Repository of Static Analysis of Android Apps

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Max Lillack, Christian Kästner, and Eric Bodden, Tracking Load-time Configuration Options, In ASE 2014 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Dimitris Geneiatakis, Igor Nai Fovino, Ioannis Kounelis, Paquale Stirparo, A Permission verification approach for android mobile applications, In Computers & Security Journal 2015 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Panagiotis Vekris, Ranjit Jhala, Sorin Lerner, and Yuvraj Agarwal, Towards verifying android apps for the absence of no-sleep energy bugs, In HotPower 2012 [pdf]
Timothy Vidas, Jiaqi Tan, Jay Nahata, Chaur Lih Tan, Nicolas Christin, and Patrick Tague, A5 : Automated Analysis of Adversarial Android Applications, In SPSM@CCS 2014 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Mu Zhang, and Heng Yin, Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding, In ASIACCS 2014 [pdf]
Mu Zhang, and Heng Yin, AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, In NDSS 2014 [pdf]
Atanas Rountev, and Dacong Yan, Static Reference Analysis for GUI Objects in Android Software, In CGO 2014 [pdf]
Shengqian Yang, Dacong Yan, Haowei Wu, Yan Wang, and Atanas Rountev, Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, In ICSE 2015 [pdf]
Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel, Composite Constant Propagation: Application to Android Inter-Component Communication Analysis, In ICSE 2015 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken, Apposcopy : Semantics-Based Detection of Android Malware Through Static Analysis, In FSE 2014 [pdf]
Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck, AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context, In ICSE 2015 [pdf]
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang, AppIntent : Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, In CCS 2013 [pdf]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel, FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, In PLDI 2014 [pdf]
Alexandre Bartel, Jacques Klein, Martin Monperrus, and Yves Le Traon, Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And Solutions for Analyzing Android, In TSE Journal 2014 [pdf]
Alexandre Bartel, Jacques Klein, Yves Le Traon, and Martin Monperrus, Automatically securing permission-based software by reducing the attack surface: An application to android, In ASE 2012 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, and Yves Le Traon, ApkCombiner : Combining Multiple Android Apps to Support Inter-App Analysis, In IFIPSEC 2015 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon, Effective Inter-Component Communication Mapping in Android with Epicc : An Essential Step Towards Holistic Security Analysis, In USENIX SECURITY 2013 [pdf]
Yepang Liu, Chang Xu, and S.C. Cheung, Characterizing and detecting performance bugs for smartphone applications, In ICSE 2014 [pdf]
Saswat Anand, Mayur Naik, Hongseok Yang, and Mary Jean Harrold, Automated Concolic Testing of Smartphone Apps, In FSE 2012 [pdf]
Mu Zhang, Yue Duan, Qian Feng, Heng Yin, Towards Automatic Generation of Security-Centric Descriptions for Android Apps, In CCS 2015 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nicolo Andronio, Stefano Zanero, and Federico Maggi, HelDroid: Dissecting and Detecting Mobile Ransomware, In RAID 2015 [pdf]
Xin Chen, and Sencun Zhu, DroidJust: automated functionality-aware privacy leakage analysis for Android applications, In WiSec 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Osbert Bastani, Saswat Anand, and Alex Aiken, Interactively verifying absence of explicit information flows in Android apps, In OOPSLA 2015 [pdf]
Shengqian Yang, Hailong Zhang, Haowei Wu, Yan Wang, Dacong Yan, and Atanas Rountev, Static Window Transition Graphs for Android, In ASE 2015 [pdf]
Ding Li, Yingjun Lyu, Mian Wan, and William G. J. Halfond, String Analysis for Java and Android Applications, In FSE 2015 [pdf]
Reyhaneh Jabbarvand, Alireza Sadeghi, Joshua Garcia, Sam Malek, and Paul Ammann, EcoDroid: an approach for energy-based ranking of Android apps, In GREENS@ICSE 2015 [pdf]
Gholamreza Safi, Arman Shahbazian, William G.J. Halfond, and Nenad Medvidovic, Detecting Event Anomalies in Event-Based Systems, In FSE 2015 [pdf]
Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden, Using targeted symbolic execution for reducing false-positives in dataflow analysis, In SOAP@PLDI 2015 [pdf]
Le Yu, Tao Zhang, Xiapu Luo, Lei Xue, AutoPPG: Towards Automatic Generation of Privacy Policy for Android Applications, In SPSM@CCS 2015 [pdf]
Daniele Gallingani, Rigel Gjomemo, V.N. Venkatakrishnan, and Stefano Zanero, Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications, In MoST@S&P 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen, AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale, In TRUST 2012 [pdf]
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX : Statically Vetting Android Apps for Component Hijacking Vulnerabilities Categories and Subject Descriptors, In CCS 2012 [pdf]
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna, Execute this! analyzing unsafe and malicious dynamic code loading in android applications, In NDSS 2014 [pdf]
Tanzirul Azim, and Iulian Neamtiu, Targeted and depth-first exploration for systematic testing of android apps, In OOPSLA 2013 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Thresher: precise refutations for heap reachability, In PLDI 2013 [pdf]
Wei Yang, Mukul R. Prasad, and Tao Xie, A grey-box approach for automated GUI-model generation of mobile applications, In FASE 2013 [pdf]
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang, AsDroid : Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Contradiction, In ICSE 2014 [pdf]
Yu Lin, Cosmin Radoi, and Danny Dig, Retrofitting concurrency for Android applications through refactoring, In FSE 2014 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Selective Control-Flow Abstraction via Jumping, In OOPSLA 2015 [pdf]
Kangjie Lu, Zhichun Li, Vasileios P. Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang, Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting, In NDSS 2015 [pdf]
Jonathan Crussell, Clint Gibler, and Hao Chen, Scalable semantics-based detection of similar Android applications, In ESORICS 2013 [pdf]
Jonathan Crussell, Clint Gibler, and Hao Chen, Attack of the clones: detecting cloned applications on Android markets, In ESORICS 2012 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Zhihui Han, Liang Cheng, Yang Zhang, Shuke Zeng, Yi Deng, and Xiaoshan Sun, Systematic Analysis and Detection of Misconfiguration Vulnerabilities in Android Smartphones, In TrustCom 2014 [pdf]
Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth, Slicing droids: program slicing for smali code, In SAC 2013 [pdf]
Wenjun Hu, Jing Tao, Xiaobo Ma, Wenyu Zhou, Shuang Zhao, and Ting Han, MIGDroid: Detecting APP-Repackaging Android malware via method invocation graph, In ICCCN 2014 [pdf]
Michael Grace, Wu Zhou, and Xuxian Jiang, and Ahmad-Reza Sadeghi, Unsafe exposure analysis of mobile in-app advertisements, In WISEC 2012 [pdf]
Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang, Systematic Detection of Capability Leaks in Stock Android Smartphones., In NDSS 2012 [pdf]
Shao Shuai, Dong Guowei, Guo Tao, Yang Tianchang, and Shi Chenjie, Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications, In DASC 2014 [pdf]
David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan, SMV-HUNTER: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps, In NDSS 2014 [pdf]
Leonid Batyuk, Markus Herpich, Seyit Ahmet Camtepe, Karsten Raddatz, Aubrey-Derrick Schmidt, and Sahin Albayrak, Using Static Analysis for Automatic Assessment and Mitigation of Unwanted and Malicious Activities Within Android Applications, In MALWARE 2011 [pdf]
Jianlin Xu, Yifan Yu, Zhen Chen, Bin Cao, Wenyu Dong, Yu Guo, and Junwei Cao, MobSafe: cloud computing based forensic analysis for massive mobile applications using data mining, In Tsinghua Science and Technology Journal 2013 [pdf]
Luoshi Zhang, Yan Niu, Xiao Wu, Zhaoguo Wang, and Yibo Xue, A3: Automatic Analysis of Android Malware, In CCIS 2013 [pdf]
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou, Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications, In SPSM@CCS 2012 [pdf]
Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Jianliang Wu, Tingting Cui, Tao Ban, Shanqing Guo, and Lizhen Cui, PaddyFrog: systematically detecting confused deputy vulnerability in Android applications, In Security and Communication Networks Journal 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Yajin Zhou, and Xuxian Jiang, Detecting passive content leaks and pollution in android applications, In NDSS 2013 [pdf]
