Janaka Senanayake
Android source code vulnerability detection: a systematic literature review.
Senanayake, Janaka; Kalutarage, Harsha; Al-Kadri, Mhd Omar; Petrovski, Andrei; Piras, Luca
Authors
Dr Harsha Kalutarage h.kalutarage@rgu.ac.uk
Senior Lecturer
Mhd Omar Al-Kadri
Dr Andrei Petrovski a.petrovski@rgu.ac.uk
Associate Professor
Luca Piras
Abstract
The use of mobile devices is rising daily in this technological era. A continuous and increasing number of mobile applications are constantly offered on mobile marketplaces to fulfil the needs of smartphone users. Many Android applications do not address the security aspects appropriately. This is often due to a lack of automated mechanisms to identify, test, and fix source code vulnerabilities at the early stages of design and development. Therefore, the need to fix such issues at the initial stages rather than providing updates and patches to the published applications is widely recognized. Researchers have proposed several methods to improve the security of applications by detecting source code vulnerabilities and malicious codes. This Systematic Literature Review (SLR) focuses on Android application analysis and source code vulnerability detection methods and tools by critically evaluating 118 carefully selected technical studies published between 2016 and 2022. It highlights the advantages, disadvantages, applicability of the proposed techniques, and potential improvements of those studies. Both Machine Learning (ML)-based methods and conventional methods related to vulnerability detection are discussed while focusing more on ML-based methods, since many recent studies conducted experiments with ML. Therefore, this article aims to enable researchers to acquire in-depth knowledge in secure mobile application development while minimizing the vulnerabilities by applying ML methods. Furthermore, researchers can use the discussions and findings of this SLR to identify potential future research and development directions.
Citation
SENANAYAKE, J., KALUTARAGE, H., AL-KADRI, M.O., PETROVSKI, A. and PIRAS, L. 2023. Android source code vulnerability detection: a systematic literature review. ACM computing surveys [online], 55(9), article 187, pages 1-37. Available from: https://doi.org/10.1145/3556974
Journal Article Type | Review |
---|---|
Acceptance Date | Aug 8, 2022 |
Online Publication Date | Jan 16, 2023 |
Publication Date | Sep 30, 2023 |
Deposit Date | Jan 26, 2023 |
Publicly Available Date | Jan 26, 2023 |
Journal | ACM computing surveys |
Print ISSN | 0360-0300 |
Electronic ISSN | 1557-7341 |
Publisher | Association for Computing Machinery (ACM) |
Peer Reviewed | Peer Reviewed |
Volume | 55 |
Issue | 9 |
Article Number | 187 |
Pages | 1-37 |
DOI | https://doi.org/10.1145/3556974 |
Keywords | Software security; Machine learning; Android security; Vulnerability detection; Source code vulnerability |
Public URL | https://rgu-repository.worktribe.com/output/1862497 |
Files
SENANAYAKE 2023 Android source code (VOR)
(1.1 Mb)
PDF
Copyright Statement
© 2023 Association for Computing Machinery.
You might also like
Beyond vanilla: improved autoencoder-based ensemble in-vehicle intrusion detection system.
(2023)
Journal Article
AI-based intrusion detection systems for in-vehicle networks: a survey.
(2023)
Journal Article
RRP: a reliable reinforcement learning based routing protocol for wireless medical sensor networks.
(2023)
Conference Proceeding
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search