{"id":"https://openalex.org/W4385448008","doi":"https://doi.org/10.1186/s42400-023-00151-2","title":"AppChainer: investigating the chainability among payloads in android applications","display_name":"AppChainer: investigating the chainability among payloads in android applications","publication_year":2023,"publication_date":"2023-08-02","ids":{"openalex":"https://openalex.org/W4385448008","doi":"https://doi.org/10.1186/s42400-023-00151-2"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-023-00151-2","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-023-00151-2","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00151-2","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00151-2","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046027082","display_name":"Xiaobo Xiang","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaobo Xiang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076336707","display_name":"Yue Jiang","orcid":"https://orcid.org/0000-0001-6021-2214"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yue Jiang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102754423","display_name":"Qingli Guo","orcid":"https://orcid.org/0000-0002-3587-634X"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Qingli Guo","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005123834","display_name":"Zhang Xiu","orcid":"https://orcid.org/0000-0003-3817-0227"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiu Zhang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101070277","display_name":"Xiaorui Gong","orcid":"https://orcid.org/0009-0005-8203-1496"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaorui Gong","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031113046","display_name":"Baoxu Liu","orcid":"https://orcid.org/0009-0006-9851-5548"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baoxu Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5102754423"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.3924,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.55593346,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":"6","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9912999868392944,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8544167876243591},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7714996933937073},{"id":"https://openalex.org/keywords/chaining","display_name":"Chaining","score":0.7676177024841309},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7656445503234863},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3935258984565735},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.28680533170700073},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2554936408996582}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8544167876243591},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7714996933937073},{"id":"https://openalex.org/C49020025","wikidata":"https://www.wikidata.org/wiki/Q1059099","display_name":"Chaining","level":2,"score":0.7676177024841309},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7656445503234863},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3935258984565735},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.28680533170700073},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2554936408996582},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-023-00151-2","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-023-00151-2","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00151-2","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:b0cb3268268c410fba9fcaa3d598a2db","is_oa":true,"landing_page_url":"https://doaj.org/article/b0cb3268268c410fba9fcaa3d598a2db","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 6, Iss 1, Pp 1-19 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-023-00151-2","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-023-00151-2","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00151-2","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Decent work and economic growth","score":0.6499999761581421,"id":"https://metadata.un.org/sdg/8"}],"awards":[{"id":"https://openalex.org/G3390532264","display_name":null,"funder_award_id":"XDC02040100","funder_id":"https://openalex.org/F4320321133","funder_display_name":"Chinese Academy of Sciences"}],"funders":[{"id":"https://openalex.org/F4320321133","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4385448008.pdf"},"referenced_works_count":30,"referenced_works":["https://openalex.org/W1988036170","https://openalex.org/W1994931937","https://openalex.org/W2015933956","https://openalex.org/W2055122996","https://openalex.org/W2119249378","https://openalex.org/W2126667017","https://openalex.org/W2140095007","https://openalex.org/W2140495200","https://openalex.org/W2148560634","https://openalex.org/W2602063180","https://openalex.org/W2605404816","https://openalex.org/W2751855490","https://openalex.org/W2767371019","https://openalex.org/W2802858222","https://openalex.org/W2809601656","https://openalex.org/W2887397852","https://openalex.org/W2888246077","https://openalex.org/W2945945312","https://openalex.org/W2949897799","https://openalex.org/W2956343568","https://openalex.org/W2963649998","https://openalex.org/W2969701519","https://openalex.org/W3010153247","https://openalex.org/W3085238546","https://openalex.org/W3092439690","https://openalex.org/W3110800203","https://openalex.org/W4229059453","https://openalex.org/W4244726870","https://openalex.org/W4283398224","https://openalex.org/W4321383441"],"related_works":["https://openalex.org/W2964604098","https://openalex.org/W2065505716","https://openalex.org/W2997512100","https://openalex.org/W2114381667","https://openalex.org/W2331043530","https://openalex.org/W1967838650","https://openalex.org/W2393933887","https://openalex.org/W2536200976","https://openalex.org/W2388420286","https://openalex.org/W3003692200"],"abstract_inverted_index":{"Abstract":[0],"Statistics":[1],"show":[2,126,198],"that":[3,127,199],"more":[4],"than":[5],"80":[6],"applications":[7,18,107,125],"are":[8,117,163],"installed":[9],"on":[10,16,28,121,194],"each":[11,167],"android":[12],"smartphone.":[13],"Vulnerability":[14],"research":[15],"Android":[17,82,106,124],"is":[19,57,129,173,181],"of":[20,34,47,88,105,161],"critical":[21],"importance.":[22],"Recently,":[23],"academic":[24],"researchers":[25,43],"mainly":[26],"focus":[27],"single":[29,149],"bug":[30],"patterns,":[31],"while":[32],"few":[33],"them":[35],"investigate":[36],"the":[37,63,76,86,89,111,169,177,186,191,204,213],"relations":[38,77],"between":[39,66,78],"multiple":[40,52,79],"bugs.":[41,54,67],"Industrial":[42],"proposed":[44],"a":[45,71,95,148],"series":[46],"logic":[48,53],"exploit":[49],"chains":[50,145],"leveraging":[51],"However,":[55],"there":[56],"no":[58],"general":[59],"model":[60,73],"to":[61,74],"evaluate":[62],"chaining":[64,134],"abilities":[65],"This":[68],"paper":[69],"presents":[70],"formal":[72],"elucidate":[75],"bugs":[80],"in":[81,131],"applications.":[83,154],"To":[84],"prove":[85],"effectiveness":[87],"model,":[90],"we":[91],"design":[92],"and":[93,108,133,142,151,158,176,207],"implement":[94],"prototype":[96],"system":[97],"named":[98],"AppChainer.":[99],"AppChainer":[100,128,162,200],"automatically":[101],"identifies":[102,138],"attack":[103,115],"surfaces":[104,116],"investigates":[109],"whether":[110],"payloads":[112,141],"entering":[113],"these":[114],"\u201cchainable\u201d.":[118],"Experimental":[119],"results":[120,193],"2138":[122],"popular":[123],"effective":[130],"identifying":[132],"attacker-controllable":[135],"payloads.":[136],"It":[137],"14467":[139],"chainable":[140],"constructs":[143],"5458":[144],"both":[146],"inside":[147],"application":[150],"among":[152],"various":[153],"The":[155],"time":[156,172],"cost":[157],"resource":[159],"consumption":[160],"also":[164],"acceptable.":[165],"For":[166],"application,":[168],"average":[170,178],"analysis":[171],"317":[174],"s,":[175],"memory":[179],"consumed":[180],"2368":[182],"MB.":[183],"Compared":[184],"with":[185,210],"most":[187],"relevant":[188],"work":[189],"Jandroid,":[190],"experiment":[192],"our":[195],"custom":[196],"DroidChainBench":[197],"outperforms":[201],"Jandroid":[202,211],"at":[203,212],"precision":[205],"rate":[206],"performs":[208],"equally":[209],"recall":[214],"rate.":[215]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}