Erik Ramsgaard Wognsen, Henrik Søndberg Karlsen, Mads Chr. Olesen, and René Rydhof Hansen, Formalisation and analysis of Dalvik bytecode, In SCP Journal 2014 [pdf]
Dennis Titze, Julian Schütte, Apparecium: Revealing Data Flows in Android Applications, In AINA 2015 [pdf]
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson, Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution, In ESORICS 2015 [pdf]
Yajin Zhou, Lei Wu, Zhi Wang, and Xuxian Jiang, Harvesting developer credentials in Android apps, In WiSec 2015 [pdf]
Chaoshun Zuo, Jianliang Wu, and Shanqing Guo, Automatically Detecting SSL Error-Handling Vulnerabilities in Hybrid Mobile Web Apps, In AsiaCCS 2015 [pdf]
Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, and Yan Chen, Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android, In Securecomm 2015 [pdf]
Benjamin Davis, Ben Sanders, Armen Khodaverdian, and Hao Chen, I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications, In MoST@S&P 2012 [pdf]
Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, Detecting Code Reuse in Android Applications Using Component-Based Control Flow Graph, In IFIP SEC 2014 [pdf]
Kai Chen, Peng Liu, and Yingjun Zhang, Achieving accuracy and scalability simultaneously in detecting application clones on Android markets, In ICSE 2014 [pdf]
Casper S. Jensen, Mukul R. Prasad, and Anders Møller, automated testing with targeted event sequence generation, In ISSTA 2013 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Ding Li, Shuai Hao, William G.J. Halfond, and Ramesh Govindan, Calculating source line level energy information for Android applications, In ISSTA 2013 [pdf]
Ding Li, Angelica Huyen Tran, and William G. J. Halfond, Making web applications more energy efficient for OLED smartphones, In ICSE 2014 [pdf]
Max Lillack, Christian Kästner, and Eric Bodden, Tracking Load-time Configuration Options, In ASE 2014 [pdf]
Shuai Hao, Ding Li, William G. J. Halfond, Ramesh Govindan, Estimating mobile application energy consumption using program analysis, In ICSE 2013 [pdf]
Chon Ju Kim, and Phyllis Frankl, AQUA: Android QUery Analyzer, In WCRE 2012 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Chaorong Guo, Jian Zhang, Jun Yan, Zhiqiang Zhang, Yanli Zhang, Characterizing and detecting resource leaks in Android applications, In ASE 2013 [pdf]
Zheng Lu, and Supratik Mukhopadhyay, Model-based static source code analysis of java programs with applications to android security, In COMPSAC 2012 [pdf]
Riyadh Mahmood, Nariman Mirzaei, and Sam Malek, EvoDroid: segmented evolutionary testing of Android apps, In FSE 2014 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Panagiotis Vekris, Ranjit Jhala, Sorin Lerner, and Yuvraj Agarwal, Towards verifying android apps for the absence of no-sleep energy bugs, In HotPower 2012 [pdf]
Tanzirul Azim, and Iulian Neamtiu, Targeted and depth-first exploration for systematic testing of android apps, In OOPSLA 2013 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Thresher: precise refutations for heap reachability, In PLDI 2013 [pdf]
Wei Yang, Mukul R. Prasad, and Tao Xie, A grey-box approach for automated GUI-model generation of mobile applications, In FASE 2013 [pdf]
Ying Zhang, Gang Huang, Xuanzhe Liu, Wei Zhang, Hong Mei, and Shunxiang Yang, Refactoring android Java code for on-demand computation offloading, In OOPSLA 2012 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Étienne Payeta, and Fausto Spotob, Static analysis of Android programs, In IST Journal 2012 [pdf]
Atanas Rountev, and Dacong Yan, Static Reference Analysis for GUI Objects in Android Software, In CGO 2014 [pdf]
Shengqian Yang, Dacong Yan, Haowei Wu, Yan Wang, and Atanas Rountev, Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, In ICSE 2015 [pdf]
Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel, Composite Constant Propagation: Application to Android Inter-Component Communication Analysis, In ICSE 2015 [pdf]
Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken, Apposcopy : Semantics-Based Detection of Android Malware Through Static Analysis, In FSE 2014 [pdf]
Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck, AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context, In ICSE 2015 [pdf]
Erik Ramsgaard Wognsen, Henrik Søndberg Karlsen, Mads Chr. Olesen, and René Rydhof Hansen, Formalisation and analysis of Dalvik bytecode, In SCP Journal 2014 [pdf]
Jingtian Wang, Guoquan wu, Xiaoquan Wu, Jun Wei, Detect and optimize the energy consumption of mobile app through static analysis: an initial research, In Internetware 2012 [pdf]
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang, AsDroid : Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Contradiction, In ICSE 2014 [pdf]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel, FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, In PLDI 2014 [pdf]
Alexandre Bartel, Jacques Klein, Martin Monperrus, and Yves Le Traon, Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And Solutions for Analyzing Android, In TSE Journal 2014 [pdf]
Alexandre Bartel, Jacques Klein, Yves Le Traon, and Martin Monperrus, Automatically securing permission-based software by reducing the attack surface: An application to android, In ASE 2012 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Yu Lin, Cosmin Radoi, and Danny Dig, Retrofitting concurrency for Android applications through refactoring, In FSE 2014 [pdf]
Yepang Liu, Chang Xu, and S.C. Cheung, Characterizing and detecting performance bugs for smartphone applications, In ICSE 2014 [pdf]
Saswat Anand, Mayur Naik, Hongseok Yang, and Mary Jean Harrold, Automated Concolic Testing of Smartphone Apps, In FSE 2012 [pdf]
Osbert Bastani, Saswat Anand, and Alex Aiken, Interactively verifying absence of explicit information flows in Android apps, In OOPSLA 2015 [pdf]
Agostino Cortesi, Pietro Ferrara, Marco Pistoia, and Omer Tripp, Datacentric Semantics for Verification of Privacy Policy Compliance by Mobile Applications, In VMCAI 2015 [pdf]
Nariman Mirzaei, Hamid Bagheri, Riyadh Mahmood, and Sam Malek, SIG-Droid: Automated system input generation for Android applications, In ISSRE 2015 [pdf]
Wei Huang, Yao Dong Ana Milanova, and Julian Dolby, Scalable and precise taint analysis for Android, In ISSTA 2015 [pdf]
Shengqian Yang, Hailong Zhang, Haowei Wu, Yan Wang, Dacong Yan, and Atanas Rountev, Static Window Transition Graphs for Android, In ASE 2015 [pdf]
Yu Lin,Semih Okur, Danny Dig, Study and Refactoring of Android Asynchronous Programming, In ASE 2015 [pdf]
Ding Li, Yingjun Lyu, Mian Wan, and William G. J. Halfond, String Analysis for Java and Android Applications, In FSE 2015 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Selective Control-Flow Abstraction via Jumping, In OOPSLA 2015 [pdf]
Reyhaneh Jabbarvand, Alireza Sadeghi, Joshua Garcia, Sam Malek, and Paul Ammann, EcoDroid: an approach for energy-based ranking of Android apps, In GREENS@ICSE 2015 [pdf]
Gholamreza Safi, Arman Shahbazian, William G.J. Halfond, and Nenad Medvidovic, Detecting Event Anomalies in Event-Based Systems, In FSE 2015 [pdf]
Kai Chen, Peng Liu, and Yingjun Zhang, Achieving accuracy and scalability simultaneously in detecting application clones on Android markets, In ICSE 2014 [pdf]
Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden, Using targeted symbolic execution for reducing false-positives in dataflow analysis, In SOAP@PLDI 2015 [pdf]
Casper S. Jensen, Mukul R. Prasad, and Anders Møller, automated testing with targeted event sequence generation, In ISSTA 2013 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Patrick P.F. Chan, Lucas C.K. Hui, S.M. Yiu, DroidChecker : Analyzing Android Applications for Capability Leak, In WISEC 2012 [pdf]
Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Zhihui Han, Liang Cheng, Yang Zhang, Shuke Zeng, Yi Deng, and Xiaoshan Sun, Systematic Analysis and Detection of Misconfiguration Vulnerabilities in Android Smartphones, In TrustCom 2014 [pdf]
Jinseong Jeon, Kristopher K. Micinski, Jeffrey A. Vaughan, Ari Fogel, Nikhilesh Reddy, Jeffrey S. Foster, and Todd Millstein, Dr . Android and Mr . Hide : Fine-grained Permissions in Android Applications Categories and Subject Descriptors, In SPSM@CCS 2012 [pdf]
Jinyung Kim, Yongho Yoon, and Kwangkeun Yi, and Junbum Shin, Scandal: Static Analyzer for Detecting Privacy Leaks in Android Applications, In MoST@S&P 2012 [pdf]
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, and Bernd Freisleben, Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security, In CCS 2012 [pdf]
Hugo Gascon, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck, Structural Detection of Android Malware using Embedded Call Graphs, In AISec@CCS 2013 [pdf]
