{"id":"https://openalex.org/W6961844406","doi":"https://doi.org/10.15167/caputo-davide_phd2022-02-18","title":"On the Security and Privacy Challenges in Android-based Environments","display_name":"On the Security and Privacy Challenges in Android-based Environments","publication_year":2022,"publication_date":"2022-02-18","ids":{"openalex":"https://openalex.org/W6961844406","doi":"https://doi.org/10.15167/caputo-davide_phd2022-02-18"},"language":"en","primary_location":{"id":"pmh:oai:iris.unige.it:11567/1066254","is_oa":true,"landing_page_url":"http://hdl.handle.net/11567/1066254","pdf_url":null,"source":{"id":"https://openalex.org/S4377196291","display_name":"CINECA IRIS Institutial Research Information System (University of Genoa)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I83816512","host_organization_name":"University of Genoa","host_organization_lineage":["https://openalex.org/I83816512"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/doctoralThesis"},"type":"article","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://hdl.handle.net/11567/1066254","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"CAPUTO, DAVIDE","orcid":"https://orcid.org/0000-0002-5408-4735"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"CAPUTO, DAVIDE","raw_affiliation_strings":[],"raw_orcid":"https://orcid.org/0000-0002-5408-4735","affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.2959473,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9318000078201294,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9318000078201294,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.019500000402331352,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.010200000368058681,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.6435999870300293},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.5296000242233276},{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.4392000138759613},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.4194999933242798},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3695000112056732},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.3659000098705292},{"id":"https://openalex.org/keywords/point","display_name":"Point (geometry)","score":0.365200012922287},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.3463999927043915},{"id":"https://openalex.org/keywords/privacy-software","display_name":"Privacy software","score":0.33469998836517334}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7059999704360962},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.6435999870300293},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6355000138282776},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5687000155448914},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.5296000242233276},{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.4392000138759613},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.4194999933242798},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3695000112056732},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.3659000098705292},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.365200012922287},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.3463999927043915},{"id":"https://openalex.org/C509729295","wikidata":"https://www.wikidata.org/wiki/Q7246032","display_name":"Privacy software","level":3,"score":0.33469998836517334},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.33219999074935913},{"id":"https://openalex.org/C144543869","wikidata":"https://www.wikidata.org/wiki/Q2738570","display_name":"Mobile computing","level":2,"score":0.33180001378059387},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.3287999927997589},{"id":"https://openalex.org/C169093310","wikidata":"https://www.wikidata.org/wiki/Q3702971","display_name":"Personally identifiable information","level":2,"score":0.3255000114440918},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.3043999969959259},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.28610000014305115},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2856000065803528},{"id":"https://openalex.org/C178639896","wikidata":"https://www.wikidata.org/wiki/Q604035","display_name":"Logical