├── MalwareTaxonomy.md
├── README.md
├── AndroidMarkets.md
├── AndroidTools.md
└── LiteratureReview.md


/MalwareTaxonomy.md:
--------------------------------------------------------------------------------
 1 | There are several taxonomis of Android malware. We list all taxnomies as follows:
 2 | 
 3 | ##Taxonomy of Attack Targets
 4 | 
 5 | + Information Leakage
 6 | + Privilege Escalation
 7 | + Finantial Charge
 8 | + Ransomware 
 9 | + Adware
10 |   
11 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # AndroidReferences
2 | 
3 | We list the following literatures, tools, markets in a chronological order
4 | 
5 | 1. [Literature Review](LiteratureReview.md)
6 | 2. [Android Tools](AndroidTools.md)
7 | 3. [Android Markets](AndroidMarkets.md)
8 | 4. [Malware Taxonomy](MalwareTaxonomy.md)
9 | 


--------------------------------------------------------------------------------
/AndroidMarkets.md:
--------------------------------------------------------------------------------
 1 | + 1Mobile: http://www.1mobile.com/
 2 | + 3310： http://apk.3310.com
 3 | + 7723: http://3g.7723.cn/
 4 | + ACMarket: http://acmarket.net
 5 | + Amazon: http://www.amazon.com/mobile-apps/b?node=2350149011
 6 | + AndroidDrawer: http://www.androiddrawer.com/
 7 | + AnGeeks: http://www.angeeks.com/
 8 | + Anruan: http://www.anruan.com/
 9 | + Anzhi: http://anzhi.com/
10 | + AOnline: https://www.andapponline.com/
11 | + Apk20: http://www.apk20.com/
12 | + APK4Fun: http://www.apk4fun.com/
13 | + ApkHere: http://www.apkhere.com/
14 | + APKMirror: http://www.apkmirror.com/
15 | + Apkpure: https://apkpure.com
16 | + AppChina: http://www.appchina.com/
17 | + App Fun: http://appfun.cn/
18 | + AppsApk: http://appsapk.com
19 | + Appszoom: http://www.appszoom.com/
20 | + Aptoide: http://www.aptoide.com/ (Portugal)
21 | + Baidu: http://shouji.baidu.com/ 
22 | + Camangi Market: http://www.camangimarket.com/index.html
23 | + China Mobile: http://mm.10086.cn/
24 | + CNMO: http://app.cnmo.com/
25 | + CoolApk: http://coolapk.com
26 | + Crsky: http://android.crsky.com
27 | + EOE Market: http://www.eoemarket.com/
28 | + Flyme: http://app.flyme.cn/
29 | + FreewareLovers: http://www.freewarelovers.com/android
30 | + F-Droid: https://f-droid.org/
31 | + GetJar: http://www.getjar.com/
32 | + gFan: http://apk.gfan.com/
33 | + HiApk: http://www.hiapk.com/
34 | + HiAppHere: http://www.hiapphere.site/
35 | + Huawei: http://appstore.huawei.com/
36 | + Lenove: http://www.lenovomm.com/
37 | + MI: http://app.mi.com/
38 | + Mob: http://mob.org/
39 | + Mobogenie: http://www.mobogenie.com/
40 | + Mumayi:http://www.mumayi.com/
41 | + NDuo: http://www.nduoa.com | http://www.nduo.cn
42 | + Pandaapp: http://download.pandaapp.com/
43 | + Phoload: http://www.phoload.com/
44 | + QQ: http://sj.qq.com/myapp/
45 | + Samsung: http://www.samsung.com/cn/apps/mobile/galaxyapps/
46 | + SlideMe: http://slideme.org
47 | + Soc.io: http://soc.io/apps
48 | + TorrApk: https://www.torrapk.com/
49 | + Uptodown: http://en.uptodown.com/android
50 | + Wandoujia: http://www.wandoujia.com/apps
51 | + Wangyi: http://m.163.com/android/index.html
52 | + ZOL: http://sj.zol.com.cn
53 | + ZTE: http://apps.ztems.com/
54 | 