Dimitris Geneiatakis, Igor Nai Fovino, Ioannis Kounelis, Paquale Stirparo, A Permission verification approach for android mobile applications, In Computers & Security Journal 2015 [pdf]
Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen, AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale, In TRUST 2012 [pdf]
Mariem Graa, Nora Cuppens-Boulahia, Frédé́ric Cuppens, and Ana Cavalli, Protection against Code Obfuscation Attacks based on control dependencies in Android Systems, In SERE Companion 2014 [pdf]
Mariem Graa, Nora Cuppens-Boulahia, Frédéric Cuppens, and Ana Cavalli, Detecting control flow in smarphones: Combining static and dynamic analyses, In CSS 2012 [pdf]
Michael Grace, Wu Zhou, and Xuxian Jiang, and Ahmad-Reza Sadeghi, Unsafe exposure analysis of mobile in-app advertisements, In WISEC 2012 [pdf]
Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang, Systematic Detection of Capability Leaks in Stock Android Smartphones., In NDSS 2012 [pdf]
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX : Statically Vetting Android Apps for Component Hijacking Vulnerabilities Categories and Subject Descriptors, In CCS 2012 [pdf]
Christopher Mann, and Artem Starostin, A framework for static detection of privacy leaks in android applications, In SAC 2012 [pdf]
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna, Execute this! analyzing unsafe and malicious dynamic code loading in android applications, In NDSS 2014 [pdf]
Bruno P. S. Rocha, Mauro Conti, Sandro Etalle, and Bruno Crispo, Hybrid static-runtime information flow and declassification enforcement, In TIFS Journal 2013 [pdf]
Drago Sbîrlea, Michael G. Burke,Salvatore Guarnieri, Marco Pistoia, and Vivek Sarkar, Automatic Detection of Inter-application Permission Leaks in Android Applications, In IBM Research and Development Journal 2013 [pdf]
Shao Shuai, Dong Guowei, Guo Tao, Yang Tianchang, and Shi Chenjie, Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications, In DASC 2014 [pdf]
David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan, SMV-HUNTER: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps, In NDSS 2014 [pdf]
Timothy Vidas, Jiaqi Tan, Jay Nahata, Chaur Lih Tan, Nicolas Christin, and Patrick Tague, A5 : Automated Analysis of Adversarial Android Applications, In SPSM@CCS 2014 [pdf]
Anthony Desnos, and Geoffroy Gueguen, Android : From Reversing to Decompilation, In BlackHat 2011 [pdf]
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel, An empirical study of cryptographic misuse in android applications, In CCS 2013 [pdf]
Leonid Batyuk, Markus Herpich, Seyit Ahmet Camtepe, Karsten Raddatz, Aubrey-Derrick Schmidt, and Sahin Albayrak, Using Static Analysis for Automatic Assessment and Mitigation of Unwanted and Malicious Activities Within Android Applications, In MALWARE 2011 [pdf]
Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard, and Dawn Song, Contextual Policy Enforcement in Android Applications with Permission Event Graphs, In NDSS 2013 [pdf]
Luoshi Zhang, Yan Niu, Xiao Wu, Zhaoguo Wang, and Yibo Xue, A3: Automatic Analysis of Android Malware, In CCIS 2013 [pdf]
Mu Zhang, Yue Duan, Heng Yin, and Zhiruo Zhao, Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs Categories and Subject Descriptors, In CCS 2014 [pdf]
Zhibo Zhao, and Fernando C. Colon Osorio, TrustDroid: Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking, In MALWARE 2012 [pdf]
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou, Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications, In SPSM@CCS 2012 [pdf]
Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, DroidAlarm: an all-sided static analysis tool for android privilege-escalation malware, In ASIACCS 2013 [pdf]
Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl,Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros, Ravi Bhoraskar, Seungyeop Han, Paul Vines, and Edward X. Wu, Collaborative Verification of Information Flow for a High-Assurance App Store, In CCS 2014 [pdf]
Mu Zhang, and Heng Yin, Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding, In ASIACCS 2014 [pdf]
Mu Zhang, and Heng Yin, AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, In NDSS 2014 [pdf]
Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Jianliang Wu, Tingting Cui, Tao Ban, Shanqing Guo, and Lizhen Cui, PaddyFrog: systematically detecting confused deputy vulnerability in Android applications, In Security and Communication Networks Journal 2015 [pdf]
Yury Zhauniarovich, Maqsood Ahmad, Olga Gadyatskaya, Bruno Crispo, and Fabio Massacci, StaDynA : Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications, In CODASPY 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Yajin Zhou, and Xuxian Jiang, Detecting passive content leaks and pollution in android applications, In NDSS 2013 [pdf]
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang, AppIntent : Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, In CCS 2013 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, and Yves Le Traon, ApkCombiner : Combining Multiple Android Apps to Support Inter-App Analysis, In IFIPSEC 2015 [pdf]
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon, Effective Inter-Component Communication Mapping in Android with Epicc : An Essential Step Towards Holistic Security Analysis, In USENIX SECURITY 2013 [pdf]
Jialiu Lin, Bin Liu, Norman Sadeh, Jason I. Hong, Modeling Users' Mobile App Privacy Preferences : Restoring Usability in a Sea of Permission Settings, In SOUPS 2014 [pdf]
Steffen Lortz, Heiko Mantel, Artem Starostin,Timo Bähr, David Schneider, and Alexandra Weber, Cassandra: Towards a Certifying App Store for Android, In SPSM@CCS 2014 [pdf]
Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall, Brahmastra: Driving Apps to Test the Security of Third-Party Components, In USENIX SECURITY 2014 [pdf]
Mu Zhang, Yue Duan, Qian Feng, Heng Yin, Towards Automatic Generation of Security-Centric Descriptions for Android Apps, In CCS 2015 [pdf]
Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, and Xue Liu, Effective Real-Time Android Application Auditing, In S&P 2015 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson, Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nicolo Andronio, Stefano Zanero, and Federico Maggi, HelDroid: Dissecting and Detecting Mobile Ransomware, In RAID 2015 [pdf]
Xin Chen, and Sencun Zhu, DroidJust: automated functionality-aware privacy leakage analysis for Android applications, In WiSec 2015 [pdf]
Yajin Zhou, Lei Wu, Zhi Wang, and Xuxian Jiang, Harvesting developer credentials in Android apps, In WiSec 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Chaoshun Zuo, Jianliang Wu, and Shanqing Guo, Automatically Detecting SSL Error-Handling Vulnerabilities in Hybrid Mobile Web Apps, In AsiaCCS 2015 [pdf]
Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, and Yan Chen, Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android, In Securecomm 2015 [pdf]
Kangjie Lu, Zhichun Li, Vasileios P. Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang, Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting, In NDSS 2015 [pdf]
Benjamin Davis, Ben Sanders, Armen Khodaverdian, and Hao Chen, I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications, In MoST@S&P 2012 [pdf]
Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, Detecting Code Reuse in Android Applications Using Component-Based Control Flow Graph, In IFIP SEC 2014 [pdf]
Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, and Sotiris Ioannidis, AndRadar: Fast Discovery of Android Applications in Alternative Markets, In DIMVA 2014 [pdf]
Jonathan Crussell, Clint Gibler, and Hao Chen, Scalable semantics-based detection of similar Android applications, In ESORICS 2013 [pdf]
Jonathan Crussell, Clint Gibler, and Hao Chen, Attack of the clones: detecting cloned applications on Android markets, In ESORICS 2012 [pdf]
Le Yu, Tao Zhang, Xiapu Luo, Lei Xue, AutoPPG: Towards Automatic Generation of Privacy Policy for Android Applications, In SPSM@CCS 2015 [pdf]
Daniele Gallingani, Rigel Gjomemo, V.N. Venkatakrishnan, and Stefano Zanero, Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications, In MoST@S&P 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Max Lillack, Christian Kästner, and Eric Bodden, Tracking Load-time Configuration Options, In ASE 2014 [pdf]
Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth, Slicing droids: program slicing for smali code, In SAC 2013 [pdf]
Jinseong Jeon, Kristopher K. Micinski, Jeffrey A. Vaughan, Ari Fogel, Nikhilesh Reddy, Jeffrey S. Foster, and Todd Millstein, Dr . Android and Mr . Hide : Fine-grained Permissions in Android Applications Categories and Subject Descriptors, In SPSM@CCS 2012 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, and Bernd Freisleben, Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security, In CCS 2012 [pdf]