security","level":5,"score":0.2816999852657318},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.2786000072956085},{"id":"https://openalex.org/C2778464652","wikidata":"https://www.wikidata.org/wiki/Q309849","display_name":"Open research","level":2,"score":0.2676999866962433},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.26759999990463257},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.267300009727478},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.2662000060081482},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2621999979019165},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.2565999925136566},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.25369998812675476},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.25290000438690186}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:iris.unige.it:11567/1066254","is_oa":true,"landing_page_url":"http://hdl.handle.net/11567/1066254","pdf_url":null,"source":{"id":"https://openalex.org/S4377196291","display_name":"CINECA IRIS Institutial Research Information System (University of Genoa)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I83816512","host_organization_name":"University of Genoa","host_organization_lineage":["https://openalex.org/I83816512"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/doctoralThesis"},{"id":"doi:10.15167/caputo-davide_phd2022-02-18","is_oa":true,"landing_page_url":"https://doi.org/10.15167/caputo-davide_phd2022-02-18","pdf_url":null,"source":{"id":"https://openalex.org/S7407050993","display_name":"Universit\u00e0 degli Studi di Genova","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"pmh:oai:iris.unige.it:11567/1066254","is_oa":true,"landing_page_url":"http://hdl.handle.net/11567/1066254","pdf_url":null,"source":{"id":"https://openalex.org/S4377196291","display_name":"CINECA IRIS Institutial Research Information System (University of Genoa)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I83816512","host_organization_name":"University of Genoa","host_organization_lineage":["https://openalex.org/I83816512"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/doctoralThesis"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6930488348007202}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"In":[0,173,329,739,760,986],"the":[1,7,51,70,135,162,174,183,192,209,303,341,375,392,397,419,450,461,469,493,500,507,510,513,518,536,565,571,578,597,600,621,625,633,646,657,659,673,690,695,700,705,710,729,740,753,756,829,843,851,886,890,923,929,958,961,966,968,975,983],"last":[2,647],"decade,":[3],"we":[4],"have":[5,53,433,574,780],"faced":[6],"rise":[8],"of":[9,29,36,78,139,165,177,187,195,306,313,319,380,391,406,418,471,509,528,546,558,594,632,694,728,743,755,771,845,854,880,917,922,960,970,993],"mobile":[10,41,140,196,276,294,314,587,758,777],"devices":[11,98],"as":[12,113,215,831,858,860,965],"a":[13,75,117,122,218,233,250,260,285,310,334,359,389,434,465,488,521,526,555,592,679,687,716,776,781,791,797,832,847],"fundamental":[14],"tool":[15,265,286],"in":[16,50,362,449,520,535,635,645,715,885],"our":[17],"everyday":[18],"life.":[19],"Currently,":[20],"there":[21],"are":[22,31,38,409,895,925,952],"above":[23],"6":[24],"billion":[25],"smartphones,":[26],"and":[27,90,137,149,153,156,185,271,278,282,322,367,373,447,476,498,524,530,599,611,692,698,720,736,749,775,786,799,870,904,934,950,1007],"72%":[28],"them":[30,66,103],"Android":[32,533,726,868,871],"devices.":[33],"The":[34,378,480,639,767,875],"functionalities":[35],"smartphones":[37],"enriched":[39],"by":[40,142,512,586,603,995],"apps":[42,81,141,166,230,238,257,277,317,395,408,431,534,547,588,727],"through":[43,386,424,928,954],"which":[44],"users":[45,62,205,254],"can":[46,91,816,978],"perform":[47,109,787],"operations":[48,111],"that":[49,107,211,239,252,287,336,364,402,428,459,543,577,589,643,685,779,821