openalex.org/W4388958908","https://openalex.org/W4388958910","https://openalex.org/W4403391441","https://openalex.org/W4403536199","https://openalex.org/W4404515036","https://openalex.org/W4405181950","https://openalex.org/W4405183504"],"related_works":["https://openalex.org/W2118333568","https://openalex.org/W2101582069","https://openalex.org/W2994243660","https://openalex.org/W3091445850","https://openalex.org/W2675231964","https://openalex.org/W2588852483","https://openalex.org/W2747442008","https://openalex.org/W2127814706","https://openalex.org/W315296216","https://openalex.org/W2954872289"],"abstract_inverted_index":{"The":[0,150],"advent":[1],"of":[2,17,59,93,120,128,137,157,195],"MiniApps,":[3],"operating":[4],"within":[5],"larger":[6],"SuperApps,":[7],"has":[8,29],"revolutionized":[9],"user":[10,64],"experiences":[11],"by":[12,98],"offering":[13],"a":[14,57,76,117],"wide":[15],"range":[16],"services":[18],"without":[19],"the":[20,85,91,125,182,193],"need":[21,184],"for":[22,84,116,185],"individual":[23],"app":[24],"downloads.":[25],"However,":[26],"this":[27,69],"convenience":[28],"raised":[30],"significant":[31,153],"privacy":[32,46,50,65,122,148,188,201],"concerns,":[33],"as":[34],"these":[35],"MiniApps":[36,140,158],"often":[37],"require":[38],"access":[39],"to":[40,45,62,173,198],"sensitive":[41],"data,":[42],"potentially":[43],"leading":[44],"violations.":[47],"Despite":[48],"existing":[49,94],"regulations":[51],"and":[52,109,131,162,191],"platform":[53],"guidelines,":[54],"there":[55],"is":[56],"lack":[58],"effective":[60],"mechanisms":[61],"safeguard":[63],"fully.":[66],"To":[67],"address":[68],"critical":[70],"gap,":[71],"we":[72],"introduce":[73],"MiniScope":[74,142],",":[75],"novel":[77],"two-phase":[78],"hybrid":[79],"analysis":[80,96],"approach,":[81],"specifically":[82],"designed":[83],"MiniApp":[86],"environment.":[87],"This":[88,114],"approach":[89],"overcomes":[90],"limitations":[92],"static":[95],"techniques":[97],"incorporating":[99],"UI":[100,112],"transition":[101],"states":[102],"analysis,":[103],"cross-package":[104],"callback":[105],"control":[106],"flow":[107],"resolution,":[108],"automated":[110],"iterative":[111],"exploration.":[113],"allows":[115],"comprehensive":[118],"understanding":[119],"MiniApps\u2019":[121],"practices,":[123],"addressing":[124],"unique":[126],"challenges":[127],"sub-package":[129],"loading":[130],"event-driven":[132],"callbacks.":[133],"Our":[134],"empirical":[135],"evaluation":[136],"over":[138],"120K":[139],"using":[141],"demonstrates":[143],"its":[144],"effectiveness":[145],"in":[146],"identifying":[147],"inconsistencies.":[149],"results":[151],"reveal":[152],"issues,":[154],"with":[155],"5.7%":[156],"over-collecting":[159],"private":[160],"data":[161,165],"33.4%":[163],"overclaiming":[164],"collection.":[166],"We":[167],"have":[168],"responsibly":[169],"disclosed":[170],"our":[171],"findings":[172,180],"2,282":[174],"developers,":[175],"receiving":[176],"44":[177],"acknowledgments.":[178],"These":[179],"emphasize":[181],"urgent":[183],"more":[186],"precise":[187],"monitoring":[189],"systems":[190],"highlight":[192],"responsibility":[194],"SuperApp":[196],"operators":[197],"enforce":[199],"stricter":[200],"measures.":[202]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}