Hugo Gascon, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck, Structural Detection of Android Malware using Embedded Call Graphs, In AISec@CCS 2013 [pdf]
Dimitris Geneiatakis, Igor Nai Fovino, Ioannis Kounelis, Paquale Stirparo, A Permission verification approach for android mobile applications, In Computers & Security Journal 2015 [pdf]
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna, Execute this! analyzing unsafe and malicious dynamic code loading in android applications, In NDSS 2014 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Timothy Vidas, Jiaqi Tan, Jay Nahata, Chaur Lih Tan, Nicolas Christin, and Patrick Tague, A5 : Automated Analysis of Adversarial Android Applications, In SPSM@CCS 2014 [pdf]
Kwanghoon Choi, and Byeong-Mo Chang, A type and effect system for activation flow of components in Android programs, In Information Processing Letters Journal 2014 [pdf]
Anthony Desnos, Android: Static analysis using similarity distance, In HICSS 2012 [pdf]
Anthony Desnos, and Geoffroy Gueguen, Android : From Reversing to Decompilation, In BlackHat 2011 [pdf]
Tanzirul Azim, and Iulian Neamtiu, Targeted and depth-first exploration for systematic testing of android apps, In OOPSLA 2013 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Thresher: precise refutations for heap reachability, In PLDI 2013 [pdf]
Atanas Rountev, and Dacong Yan, Static Reference Analysis for GUI Objects in Android Software, In CGO 2014 [pdf]
Shengqian Yang, Dacong Yan, Haowei Wu, Yan Wang, and Atanas Rountev, Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, In ICSE 2015 [pdf]
Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel, Composite Constant Propagation: Application to Android Inter-Component Communication Analysis, In ICSE 2015 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Yury Zhauniarovich, Maqsood Ahmad, Olga Gadyatskaya, Bruno Crispo, and Fabio Massacci, StaDynA : Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications, In CODASPY 2015 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Erik Ramsgaard Wognsen, Henrik Søndberg Karlsen, Mads Chr. Olesen, and René Rydhof Hansen, Formalisation and analysis of Dalvik bytecode, In SCP Journal 2014 [pdf]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel, FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, In PLDI 2014 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Yepang Liu, Chang Xu, and S.C. Cheung, Characterizing and detecting performance bugs for smartphone applications, In ICSE 2014 [pdf]
Steffen Lortz, Heiko Mantel, Artem Starostin,Timo Bähr, David Schneider, and Alexandra Weber, Cassandra: Towards a Certifying App Store for Android, In SPSM@CCS 2014 [pdf]
Dennis Titze, Julian Schütte, Apparecium: Revealing Data Flows in Android Applications, In AINA 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Shengqian Yang, Hailong Zhang, Haowei Wu, Yan Wang, Dacong Yan, and Atanas Rountev, Static Window Transition Graphs for Android, In ASE 2015 [pdf]
Ding Li, Yingjun Lyu, Mian Wan, and William G. J. Halfond, String Analysis for Java and Android Applications, In FSE 2015 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Selective Control-Flow Abstraction via Jumping, In OOPSLA 2015 [pdf]
Gholamreza Safi, Arman Shahbazian, William G.J. Halfond, and Nenad Medvidovic, Detecting Event Anomalies in Event-Based Systems, In FSE 2015 [pdf]
Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner, Analyzing Inter-Application Communication in Android, In MobiSys 2011 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Jinyung Kim, Yongho Yoon, and Kwangkeun Yi, and Junbum Shin, Scandal: Static Analyzer for Detecting Privacy Leaks in Android Applications, In MoST@S&P 2012 [pdf]
Zheng Lu, and Supratik Mukhopadhyay, Model-based static source code analysis of java programs with applications to android security, In COMPSAC 2012 [pdf]
Christopher Mann, and Artem Starostin, A framework for static detection of privacy leaks in android applications, In SAC 2012 [pdf]
Bruno P. S. Rocha, Mauro Conti, Sandro Etalle, and Bruno Crispo, Hybrid static-runtime information flow and declassification enforcement, In TIFS Journal 2013 [pdf]
Étienne Payeta, and Fausto Spotob, Static analysis of Android programs, In IST Journal 2012 [pdf]
Agostino Cortesi, Pietro Ferrara, Marco Pistoia, and Omer Tripp, Datacentric Semantics for Verification of Privacy Policy Compliance by Mobile Applications, In VMCAI 2015 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Selective Control-Flow Abstraction via Jumping, In OOPSLA 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Patrick P.F. Chan, Lucas C.K. Hui, S.M. Yiu, DroidChecker : Analyzing Android Applications for Capability Leak, In WISEC 2012 [pdf]
Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Max Lillack, Christian Kästner, and Eric Bodden, Tracking Load-time Configuration Options, In ASE 2014 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen, AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale, In TRUST 2012 [pdf]
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX : Statically Vetting Android Apps for Component Hijacking Vulnerabilities Categories and Subject Descriptors, In CCS 2012 [pdf]
Siyuan Ma, Zhushou Tang, Qiuyu Xiao, Jiafa Liu, Tran Triet Duong, Xiaodong Lin, and Haojin Zhu, Detecting GPS information leakage in Android applications, In GLOBECOM 2013 [pdf]
Christopher Mann, and Artem Starostin, A framework for static detection of privacy leaks in android applications, In SAC 2012 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Drago Sbîrlea, Michael G. Burke,Salvatore Guarnieri, Marco Pistoia, and Vivek Sarkar, Automatic Detection of Inter-application Permission Leaks in Android Applications, In IBM Research and Development Journal 2013 [pdf]
Jianlin Xu, Yifan Yu, Zhen Chen, Bin Cao, Wenyu Dong, Yu Guo, and Junwei Cao, MobSafe: cloud computing based forensic analysis for massive mobile applications using data mining, In Tsinghua Science and Technology Journal 2013 [pdf]
Zhibo Zhao, and Fernando C. Colon Osorio, TrustDroid: Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking, In MALWARE 2012 [pdf]
Mu Zhang, and Heng Yin, Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding, In ASIACCS 2014 [pdf]
Mu Zhang, and Heng Yin, AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, In NDSS 2014 [pdf]
Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken, Apposcopy : Semantics-Based Detection of Android Malware Through Static Analysis, In FSE 2014 [pdf]
Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck, AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context, In ICSE 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel, FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, In PLDI 2014 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Dennis Titze, Julian Schütte, Apparecium: Revealing Data Flows in Android Applications, In AINA 2015 [pdf]
Mu Zhang, Yue Duan, Qian Feng, Heng Yin, Towards Automatic Generation of Security-Centric Descriptions for Android Apps, In CCS 2015 [pdf]
Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, and Xue Liu, Effective Real-Time Android Application Auditing, In S&P 2015 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nicolo Andronio, Stefano Zanero, and Federico Maggi, HelDroid: Dissecting and Detecting Mobile Ransomware, In RAID 2015 [pdf]
Xin Chen, and Sencun Zhu, DroidJust: automated functionality-aware privacy leakage analysis for Android applications, In WiSec 2015 [pdf]
Yajin Zhou, Lei Wu, Zhi Wang, and Xuxian Jiang, Harvesting developer credentials in Android apps, In WiSec 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, and Yan Chen, Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android, In Securecomm 2015 [pdf]
Osbert Bastani, Saswat Anand, and Alex Aiken, Interactively verifying absence of explicit information flows in Android apps, In OOPSLA 2015 [pdf]
Agostino Cortesi, Pietro Ferrara, Marco Pistoia, and Omer Tripp, Datacentric Semantics for Verification of Privacy Policy Compliance by Mobile Applications, In VMCAI 2015 [pdf]
Wei Huang, Yao Dong Ana Milanova, and Julian Dolby, Scalable and precise taint analysis for Android, In ISSTA 2015 [pdf]
Kangjie Lu, Zhichun Li, Vasileios P. Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang, Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting, In NDSS 2015 [pdf]
Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden, Using targeted symbolic execution for reducing false-positives in dataflow analysis, In SOAP@PLDI 2015 [pdf]
Daniele Gallingani, Rigel Gjomemo, V.N. Venkatakrishnan, and Stefano Zanero, Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications, In MoST@S&P 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang, AppIntent : Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, In CCS 2013 [pdf]
