{"id":"https://openalex.org/W2076935307","doi":"https://doi.org/10.1145/2814270.2814274","title":"Interactively verifying absence of explicit information flows in Android apps","display_name":"Interactively verifying absence of explicit information flows in Android apps","publication_year":2015,"publication_date":"2015-10-23","ids":{"openalex":"https://openalex.org/W2076935307","doi":"https://doi.org/10.1145/2814270.2814274","mag":"2076935307"},"language":"en","primary_location":{"id":"doi:10.1145/2814270.2814274","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2814270.2814274","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2814270.2814274","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/2814270.2814274","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029243071","display_name":"Osbert Bastani","orcid":"https://orcid.org/0000-0001-9990-7566"},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Osbert Bastani","raw_affiliation_strings":["Stanford University, USA","Stanford University - USA > > > >"],"affiliations":[{"raw_affiliation_string":"Stanford University, USA","institution_ids":["https://openalex.org/I97018004"]},{"raw_affiliation_string":"Stanford University - USA > > > >","institution_ids":["https://openalex.org/I97018004"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101014215","display_name":"Saswat Anand","orcid":null},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Saswat Anand","raw_affiliation_strings":["Stanford University, USA","Stanford University - USA > > > >"],"affiliations":[{"raw_affiliation_string":"Stanford University, USA","institution_ids":["https://openalex.org/I97018004"]},{"raw_affiliation_string":"Stanford University - USA > > > >","institution_ids":["https://openalex.org/I97018004"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087402475","display_name":"Alex Aiken","orcid":"https://orcid.org/0000-0002-3723-9555"},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Alex Aiken","raw_affiliation_strings":["Stanford University, USA","Stanford University - USA > > > >"],"affiliations":[{"raw_affiliation_string":"Stanford University, USA","institution_ids":["https://openalex.org/I97018004"]},{"raw_affiliation_string":"Stanford University - USA > > > >","institution_ids":["https://openalex.org/I97018004"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5029243071"],"corresponding_institution_ids":["https://openalex.org/I97018004"],"apc_list":null,"apc_paid":null,"fwci":2.6055,"has_fulltext":true,"cited_by_count":13,"citation_normalized_percentile":{"value":0.90498335,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"299","last_page":"315"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8351686000823975},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.8133494853973389},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7163007855415344},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.6340066194534302},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6014602780342102},{"id":"https://openalex.org/keywords/dead-code","display_name":"Dead code","score":0.5198976993560791},{"id":"https://openalex.org/keywords/reachability","display_name":"Reachability","score":0.5080714225769043},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.46325597167015076},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.45286107063293457},{"id":"https://openalex.org/keywords/app-store","display_name":"App store","score":0.44928431510925293},{"id":"https://openalex.org/keywords/debugging","display_name":"Debugging","score":0.43401217460632324},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.4215725064277649},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4178485572338104},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3865535855293274},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3478611409664154},{"id":"https://openalex.org/keywords/code-generation","display_name":"Code generation","score":0.2167191207408905},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.18597286939620972},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1843322217464447},{"id":"https://openalex.org/keywords/redundant-code","display_name":"Redundant code","score":0.1352638602256775}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8351686000823975},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.8133494853973389},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7163007855415344},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.6340066194534302},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6014602780342102},{"id":"https://openalex.org/C47434764","wikidata":"https://www.wikidata.org/wiki/Q1770035","display_name":"Dead