],"past":[52],"been":[54],"made":[55],"possible":[56,290],"only":[57,338,505,554],"on":[58,65,182,388,468,605,723,764,813,863,867],"desktop/laptop":[59],"computing.":[60],"Besides,":[61],"heavily":[63],"rely":[64],"for":[67,202,275,293,937],"storing":[68],"even":[69,947],"most":[71,393,531],"sensitive":[72,110,549],"information":[73,504,595,981],"from":[74,396],"privacy":[76,138,154,186,435,489,551,580,617,693,748,949,1009],"point":[77],"view.":[79],"However,":[80,222,609],"often":[82],"do":[83],"not":[84],"satisfy":[85],"all":[86,237],"minimum":[87],"security":[88,136,151,163,184,234,262,280,300,304,750,792,810,852,951],"requirements":[89],"be":[92,582,817,835,932],"targeted":[93],"to":[94,102,133,147,161,191,206,228,232,255,259,267,291,371,412,656,662,668,784,796,826,850,897,931,941,1000,1004],"indirectly":[95],"attack":[96,801],"other":[97,902],"managed":[99],"or":[100,120,204,299,327,652,664,974],"connected":[101],"(e.g.,":[104,171,236],"IoT":[105,773,882,907,944],"nodes)":[106],"may":[108,432],"such":[112,613,806,964],"health":[114],"checks,":[115],"control":[116,703],"smart":[118,123,912],"car":[119],"open":[121],"lock.":[124],"This":[125,264,344],"thesis":[126],"discusses":[127],"some":[128,442,861],"research":[129],"activities":[130],"carried":[131,384,422],"out":[132,385,423,631],"enhance":[134],"i)":[143],"proposing":[144],"novel":[145,798,822,848],"techniques":[146,159,274,370,812,999],"detect":[148,372],"mitigate":[150],"vulnerabilities":[152],"issues,":[155],"ii)":[157],"defining":[158],"devoted":[160],"evaluation":[164],"interacting":[167,900],"with":[168,284,492,564,805,901],"complex":[169],"environments":[170],"mobile-IoT-Cloud).":[172],"first":[175,768],"part":[176,742],"this":[178,245,330,636,744,794,839,910,987,991],"thesis,":[179,745],"I":[180,247,308,332,357,421,463,515,677,712,746,762,819,841,989],"focused":[181,763],"Mobile":[188],"Apps.":[189],"Due":[190],"widespread":[193,884],"adoption":[194],"apps,":[197,307],"it":[198,223,289,352,446,559,714,722],"is":[199,224,353,630,769,878],"relatively":[200],"straightforward":[201],"researchers":[203,281],"quickly":[207],"retrieve":[208],"app":[210,486,501,778],"matches":[212],"their":[213],"tastes,":[214],"Google":[216,398,438,451,494,537,566,730],"provides":[217,686],"reliable":[219],"search":[220,292],"engine.":[221],"likewise":[225],"almost":[226],"impossible":[227],"select":[229,256],"according":[231,258],"footprint":[235],"enforce":[240],"SSL":[241],"pinning).":[242],"To":[243,455,671,803,838,909],"overcome":[244,672],"limitation,":[246],"present":[248],"APPregator,":[249],"platform":[251],"allows":[253],"specific":[261,297,788],"footprint.":[263],"aims":[266],"implement":[268,1008],"state-of-the-art":[269,675,809,955],"static":[270,366,472],"dynamic":[272,368,474],"analysis":[273,369,383,420,811,823],"provide":[279],"analysts":[283],"makes":[288],"applications":[295],"under":[296],"functional":[298],"requirements.":[301],"Regarding":[302],"status":[305],"studied":[309,333],"particular":[311],"context":[312],"apps:":[315,340],"hybrid":[316,339,407,856],"composed":[318,770,879],"web":[320],"technologies":[321,324],"native":[323],"(i.e.,":[325,404],"Java":[326],"Kotlin).":[328],"context,":[331],"vulnerability":[335,376],"affected":[337],"Frame":[342,413],"Confusion.":[343,414],"vulnerability,":[345],"despite":[346,437],"being":[347],"discovered":[348],"several":[349,616],"years":[350,648],"ago,":[351],"still":[354],"very":[355,429],"widespread.":[356],"proposed":[358,464,481,678],"methodology":[360,466,482,519],"implemented":[361,517,713],"FCDroid":[363,387],"exploits":[365],"trigger":[374],"automatically.":[377,1012],"results":[379,541,573],"an":[381,650,772,881,943],"extensive":[382],"set":[390],"downloaded":[394,532],"Play":[399,439,452,495,538,567,731],"Store":[400,440,732],"prove":[401],"6.63%":[403],"1637/24675)":[405],"potentially":[410],"vulnerable":[411],"A":[415],"side":[416],"effect":[417],"APPregator":[425],"was":[426,460],"suggesting":[427],"few":[430],"policy,":[436],"imposes":