Saswat Anand, Mayur Naik, Hongseok Yang, and Mary Jean Harrold, Automated Concolic Testing of Smartphone Apps, In FSE 2012 [pdf]
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson, Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nariman Mirzaei, Hamid Bagheri, Riyadh Mahmood, and Sam Malek, SIG-Droid: Automated system input generation for Android applications, In ISSRE 2015 [pdf]
Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden, Using targeted symbolic execution for reducing false-positives in dataflow analysis, In SOAP@PLDI 2015 [pdf]
Daniele Gallingani, Rigel Gjomemo, V.N. Venkatakrishnan, and Stefano Zanero, Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications, In MoST@S&P 2015 [pdf]
Casper S. Jensen, Mukul R. Prasad, and Anders Møller, automated testing with targeted event sequence generation, In ISSTA 2013 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuai Hao, Ding Li, William G. J. Halfond, Ramesh Govindan, Estimating mobile application energy consumption using program analysis, In ICSE 2013 [pdf]
Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth, Slicing droids: program slicing for smali code, In SAC 2013 [pdf]
Chon Ju Kim, and Phyllis Frankl, AQUA: Android QUery Analyzer, In WCRE 2012 [pdf]
Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen, AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale, In TRUST 2012 [pdf]
Siyuan Ma, Zhushou Tang, Qiuyu Xiao, Jiafa Liu, Tran Triet Duong, Xiaodong Lin, and Haojin Zhu, Detecting GPS information leakage in Android applications, In GLOBECOM 2013 [pdf]
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna, Execute this! analyzing unsafe and malicious dynamic code loading in android applications, In NDSS 2014 [pdf]
Bruno P. S. Rocha, Mauro Conti, Sandro Etalle, and Bruno Crispo, Hybrid static-runtime information flow and declassification enforcement, In TIFS Journal 2013 [pdf]
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel, An empirical study of cryptographic misuse in android applications, In CCS 2013 [pdf]
Jianlin Xu, Yifan Yu, Zhen Chen, Bin Cao, Wenyu Dong, Yu Guo, and Junwei Cao, MobSafe: cloud computing based forensic analysis for massive mobile applications using data mining, In Tsinghua Science and Technology Journal 2013 [pdf]
Mu Zhang, and Heng Yin, Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding, In ASIACCS 2014 [pdf]
Mu Zhang, and Heng Yin, AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, In NDSS 2014 [pdf]
Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Dennis Titze, Julian Schütte, Apparecium: Revealing Data Flows in Android Applications, In AINA 2015 [pdf]
Yajin Zhou, Lei Wu, Zhi Wang, and Xuxian Jiang, Harvesting developer credentials in Android apps, In WiSec 2015 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Selective Control-Flow Abstraction via Jumping, In OOPSLA 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Ding Li, Shuai Hao, William G.J. Halfond, and Ramesh Govindan, Calculating source line level energy information for Android applications, In ISSTA 2013 [pdf]
Ding Li, Angelica Huyen Tran, and William G. J. Halfond, Making web applications more energy efficient for OLED smartphones, In ICSE 2014 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Dimitris Geneiatakis, Igor Nai Fovino, Ioannis Kounelis, Paquale Stirparo, A Permission verification approach for android mobile applications, In Computers & Security Journal 2015 [pdf]
Bruno P. S. Rocha, Mauro Conti, Sandro Etalle, and Bruno Crispo, Hybrid static-runtime information flow and declassification enforcement, In TIFS Journal 2013 [pdf]
Shao Shuai, Dong Guowei, Guo Tao, Yang Tianchang, and Shi Chenjie, Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications, In DASC 2014 [pdf]
Anthony Desnos, and Geoffroy Gueguen, Android : From Reversing to Decompilation, In BlackHat 2011 [pdf]
Wei Yang, Mukul R. Prasad, and Tao Xie, A grey-box approach for automated GUI-model generation of mobile applications, In FASE 2013 [pdf]
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou, Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications, In SPSM@CCS 2012 [pdf]
Mu Zhang, and Heng Yin, Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding, In ASIACCS 2014 [pdf]
Mu Zhang, and Heng Yin, AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, In NDSS 2014 [pdf]
Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Steffen Lortz, Heiko Mantel, Artem Starostin,Timo Bähr, David Schneider, and Alexandra Weber, Cassandra: Towards a Certifying App Store for Android, In SPSM@CCS 2014 [pdf]
Shuai Hao, Ding Li, William G.J. Halfond, and Ramesh Govindan, SIF: A Selective Instrumentation Framework for Mobile Applications, In MobiSys 2013 [pdf]
Saswat Anand, Mayur Naik, Hongseok Yang, and Mary Jean Harrold, Automated Concolic Testing of Smartphone Apps, In FSE 2012 [pdf]
Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall, Brahmastra: Driving Apps to Test the Security of Third-Party Components, In USENIX SECURITY 2014 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, and Yan Chen, Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android, In Securecomm 2015 [pdf]
Osbert Bastani, Saswat Anand, and Alex Aiken, Interactively verifying absence of explicit information flows in Android apps, In OOPSLA 2015 [pdf]
Yu Lin,Semih Okur, Danny Dig, Study and Refactoring of Android Asynchronous Programming, In ASE 2015 [pdf]
Benjamin Davis, Ben Sanders, Armen Khodaverdian, and Hao Chen, I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications, In MoST@S&P 2012 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Zhihui Han, Liang Cheng, Yang Zhang, Shuke Zeng, Yi Deng, and Xiaoshan Sun, Systematic Analysis and Detection of Misconfiguration Vulnerabilities in Android Smartphones, In TrustCom 2014 [pdf]
Zheng Lu, and Supratik Mukhopadhyay, Model-based static source code analysis of java programs with applications to android security, In COMPSAC 2012 [pdf]
Christopher Mann, and Artem Starostin, A framework for static detection of privacy leaks in android applications, In SAC 2012 [pdf]
Kwanghoon Choi, and Byeong-Mo Chang, A type and effect system for activation flow of components in Android programs, In Information Processing Letters Journal 2014 [pdf]
Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, DroidAlarm: an all-sided static analysis tool for android privilege-escalation malware, In ASIACCS 2013 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl,Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros, Ravi Bhoraskar, Seungyeop Han, Paul Vines, and Edward X. Wu, Collaborative Verification of Information Flow for a High-Assurance App Store, In CCS 2014 [pdf]
Wei Huang, Yao Dong Ana Milanova, and Julian Dolby, Scalable and precise taint analysis for Android, In ISSTA 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna, Execute this! analyzing unsafe and malicious dynamic code loading in android applications, In NDSS 2014 [pdf]
Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard, and Dawn Song, Contextual Policy Enforcement in Android Applications with Permission Event Graphs, In NDSS 2013 [pdf]
Yury Zhauniarovich, Maqsood Ahmad, Olga Gadyatskaya, Bruno Crispo, and Fabio Massacci, StaDynA : Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications, In CODASPY 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Jinyung Kim, Yongho Yoon, and Kwangkeun Yi, and Junbum Shin, Scandal: Static Analyzer for Detecting Privacy Leaks in Android Applications, In MoST@S&P 2012 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard, and Dawn Song, Contextual Policy Enforcement in Android Applications with Permission Event Graphs, In NDSS 2013 [pdf]
Mu Zhang, Yue Duan, Heng Yin, and Zhiruo Zhao, Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs Categories and Subject Descriptors, In CCS 2014 [pdf]
Ying Zhang, Gang Huang, Xuanzhe Liu, Wei Zhang, Hong Mei, and Shunxiang Yang, Refactoring android Java code for on-demand computation offloading, In OOPSLA 2012 [pdf]
Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl,Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros, Ravi Bhoraskar, Seungyeop Han, Paul Vines, and Edward X. Wu, Collaborative Verification of Information Flow for a High-Assurance App Store, In CCS 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Yury Zhauniarovich, Maqsood Ahmad, Olga Gadyatskaya, Bruno Crispo, and Fabio Massacci, StaDynA : Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications, In CODASPY 2015 [pdf]
Erik Ramsgaard Wognsen, Henrik Søndberg Karlsen, Mads Chr. Olesen, and René Rydhof Hansen, Formalisation and analysis of Dalvik bytecode, In SCP Journal 2014 [pdf]