code","level":5,"score":0.5198976993560791},{"id":"https://openalex.org/C136643341","wikidata":"https://www.wikidata.org/wiki/Q1361526","display_name":"Reachability","level":2,"score":0.5080714225769043},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.46325597167015076},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.45286107063293457},{"id":"https://openalex.org/C2779794324","wikidata":"https://www.wikidata.org/wiki/Q3814081","display_name":"App store","level":2,"score":0.44928431510925293},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.43401217460632324},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.4215725064277649},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4178485572338104},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3865535855293274},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3478611409664154},{"id":"https://openalex.org/C133162039","wikidata":"https://www.wikidata.org/wiki/Q1061077","display_name":"Code generation","level":3,"score":0.2167191207408905},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.18597286939620972},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1843322217464447},{"id":"https://openalex.org/C151578736","wikidata":"https://www.wikidata.org/wiki/Q1251793","display_name":"Redundant code","level":4,"score":0.1352638602256775},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.0},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2814270.2814274","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2814270.2814274","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2814270.2814274","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.734.3900","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.734.3900","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://theory.stanford.edu/%7Eaiken/publications/papers/oopsla2015b.pdf","raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/2814270.2814274","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2814270.2814274","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2814270.2814274","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.8100000023841858,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G5796669804","display_name":null,"funder_award_id":"FA8750-12-2-0020","funder_id":"https://openalex.org/F4320338294","funder_display_name":"Air Force Research Laboratory"}],"funders":[{"id":"https://openalex.org/F4320338294","display_name":"Air Force Research Laboratory","ror":"https://ror.org/02e2egq70"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2076935307.pdf","grobid_xml":"https://content.openalex.org/works/W2076935307.grobid-xml"},"referenced_works_count":73,"referenced_works":["https://openalex.org/W109951691","https://openalex.org/W1505465226","https://openalex.org/W1509382141","https://openalex.org/W1576925855","https://openalex.org/W1613776191","https://openalex.org/W1810163311","https://openalex.org/W1963971515","https://openalex.org/W1968027261","https://openalex.org/W1970168990","https://openalex.org/W1985752637","https://openalex.org/W1989657183","https://openalex.org/W2014328192","https://openalex.org/W2015790908","https://openalex.org/W2018408172","https://openalex.org/W2041276426","https://openalex.org/W2043579558","https://openalex.org/W2050680750","https://openalex.org/W2064982280","https://openalex.org/W2070041685","https://openalex.org/W2074644416","https://openalex.org/W2080573945","https://openalex.org/W2080696000","https://openalex.org/W2082000355","https://openalex.org/W2098806455","https://openalex.org/W2109219878","https://openalex.org/W2110833886","https://openalex.org/W2110908283","https://openalex.org/W2113709047","https://openalex.org/W2113964673","https://openalex.org/W2114221821","https://openalex.org/W2116973066","https://openalex.org/W2119467398","https://openalex.org/W2120109169","https://openalex.org/W2122049982","https://openalex.org/W2122751766","https://openalex.org/W2123401325","https://openalex.org/W2125011234","https://openalex.org/W2125357166","https://openalex.org/W2125518044","https://openalex.org/W2127723417","https://openalex.org/W2131687992","https://openalex.org/W2131954495","https://openalex.org/W2132481916","https://openalex.org/W2133497528","https