{"id":"https://openalex.org/W4399433116","doi":"https://doi.org/10.1145/3647632.3647991","title":"Detection of Inconsistencies between Guidance Pages and Actual Data Collection of Third-party SDKs in Android Apps","display_name":"Detection of Inconsistencies between Guidance Pages and Actual Data Collection of Third-party SDKs in Android Apps","publication_year":2024,"publication_date":"2024-04-14","ids":{"openalex":"https://openalex.org/W4399433116","doi":"https://doi.org/10.1145/3647632.3647991"},"language":"en","primary_location":{"id":"doi:10.1145/3647632.3647991","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3647632.3647991","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3647632.3647991","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3647632.3647991","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075037207","display_name":"Hiroki Inayoshi","orcid":"https://orcid.org/0000-0003-3355-8804"},"institutions":[{"id":"https://openalex.org/I197274945","display_name":"Nagoya Institute of Technology","ror":"https://ror.org/055yf1005","country_code":"JP","type":"education","lineage":["https://openalex.org/I197274945"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hiroki Inayoshi","raw_affiliation_strings":["Nagoya Institute of Technology, Aichi, Japan"],"raw_orcid":"https://orcid.org/0000-0003-3355-8804","affiliations":[{"raw_affiliation_string":"Nagoya Institute of Technology, Aichi, Japan","institution_ids":["https://openalex.org/I197274945"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039764201","display_name":"Shohei Kakei","orcid":"https://orcid.org/0000-0003-3137-4956"},"institutions":[{"id":"https://openalex.org/I197274945","display_name":"Nagoya Institute of Technology","ror":"https://ror.org/055yf1005","country_code":"JP","type":"education","lineage":["https://openalex.org/I197274945"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Shohei Kakei","raw_affiliation_strings":["Nagoya Institute of Technology, Aichi, Japan"],"raw_orcid":"https://orcid.org/0000-0003-3137-4956","affiliations":[{"raw_affiliation_string":"Nagoya Institute of Technology, Aichi, Japan","institution_ids":["https://openalex.org/I197274945"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024503170","display_name":"Shoichi Saito","orcid":"https://orcid.org/0000-0003-3103-9656"},"institutions":[{"id":"https://openalex.org/I197274945","display_name":"Nagoya Institute of Technology","ror":"https://ror.org/055yf1005","country_code":"JP","type":"education","lineage":["https://openalex.org/I197274945"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Shoichi Saito","raw_affiliation_strings":["Nagoya Institute of Technology, Aichi, Japan"],"raw_orcid":"https://orcid.org/0000-0003-3103-9656","affiliations":[{"raw_affiliation_string":"Nagoya Institute of Technology, Aichi, Japan","institution_ids":["https://openalex.org/I197274945"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.3057,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.48815518,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"43","last_page":"53"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.989799976348877,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7792569994926453},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7552846074104309},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.7119725346565247},{"id":"https://openalex.org/keywords/identifier","display_name":"Identifier","score":0.7058148980140686},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5517044067382812},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.40309086441993713},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09488332271575928}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7792569994926453},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7552846074104309},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.7119725346565247},{"id":"https://openalex.org/C154504017","wikidata":"https://www.wikidata.org/wiki/Q853614","display_name":"Identifier","level":2,"score":0.7058148980140686},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5517044067382812},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.40309086441993713},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09488332271575928},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3647632.3647991","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3647632.3647991","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3647632.3647991","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3647632.3647991","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3647632.3647991","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3647632.3647991","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4399433116.pdf","grobid_xml":"https://content.openalex.org/works/W4399433116.grobid-xml"},"referenced_works_count":8,"referenced_works":["https://openalex.org/W2078197322","https://openalex.org/W2963070937","https://openalex.org/W4293783507","https://openalex.org/W4293783549","https://openalex.org/W4320015791","https://openalex.org/W4323966546","https://openalex.org/W4385522472","https://openalex.org/W4386603793"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W1667647204","https://openalex.org/W2404647514","https://openalex.org/W4247536566","https://openalex.org/W2018477250","https://openalex.org/W3119814709","https://openalex.org/W4241418540","https://openalex.org/W1508895727","https://openalex.org/W2725786787","https://openalex.org/W1875930651"],"abstract_inverted_index":{"Major":[0],"app":[1,17,46],"stores":[2],"have":[3,41,75,124],"introduced":[4],"privacy":[5,22,158,271],"labels":[6],"(e.g.,":[7],"Google":[8],"Play's":[9],"data":[10,25,49,61,144],"safety":[11,62],"section":[12],"since":[13],"July":[14],"2022),":[15],"requiring":[16],"developers":[18,47],"to":[19,59,77,94,156,170,197,259],"provide":[20],"their":[21,31,51],"disclosures,":[23],"including":[24],"types":[26,50],"collected":[27],"and":[28,33,54,65,108,141,152,164,166,182,188,199,233,256,261,270],"shared":[29],"by":[30],"apps":[32,107,187],"third-party":[34],"SDKs":[35,52,102,165],"they":[36],"use.":[37],"Third-party":[38],"SDK":[39],"providers":[40],"published":[42],"guidance":[43,69,89,97,127,139,162,180,203,218,231,254,268],"pages":[44,70,98,140,163,181,204,255,269],"instructing":[45],"what":[48],"use":[53],"thus":[55],"must":[56],"be":[57],"declared":[58],"the":[60,68,84,88,96,116,120,138,142,161,168,172,190,202,211,225,234,242,249,253],"section.":[63],"Availability":[64],"correctness":[66],"of":[67,87,99,115,122,146,178,205,252],"are":[71],"critical":[72,173,250],"issues":[73,251],"but":[74],"yet":[76],"receive":[78],"any":[79],"attention.":[80],"This":[81,246],"paper":[82],"presents":[83],"first":[85,92],"study":[86,247],"pages.":[90,128],"We":[91,175,208],"attempted":[93],"collect":[95],"175":[100],"commercial":[101],"widely":[103],"used":[104],"in":[105,201],"Android":[106],"did":[109],"not":[110,125],"obtain":[111],"them":[112,123],"for":[113,216,229,236,263],"63%":[114],"SDKs,":[117],"suggesting":[118],"that":[119,134,224],"majority":[121],"provided":[126],"Further,":[129],"we":[130],"develop":[131],"a":[132],"system":[133,193],"detects":[135],"inconsistencies":[136],"between":[137],"actual":[143],"collection":[145],"SDKs.":[147,207],"It":[148],"uses":[149],"machine":[150,212],"learning":[151,213],"dynamic":[153],"taint":[154],"analysis":[155],"extract":[157],"practices":[159],"from":[160],"analyzes":[167],"outcomes":[169],"detect":[171],"gap.":[174],"construct":[176],"datasets":[177,262],"47":[179],"43":[183],"SDKs'":[184],"159":[185],"sample":[186],"evaluate":[189,210],"system.":[191],"The":[192,221],"uncovered":[194],"discrepancies":[195],"related":[196],"location":[198],"identifiers":[200],"eight":[206],"also":[209,257],"model's":[214],"accuracy":[215,235],"unknown":[217],"page":[219],"contents.":[220],"results":[222],"show":[223],"model":[226,243],"performs":[227],"satisfactorily":[228],"updated":[230],"pages,":[232],"newly":[237],"posted":[238],"ones":[239],"increases":[240],"as":[241],"learns":[244],"more.":[245],"exposes":[248],"contributes":[258],"tools":[260],"facilitating":[264],"further":[265],"research":[266],"on":[267],"labels.":[272]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}