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson, Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nicolo Andronio, Stefano Zanero, and Federico Maggi, HelDroid: Dissecting and Detecting Mobile Ransomware, In RAID 2015 [pdf]
Xin Chen, and Sencun Zhu, DroidJust: automated functionality-aware privacy leakage analysis for Android applications, In WiSec 2015 [pdf]
Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, Detecting Code Reuse in Android Applications Using Component-Based Control Flow Graph, In IFIP SEC 2014 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Steffen Lortz, Heiko Mantel, Artem Starostin,Timo Bähr, David Schneider, and Alexandra Weber, Cassandra: Towards a Certifying App Store for Android, In SPSM@CCS 2014 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Panagiotis Vekris, Ranjit Jhala, Sorin Lerner, and Yuvraj Agarwal, Towards verifying android apps for the absence of no-sleep energy bugs, In HotPower 2012 [pdf]
Kwanghoon Choi, and Byeong-Mo Chang, A type and effect system for activation flow of components in Android programs, In Information Processing Letters Journal 2014 [pdf]
Steffen Bartsch, Bernhard Berger, Michaela Bunke, and Karsten Sohr, The Transitivity-of-Trust Problem in Android Application Interaction, In ARES 2013 [pdf]
Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard, and Dawn Song, Contextual Policy Enforcement in Android Applications with Permission Event Graphs, In NDSS 2013 [pdf]
Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, DroidAlarm: an all-sided static analysis tool for android privilege-escalation malware, In ASIACCS 2013 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl,Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros, Ravi Bhoraskar, Seungyeop Han, Paul Vines, and Edward X. Wu, Collaborative Verification of Information Flow for a High-Assurance App Store, In CCS 2014 [pdf]
Shengqian Yang, Dacong Yan, Haowei Wu, Yan Wang, and Atanas Rountev, Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, In ICSE 2015 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Jianliang Wu, Tingting Cui, Tao Ban, Shanqing Guo, and Lizhen Cui, PaddyFrog: systematically detecting confused deputy vulnerability in Android applications, In Security and Communication Networks Journal 2015 [pdf]
Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken, Apposcopy : Semantics-Based Detection of Android Malware Through Static Analysis, In FSE 2014 [pdf]
Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck, AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context, In ICSE 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang, AsDroid : Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Contradiction, In ICSE 2014 [pdf]
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang, AppIntent : Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, In CCS 2013 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall, Brahmastra: Driving Apps to Test the Security of Third-Party Components, In USENIX SECURITY 2014 [pdf]
Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, and Xue Liu, Effective Real-Time Android Application Auditing, In S&P 2015 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Chaoshun Zuo, Jianliang Wu, and Shanqing Guo, Automatically Detecting SSL Error-Handling Vulnerabilities in Hybrid Mobile Web Apps, In AsiaCCS 2015 [pdf]
Nariman Mirzaei, Hamid Bagheri, Riyadh Mahmood, and Sam Malek, SIG-Droid: Automated system input generation for Android applications, In ISSRE 2015 [pdf]
Wei Huang, Yao Dong Ana Milanova, and Julian Dolby, Scalable and precise taint analysis for Android, In ISSTA 2015 [pdf]
Shengqian Yang, Hailong Zhang, Haowei Wu, Yan Wang, Dacong Yan, and Atanas Rountev, Static Window Transition Graphs for Android, In ASE 2015 [pdf]
Le Yu, Tao Zhang, Xiapu Luo, Lei Xue, AutoPPG: Towards Automatic Generation of Privacy Policy for Android Applications, In SPSM@CCS 2015 [pdf]
Abhinav Pathak, Abhilash Jindal, Y. Charlie Hu, and Samuel P. Midkiff, what is keeping my phone awake? characterizing and detecting no-sleep energy bugs in smartphone apps, In MobiSys 2012 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Max Lillack, Christian Kästner, and Eric Bodden, Tracking Load-time Configuration Options, In ASE 2014 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Riyadh Mahmood, Nariman Mirzaei, and Sam Malek, EvoDroid: segmented evolutionary testing of Android apps, In FSE 2014 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan, SMV-HUNTER: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps, In NDSS 2014 [pdf]
Tanzirul Azim, and Iulian Neamtiu, Targeted and depth-first exploration for systematic testing of android apps, In OOPSLA 2013 [pdf]
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou, Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications, In SPSM@CCS 2012 [pdf]
Étienne Payeta, and Fausto Spotob, Static analysis of Android programs, In IST Journal 2012 [pdf]
Atanas Rountev, and Dacong Yan, Static Reference Analysis for GUI Objects in Android Software, In CGO 2014 [pdf]
Shengqian Yang, Dacong Yan, Haowei Wu, Yan Wang, and Atanas Rountev, Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, In ICSE 2015 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang, AsDroid : Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Contradiction, In ICSE 2014 [pdf]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel, FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, In PLDI 2014 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Yepang Liu, Chang Xu, and S.C. Cheung, Characterizing and detecting performance bugs for smartphone applications, In ICSE 2014 [pdf]
Saswat Anand, Mayur Naik, Hongseok Yang, and Mary Jean Harrold, Automated Concolic Testing of Smartphone Apps, In FSE 2012 [pdf]
Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall, Brahmastra: Driving Apps to Test the Security of Third-Party Components, In USENIX SECURITY 2014 [pdf]
Mu Zhang, Yue Duan, Qian Feng, Heng Yin, Towards Automatic Generation of Security-Centric Descriptions for Android Apps, In CCS 2015 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson, Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nicolo Andronio, Stefano Zanero, and Federico Maggi, HelDroid: Dissecting and Detecting Mobile Ransomware, In RAID 2015 [pdf]
Xin Chen, and Sencun Zhu, DroidJust: automated functionality-aware privacy leakage analysis for Android applications, In WiSec 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Nariman Mirzaei, Hamid Bagheri, Riyadh Mahmood, and Sam Malek, SIG-Droid: Automated system input generation for Android applications, In ISSRE 2015 [pdf]
Shengqian Yang, Hailong Zhang, Haowei Wu, Yan Wang, Dacong Yan, and Atanas Rountev, Static Window Transition Graphs for Android, In ASE 2015 [pdf]
Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden, Using targeted symbolic execution for reducing false-positives in dataflow analysis, In SOAP@PLDI 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Patrick P.F. Chan, Lucas C.K. Hui, S.M. Yiu, DroidChecker : Analyzing Android Applications for Capability Leak, In WISEC 2012 [pdf]
Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Jinyung Kim, Yongho Yoon, and Kwangkeun Yi, and Junbum Shin, Scandal: Static Analyzer for Detecting Privacy Leaks in Android Applications, In MoST@S&P 2012 [pdf]
William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer, Android taint flow analysis for app sets, In SOAP@PLDI 2014 [pdf]
Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen, AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale, In TRUST 2012 [pdf]
Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang, Systematic Detection of Capability Leaks in Stock Android Smartphones., In NDSS 2012 [pdf]
Chaorong Guo, Jian Zhang, Jun Yan, Zhiqiang Zhang, Yanli Zhang, Characterizing and detecting resource leaks in Android applications, In ASE 2013 [pdf]
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX : Statically Vetting Android Apps for Component Hijacking Vulnerabilities Categories and Subject Descriptors, In CCS 2012 [pdf]
Siyuan Ma, Zhushou Tang, Qiuyu Xiao, Jiafa Liu, Tran Triet Duong, Xiaodong Lin, and Haojin Zhu, Detecting GPS information leakage in Android applications, In GLOBECOM 2013 [pdf]
Christopher Mann, and Artem Starostin, A framework for static detection of privacy leaks in android applications, In SAC 2012 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Drago Sbîrlea, Michael G. Burke,Salvatore Guarnieri, Marco Pistoia, and Vivek Sarkar, Automatic Detection of Inter-application Permission Leaks in Android Applications, In IBM Research and Development Journal 2013 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Zhibo Zhao, and Fernando C. Colon Osorio, TrustDroid: Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking, In MALWARE 2012 [pdf]