://openalex.org/W2133662847","https://openalex.org/W2134875273","https://openalex.org/W2135565307","https://openalex.org/W2138990624","https://openalex.org/W2139668965","https://openalex.org/W2144196848","https://openalex.org/W2148397566","https://openalex.org/W2149674423","https://openalex.org/W2152225177","https://openalex.org/W2153542583","https://openalex.org/W2158600037","https://openalex.org/W2158765820","https://openalex.org/W2161100976","https://openalex.org/W2166743230","https://openalex.org/W2167363133","https://openalex.org/W2181712945","https://openalex.org/W2280703106","https://openalex.org/W2295399529","https://openalex.org/W2350778671","https://openalex.org/W2399891510","https://openalex.org/W4210644561","https://openalex.org/W4230086982","https://openalex.org/W4243644740","https://openalex.org/W4250359162","https://openalex.org/W4252015082","https://openalex.org/W4299301436","https://openalex.org/W4300810260","https://openalex.org/W4300854084","https://openalex.org/W6634469269"],"related_works":["https://openalex.org/W2354385412","https://openalex.org/W2021162507","https://openalex.org/W2029684113","https://openalex.org/W2066223763","https://openalex.org/W2127761335","https://openalex.org/W4226168309","https://openalex.org/W2506798315","https://openalex.org/W2789555805","https://openalex.org/W3132214635","https://openalex.org/W2613042669"],"abstract_inverted_index":{"App":[0,18],"stores":[1,40,48],"are":[2,160],"increasingly":[3],"the":[4,74,84,147,169,180,194,200,208,216,223,228,236,257],"preferred":[5],"mechanism":[6],"for":[7,44,131],"distributing":[8],"software,":[9],"including":[10],"mobile":[11],"apps":[12,16,133],"(Google":[13],"Play),":[14],"desktop":[15],"(Mac":[17],"Store":[19],"and":[20,29,69,113,164,219],"Ubuntu":[21],"Software":[22],"Center),":[23],"computer":[24],"games":[25],"(the":[26],"Steam":[27],"Store),":[28],"browser":[30],"extensions":[31],"(Chrome":[32],"Web":[33],"Store).":[34],"The":[35,190],"centralized":[36],"nature":[37],"of":[38,107,138,154,238,245,256],"these":[39],"has":[41,83],"important":[42],"implications":[43],"security.":[45],"While":[46],"app":[47,75,191],"have":[49],"unprecedented":[50],"ability":[51],"to":[52,64,86,122,135,162,183,187,198,214,225],"audit":[53],"apps,":[54,59],"users":[55],"now":[56],"trust":[57],"hosted":[58,192],"making":[60],"them":[61],"more":[62],"vulnerable":[63],"malware":[65],"that":[66,159,173,227],"evades":[67],"detection":[68],"finds":[70],"its":[71,185],"way":[72],"onto":[73],"store.":[76],"Sound":[77],"static":[78,115,181],"explicit":[79,140],"information":[80,120,141,157],"flow":[81],"analysis":[82,109,116,149,182],"potential":[85],"significantly":[87],"aid":[88],"human":[89],"auditors,":[90],"but":[91],"it":[92],"is":[93,111,150,177,196],"handicapped":[94],"by":[95],"high":[96],"false":[97,155,259],"positive":[98,156],"rates.":[99],"Instead,":[100],"auditors":[101],"currently":[102],"rely":[103],"on":[104,193],"a":[105,129,151,243],"combination":[106],"dynamic":[108],"(which":[110,117],"unsound)":[112],"lightweight":[114],"cannot":[118],"identify":[119],"flows)":[121],"help":[123],"detect":[124],"malicious":[125,139],"behaviors.":[126],"We":[127,210,234],"propose":[128],"process":[130,251],"producing":[132],"certified":[134],"be":[136],"free":[137],"flows.":[142],"In":[143,166],"practice,":[144],"imprecision":[145],"in":[146,241],"reachability":[148],"major":[152],"source":[153],"flows":[158],"difficult":[161],"understand":[163],"discharge.":[165],"our":[167,239],"approach,":[168],"developer":[170,224],"provides":[171],"tests":[172],"specify":[174],"what":[175],"code":[176,206],"reachable,":[178],"allowing":[179],"restrict":[184],"search":[186],"tested":[188],"code.":[189,233],"store":[195],"instrumented":[197],"enforce":[199],"provided":[201],"specification":[202],"(i.e.,":[203],"executing":[204],"untested":[205],"terminates":[207],"app).":[209],"use":[211],"abductive":[212],"inference":[213],"minimize":[215],"necessary":[217],"instrumentation,":[218],"then":[220],"interact":[221],"with":[222],"ensure":[226],"instrumentation":[229],"only":[230],"cuts":[231],"unreachable":[232],"demonstrate":[235],"effectiveness":[237],"approach":[240],"verifying":[242],"corpus":[244],"77":[246],"Android":[247],"apps\u2014our":[248],"interactive":[249],"verification":[250],"successfully":[252],"discharges":[253],"11":[254],"out":[255],"12":[258],"positives.":[260]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}