[441],"strict":[443],"rules":[444],"about":[445,982],"contained":[448],"Privacy":[453,496,568],"Guidelines.":[454,569],"empirically":[456],"verify":[457],"if":[458,499,948],"case,":[462],"based":[467],"combination":[470],"analysis,":[473,475],"machine":[477,997],"learning":[478,998],"techniques.":[479],"verifies":[483],"whether":[484],"each":[485,814],"contains":[487],"policy":[490,511],"compliant":[491],"Guidelines,":[497],"accesses":[502],"privacy-sensitive":[503],"upon":[506],"acceptance":[508],"user.":[514],"then":[516],"tool,":[522],"3PDroid,":[523],"evaluated":[525],"number":[527],"recent":[529],"Store.":[539],"Experimental":[540],"suggest":[542],"over":[544,704],"95%":[545],"access":[548,667],"user":[550,579,658,701,924],"information,":[552,899],"but":[553],"negligible":[556],"subset":[557],"(~":[560],"1%)":[561],"fully":[562],"complies":[563],"Furthermore,":[570],"obtained":[572],"also":[575],"suggested":[576],"could":[581],"put":[583,836],"at":[584],"risk":[585,994],"keep":[590],"collecting":[591,610],"plethora":[593],"regarding":[596],"user's":[598],"device":[601,774,883],"behavior":[602],"relying":[604],"third-party":[606],"analytics":[607],"libraries.":[608],"using":[612],"data":[614,627,680,696,972],"raised":[615],"concerns,":[618],"mainly":[619],"because":[620],"end-user":[622],"-":[623,629],"i.e.,":[624],"actual":[626],"owner":[628],"loop":[634],"collection":[637],"process.":[638,707],"existing":[640],"privacy-enhanced":[641],"solutions":[642],"emerged":[644],"follow":[649],"``all":[651],"nothing\"":[653],"approach,":[654],"leaving":[655],"sole":[660],"option":[661],"accept":[663],"completely":[665],"deny":[666],"privacy-related":[669],"data.":[670],"current":[674],"limitations,":[676],"anonymization":[681],"methodology,":[682,711],"called":[683,718],"MobHide,":[684],"compromise":[688],"between":[689,733],"usefulness":[691],"collected":[697],"gives":[699],"complete":[702],"sharing":[706],"For":[708],"evaluating":[709],"prototype":[717],"HideDroid":[719],"tested":[721],"4500":[724],"most-used":[725],"November":[734],"2020":[735],"January":[737],"2021.":[738],"second":[741,876],"extended":[747],"considerations":[751],"outside":[752],"boundary":[754],"single":[757],"device.":[759,945],"particular,":[761],"two":[765],"scenarios.":[766],"fruitful":[782],"integration":[783],"resolve":[785],"actions.":[789],"From":[790],"standpoint,":[793],"leads":[795],"unprecedented":[800],"surface.":[802],"deal":[804],"threats,":[807],"applying":[808],"paradigm":[815],"insufficient.":[818],"claimed":[820],"methodologies":[824],"able":[825],"systematically":[827],"analyze":[828],"ecosystem":[830],"whole":[833],"must":[834],"forward.":[837],"aim,":[840,911],"introduced":[842],"idea":[844],"APPIoTTe,":[846],"approach":[849],"testing":[853],"Mobile-IoT":[855],"ecosystems,":[857],"well":[859],"notes":[862],"its":[864],"implementation":[865],"working":[866],"(Mobile)":[869],"Things":[872],"(IoT)":[873],"applications.":[874],"scenario":[877],"Smart":[887,891,893],"Home":[888],"environment:":[889],"Speaker.":[892],"speakers":[894,913],"used":[896],"retrieving":[898],"devices,":[903],"commanding":[905],"various":[906],"nodes.":[908],"typically":[914],"take":[915],"advantage":[916],"cloud":[918],"architectures:":[919],"vocal":[920],"commands":[921],"sampled,":[926],"sent":[927],"Internet":[930],"processed,":[933],"transmitted":[935],"back":[936],"local":[938],"execution,":[939],"e.g.,":[940],"activate":[942],"Unfortunately,":[946],"enforced":[953],"encryption":[956],"mechanisms,":[957],"features":[959],"encrypted":[962],"traffic,":[963],"throughput,":[967],"size":[969],"protocol":[971],"units,":[973],"IP":[976],"addresses,":[977],"leak":[979],"critical":[980],"users'":[984],"habits.":[985],"perspective,":[988],"showcase":[990],"kind":[992],"exploiting":[996],"develop":[1001],"black-box":[1002],"models":[1003],"classify":[1005],"traffic":[1006],"leaking":[1010],"attacks":[1011]},"counts_by_year":[],"updated_date":"2025-11-06T06:51:31.235846","created_date":"2025-10-10T00:00:00"}