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou, Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications, In SPSM@CCS 2012 [pdf]
Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, DroidAlarm: an all-sided static analysis tool for android privilege-escalation malware, In ASIACCS 2013 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Michael D. Ernst, René Just, Suzanne Millstein, Werner Dietl,Stuart Pernsteiner, Franziska Roesner, Karl Koscher, Paulo Barros, Ravi Bhoraskar, Seungyeop Han, Paul Vines, and Edward X. Wu, Collaborative Verification of Information Flow for a High-Assurance App Store, In CCS 2014 [pdf]
Mu Zhang, and Heng Yin, Efficient, Context-Aware Privacy Leakage Confinement for Android Applications without Firmware Modding, In ASIACCS 2014 [pdf]
Mu Zhang, and Heng Yin, AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, In NDSS 2014 [pdf]
Julian Schütte, Dennis Titze, and J. M. de Fuentes, AppCaulk: Data Leak Prevention by Injecting Targeted Taint Tracking Into Android Apps, In TrustCom 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken, Apposcopy : Semantics-Based Detection of Android Malware Through Static Analysis, In FSE 2014 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Yajin Zhou, and Xuxian Jiang, Detecting passive content leaks and pollution in android applications, In NDSS 2013 [pdf]
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang, AsDroid : Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Contradiction, In ICSE 2014 [pdf]
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang, AppIntent : Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, In CCS 2013 [pdf]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel, FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, In PLDI 2014 [pdf]
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel, IccTA : Detecting Inter-Component Privacy Leaks in Android Apps, In ICSE 2015 [pdf]
Steffen Lortz, Heiko Mantel, Artem Starostin,Timo Bähr, David Schneider, and Alexandra Weber, Cassandra: Towards a Certifying App Store for Android, In SPSM@CCS 2014 [pdf]
Dennis Titze, Julian Schütte, Apparecium: Revealing Data Flows in Android Applications, In AINA 2015 [pdf]
Mu Zhang, Yue Duan, Qian Feng, Heng Yin, Towards Automatic Generation of Security-Centric Descriptions for Android Apps, In CCS 2015 [pdf]
Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, and Xue Liu, Effective Real-Time Android Application Auditing, In S&P 2015 [pdf]
Sufatrio, Tong-Wei Chua, Darell J.J. Tan, and Vrizlynn L.L. Thing, Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments, In ESORICS 2015 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nicolo Andronio, Stefano Zanero, and Federico Maggi, HelDroid: Dissecting and Detecting Mobile Ransomware, In RAID 2015 [pdf]
Xin Chen, and Sencun Zhu, DroidJust: automated functionality-aware privacy leakage analysis for Android applications, In WiSec 2015 [pdf]
Yajin Zhou, Lei Wu, Zhi Wang, and Xuxian Jiang, Harvesting developer credentials in Android apps, In WiSec 2015 [pdf]
Xingmin Cui, Jingxuan Wang, Lucas C.K.Hui, Zhongwei Xie, Tian Zeng, and S.M.Yiu, WeChecker: efficient and precise detection of privilege escalation vulnerabilities in Android apps, In WiSec 2015 [pdf]
Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, and Yan Chen, Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android, In Securecomm 2015 [pdf]
Osbert Bastani, Saswat Anand, and Alex Aiken, Interactively verifying absence of explicit information flows in Android apps, In OOPSLA 2015 [pdf]
Agostino Cortesi, Pietro Ferrara, Marco Pistoia, and Omer Tripp, Datacentric Semantics for Verification of Privacy Policy Compliance by Mobile Applications, In VMCAI 2015 [pdf]
Wei Huang, Yao Dong Ana Milanova, and Julian Dolby, Scalable and precise taint analysis for Android, In ISSTA 2015 [pdf]
Kangjie Lu, Zhichun Li, Vasileios P. Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang, Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting, In NDSS 2015 [pdf]
Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden, Using targeted symbolic execution for reducing false-positives in dataflow analysis, In SOAP@PLDI 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shao Shuai, Dong Guowei, Guo Tao, Yang Tianchang, and Shi Chenjie, Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications, In DASC 2014 [pdf]
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel, An empirical study of cryptographic misuse in android applications, In CCS 2013 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Zhihui Han, Liang Cheng, Yang Zhang, Shuke Zeng, Yi Deng, and Xiaoshan Sun, Systematic Analysis and Detection of Misconfiguration Vulnerabilities in Android Smartphones, In TrustCom 2014 [pdf]
Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth, Slicing droids: program slicing for smali code, In SAC 2013 [pdf]
Jinseong Jeon, Kristopher K. Micinski, Jeffrey A. Vaughan, Ari Fogel, Nikhilesh Reddy, Jeffrey S. Foster, and Todd Millstein, Dr . Android and Mr . Hide : Fine-grained Permissions in Android Applications Categories and Subject Descriptors, In SPSM@CCS 2012 [pdf]
Dimitris Geneiatakis, Igor Nai Fovino, Ioannis Kounelis, Paquale Stirparo, A Permission verification approach for android mobile applications, In Computers & Security Journal 2015 [pdf]
Clint Gibler, Jonathan Crussell, Jeremy Erickson, and Hao Chen, AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale, In TRUST 2012 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Drago Sbîrlea, Michael G. Burke,Salvatore Guarnieri, Marco Pistoia, and Vivek Sarkar, Automatic Detection of Inter-application Permission Leaks in Android Applications, In IBM Research and Development Journal 2013 [pdf]
Feng Shen, Namita Vishnubhotla, Chirag Todarka, Mohit Arora, Babu Dhandapani, Eric John Lehner, Steven Y. Ko, and Lukasz Ziarek, Information flows as a permission mechanism, In ASE 2014 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck, AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context, In ICSE 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Alexandre Bartel, Jacques Klein, Martin Monperrus, and Yves Le Traon, Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And Solutions for Analyzing Android, In TSE Journal 2014 [pdf]
Alexandre Bartel, Jacques Klein, Yves Le Traon, and Martin Monperrus, Automatically securing permission-based software by reducing the attack surface: An application to android, In ASE 2012 [pdf]
Jialiu Lin, Bin Liu, Norman Sadeh, Jason I. Hong, Modeling Users' Mobile App Privacy Preferences : Restoring Usability in a Sea of Permission Settings, In SOUPS 2014 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Shuying Liang, Andrew W. Keep, Matthew Might, Steven Lyde, Thomas Gilray, Petey Aldous, and David Van Horn, Sound and precise malware analysis for android via pushdown reachability and entry-point saturation, In SPSM@CCS 2013 [pdf]
Zhihui Han, Liang Cheng, Yang Zhang, Shuke Zeng, Yi Deng, and Xiaoshan Sun, Systematic Analysis and Detection of Misconfiguration Vulnerabilities in Android Smartphones, In TrustCom 2014 [pdf]
Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth, Slicing droids: program slicing for smali code, In SAC 2013 [pdf]
Wenjun Hu, Jing Tao, Xiaobo Ma, Wenyu Zhou, Shuang Zhao, and Ting Han, MIGDroid: Detecting APP-Repackaging Android malware via method invocation graph, In ICCCN 2014 [pdf]
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, and Bernd Freisleben, Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security, In CCS 2012 [pdf]
Hugo Gascon, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck, Structural Detection of Android Malware using Embedded Call Graphs, In AISec@CCS 2013 [pdf]
Mariem Graa, Nora Cuppens-Boulahia, Frédé́ric Cuppens, and Ana Cavalli, Protection against Code Obfuscation Attacks based on control dependencies in Android Systems, In SERE Companion 2014 [pdf]
Mariem Graa, Nora Cuppens-Boulahia, Frédéric Cuppens, and Ana Cavalli, Detecting control flow in smarphones: Combining static and dynamic analyses, In CSS 2012 [pdf]
Michael Grace, Wu Zhou, and Xuxian Jiang, and Ahmad-Reza Sadeghi, Unsafe exposure analysis of mobile in-app advertisements, In WISEC 2012 [pdf]
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX : Statically Vetting Android Apps for Component Hijacking Vulnerabilities Categories and Subject Descriptors, In CCS 2012 [pdf]
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna, Execute this! analyzing unsafe and malicious dynamic code loading in android applications, In NDSS 2014 [pdf]
Tristan Ravitch, E. Rogan Creswick, Aaron Tomb, Adam Foltzer, Trevor Elliott, and Ledah Casburn, Multi-App Security Analysis with FUSE : Statically Detecting Android App Collusion, In PPREW@ACSAC 2014 [pdf]
Drago Sbîrlea, Michael G. Burke,Salvatore Guarnieri, Marco Pistoia, and Vivek Sarkar, Automatic Detection of Inter-application Permission Leaks in Android Applications, In IBM Research and Development Journal 2013 [pdf]
David Sounthiraraj, Justin Sahs, Garret Greenwood, Zhiqiang Lin, and Latifur Khan, SMV-HUNTER: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps, In NDSS 2014 [pdf]
Timothy Vidas, Jiaqi Tan, Jay Nahata, Chaur Lih Tan, Nicolas Christin, and Patrick Tague, A5 : Automated Analysis of Adversarial Android Applications, In SPSM@CCS 2014 [pdf]
Anthony Desnos, Android: Static analysis using similarity distance, In HICSS 2012 [pdf]
Anthony Desnos, and Geoffroy Gueguen, Android : From Reversing to Decompilation, In BlackHat 2011 [pdf]
Steffen Bartsch, Bernhard Berger, Michaela Bunke, and Karsten Sohr, The Transitivity-of-Trust Problem in Android Application Interaction, In ARES 2013 [pdf]
Leonid Batyuk, Markus Herpich, Seyit Ahmet Camtepe, Karsten Raddatz, Aubrey-Derrick Schmidt, and Sahin Albayrak, Using Static Analysis for Automatic Assessment and Mitigation of Unwanted and Malicious Activities Within Android Applications, In MALWARE 2011 [pdf]
Chia-Mei Chen, Je-Ming Lin, and Gu-Hsin Lai, Detecting Mobile Application Malicious Behaviors Based on Data Flow of Source Code, In TSA 2014 [pdf]
Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward Wu, Martin Rinard, and Dawn Song, Contextual Policy Enforcement in Android Applications with Permission Event Graphs, In NDSS 2013 [pdf]
Jianlin Xu, Yifan Yu, Zhen Chen, Bin Cao, Wenyu Dong, Yu Guo, and Junwei Cao, MobSafe: cloud computing based forensic analysis for massive mobile applications using data mining, In Tsinghua Science and Technology Journal 2013 [pdf]
Luoshi Zhang, Yan Niu, Xiao Wu, Zhaoguo Wang, and Yibo Xue, A3: Automatic Analysis of Android Malware, In CCIS 2013 [pdf]
Mu Zhang, Yue Duan, Heng Yin, and Zhiruo Zhao, Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs Categories and Subject Descriptors, In CCS 2014 [pdf]
Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, DroidAlarm: an all-sided static analysis tool for android privilege-escalation malware, In ASIACCS 2013 [pdf]
Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, and Sam Malek, COVERT: Compositional Analysis of Android Inter-App Permission Leakage, In TSE Journal 2015 [pdf]
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard, Information-Flow Analysis of Android Applications in DroidSafe, In NDSS 2015 [pdf]
Jianliang Wu, Tingting Cui, Tao Ban, Shanqing Guo, and Lizhen Cui, PaddyFrog: systematically detecting confused deputy vulnerability in Android applications, In Security and Communication Networks Journal 2015 [pdf]
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang, The impact of vendor customizations on android security, In CCS 2013 [pdf]
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby, Amandroid : A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps Categories and Subject Descriptors, In CCS 2014 [pdf]
Yajin Zhou, and Xuxian Jiang, Detecting passive content leaks and pollution in android applications, In NDSS 2013 [pdf]
Erik Ramsgaard Wognsen, Henrik Søndberg Karlsen, Mads Chr. Olesen, and René Rydhof Hansen, Formalisation and analysis of Dalvik bytecode, In SCP Journal 2014 [pdf]
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon, Effective Inter-Component Communication Mapping in Android with Epicc : An Essential Step Towards Holistic Security Analysis, In USENIX SECURITY 2013 [pdf]
Kristopher Micinski, Jonathan Fetter-Degges, Jinseong Jeon, Jeffrey S. Foster, and Michael R. Clarkson, Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution, In ESORICS 2015 [pdf]
Chaoshun Zuo, Jianliang Wu, and Shanqing Guo, Automatically Detecting SSL Error-Handling Vulnerabilities in Hybrid Mobile Web Apps, In AsiaCCS 2015 [pdf]
Sam Blackshear, Bor-Yuh Evan Chang, and Manu Sridharan, Selective Control-Flow Abstraction via Jumping, In OOPSLA 2015 [pdf]
Gholamreza Safi, Arman Shahbazian, William G.J. Halfond, and Nenad Medvidovic, Detecting Event Anomalies in Event-Based Systems, In FSE 2015 [pdf]
Kangjie Lu, Zhichun Li, Vasileios P. Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang, Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting, In NDSS 2015 [pdf]
Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner, Analyzing Inter-Application Communication in Android, In MobiSys 2011 [pdf]
Daniele Gallingani, Rigel Gjomemo, V.N. Venkatakrishnan, and Stefano Zanero, Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications, In MoST@S&P 2015 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Zheng Lu, and Supratik Mukhopadhyay, Model-based static source code analysis of java programs with applications to android security, In COMPSAC 2012 [pdf]
Étienne Payeta, and Fausto Spotob, Static analysis of Android programs, In IST Journal 2012 [pdf]
Steffen Lortz, Heiko Mantel, Artem Starostin,Timo Bähr, David Schneider, and Alexandra Weber, Cassandra: Towards a Certifying App Store for Android, In SPSM@CCS 2014 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Ding Li, Shuai Hao, William G.J. Halfond, and Ramesh Govindan, Calculating source line level energy information for Android applications, In ISSTA 2013 [pdf]
Ding Li, Angelica Huyen Tran, and William G. J. Halfond, Making web applications more energy efficient for OLED smartphones, In ICSE 2014 [pdf]
Shuai Hao, Ding Li, William G. J. Halfond, Ramesh Govindan, Estimating mobile application energy consumption using program analysis, In ICSE 2013 [pdf]
Panagiotis Vekris, Ranjit Jhala, Sorin Lerner, and Yuvraj Agarwal, Towards verifying android apps for the absence of no-sleep energy bugs, In HotPower 2012 [pdf]
Byung-Gon Chun, Sunghwan Ihm, Petros Maniatis, Mayur Naik, and Ashwin Patti, Clonecloud: elastic execution between mobile device and cloud, In EuroSys 2011 [pdf]
Ying Zhang, Gang Huang, Xuanzhe Liu, Wei Zhang, Hong Mei, and Shunxiang Yang, Refactoring android Java code for on-demand computation offloading, In OOPSLA 2012 [pdf]
Jingtian Wang, Guoquan wu, Xiaoquan Wu, Jun Wei, Detect and optimize the energy consumption of mobile app through static analysis: an initial research, In Internetware 2012 [pdf]
Reyhaneh Jabbarvand, Alireza Sadeghi, Joshua Garcia, Sam Malek, and Paul Ammann, EcoDroid: an approach for energy-based ranking of Android apps, In GREENS@ICSE 2015 [pdf]
Abhinav Pathak, Abhilash Jindal, Y. Charlie Hu, and Samuel P. Midkiff, what is keeping my phone awake? characterizing and detecting no-sleep energy bugs in smartphone apps, In MobiSys 2012 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Anthony Desnos, Android: Static analysis using similarity distance, In HICSS 2012 [pdf]
Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie, Detecting Code Reuse in Android Applications Using Component-Based Control Flow Graph, In IFIP SEC 2014 [pdf]
Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, and Sotiris Ioannidis, AndRadar: Fast Discovery of Android Applications in Alternative Markets, In DIMVA 2014 [pdf]
Jonathan Crussell, Clint Gibler, and Hao Chen, Scalable semantics-based detection of similar Android applications, In ESORICS 2013 [pdf]
Jonathan Crussell, Clint Gibler, and Hao Chen, Attack of the clones: detecting cloned applications on Android markets, In ESORICS 2012 [pdf]
Kai Chen, Peng Liu, and Yingjun Zhang, Achieving accuracy and scalability simultaneously in detecting application clones on Android markets, In ICSE 2014 [pdf]

SOOT | WALA | APKTOOL | SE/PL | SEC | OPEN SOURCING | ABSTRACT INTERPRETATION | TAINT ANALYSIS | SYMBOLIC EXECUTION | PROGRAM SLICING | CODE INSTRUMENTATION | TYPE/MODEL CHECKING | DYNAMIC CODE LOADING | REFLECTION | NATIVE | ICC | IAC | XML LAYOUT | DATA LEAK | CRYPTOGRAPHY | PERMISSION | VULNERABILITY | CODE VERIFICATION | ENERGY | CLONE DETECTION | TEST CASE GENERATION

Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang, AppIntent : Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, In CCS 2013 [pdf]
Saswat Anand, Mayur Naik, Hongseok Yang, and Mary Jean Harrold, Automated Concolic Testing of Smartphone Apps, In FSE 2012 [pdf]
Behnaz Hassanshahi, Yaoqi Jia, Roland H. C. Yap, Prateek Saxena, and Zhenkai Liang, Web-to-Application Injection Attacks on Android: Characterization and Detection, In ESORICS 2015 [pdf]
Nariman Mirzaei, Hamid Bagheri, Riyadh Mahmood, and Sam Malek, SIG-Droid: Automated system input generation for Android applications, In ISSRE 2015 [pdf]
Casper S. Jensen, Mukul R. Prasad, and Anders Møller, automated testing with targeted event sequence generation, In ISSTA 2013 [pdf]