--------------------------------------------------------------------------------
/AndroidTools.md:
--------------------------------------------------------------------------------
  1 | ##Forensics Tools
  2 | 
  3 | + [Android Forensics](https://github.com/viaforensics/android-forensics) – Open Source Android Forensics App and Framework
  4 | + [Android Data Extractor Lite](https://github.com/mspreitz/ADEL)
  5 | + [BitPim](http://www.bitpim.org/) – BitPim is a program that allows you to view and manipulate data on many CDMA phones from LG, Samsung, Sanyo and other manufacturers.
  6 | + [LiME](https://github.com/504ensicsLabs/LiME) – LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android.
  7 | + [Open Source Android Forensics](http://www.osaf-community.org/)
  8 | + [P2P-ADB](https://github.com/kosborn/p2p-adb/) – Phone to Phone Android Debug Bridge – A project for “debugging” phones from other phones.
  9 | + [pySimReader](https://www.isecpartners.com/tools/mobile-security/pysimreader.aspx) – It allows users to write out arbitrary raw SMS PDUs to a SIM card.
 10 | 
 11 | ##Development Tools
 12 | 
 13 | + [Android SDK](https://developer.android.com/sdk/index.html) – The Android software development kit (SDK) includes a comprehensive set of development tools. These include a debugger, libraries, a handset emulator based on QEMU, documentation, sample code, and tutorials.
 14 | + [Android NDK](https://developer.android.com/tools/sdk/ndk/index.html) – The NDK is a toolset that allows you to implement parts of your app using native-code languages such as C and C++.
 15 | + [ADT Bundle](https://developer.android.com/sdk/index.html) – The Android Developer Tools(ADT) bundle is a single download that contains everything for developers to start creating Android Application
 16 |   * Android Studio IDE or Eclipse IDE
 17 |   * Android SDK tools
 18 |   * Android 5.0 (Lollipop) Platform
 19 |   * Android 5.0 emulator system image with Google APIs
 20 | + [Native Android Runtime Emulation](https://bitbucket.org/jigsaw_echo/armexec) – A native Android emulator featuring the following functions:
 21 |   * Full stack support for ELF built by Android NDK.
 22 |   * Seeminglessly native gdb support.
 23 |   * Link and load shared library.
 24 |   * Open to extension of different architecture and C runtime.
 25 | + [Root Tools](https://github.com/Stericson/RootTools) – RootTools provides rooted developers a standardized set of tools for use in the development of rooted applications.
 26 | 
 27 | ##Static Analysis Tools
 28 | 
 29 | + [Androwarn](https://github.com/maaaaz/androwarn/) - Yet another static code analyzer for malicious Android applications
 30 | + [ApkAnalyser](https://github.com/sonyxperiadev/ApkAnalyser) – ApkAnalyser is a static, virtual analysis tool for examining and validating the development work of your Android app.
 31 | + [APKInspector](https://github.com/honeynet/apkinspector/) – APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
 32 | + [DroidSafe](http://mit-pac.github.io/droidsafe-src/) – The DroidSafe project develops novel program analysis techniques to diagnose and remove malicious code from Android mobile applications. The clone is located at DroidSafe-GitHub.
 33 | + [Crashlytics](https://try.crashlytics.com/) - Crashlytics is a powerful, yet light-weight crash reporting solution
 34 | + [Error-Prone](https://github.com/google/error-prone) – Catch common Java mistakes as compile-time errors
 35 | + [FindBugs](http://findbugs.sourceforge.net/) + [FindSecurityBugs](http://h3xstream.github.io/find-sec-bugs/) – FindSecurityBugs is a extension for FindBugs which include security rules for Java applications. It will find cryptography problems as well as Android specific problems.
 36 | + [ApkCombiner](https://github.com/lilicoding/ApkCombiner) - Combining multiple Android apps to one for supporting inter-app analysis
 37 | + [IC3](https://github.com/siis/ic3) - Inter-Component Communication Analysis with COAL
 38 | + [FlowDroid](http://sseblog.ec-spride.de/tools/flowdroid/) – FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
 39 | + [IccTA](https://github.com/lilicoding/soot-infoflow-android-iccta) - An Inter-Component Communication based Taint Analysis tool based on FlowDroid and Epicc/IC3 to perform inter-component privacy leaks in Android apps
 40 | + [Lint](http://developer.android.com/tools/help/lint.html) – The Android lint tool is a static code analysis tool that checks your Android project source files for potential bugs and optimization improvements for correctness, security, performance, usability, accessibility, and internationalization.
 41 | + [PMD](http://pmd.sourceforge.net/) – PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, Javascript, XML, XSL.
 42 | + [Smali CFGs](https://github.com/EugenioDelfa/Smali-CFGs) – Smali Control Flow Graph’s
 43 | + [Smali and Baksmali](https://code.google.com/p/smali/) – smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android’s Java VM implementation.
 44 | + [Thresher](http://pl.cs.colorado.edu/projects/thresher/) – Thresher is a static analysis tool that specializes in checking heap reachability properties. Its secret sauce is using a coarse up-front points-to analysis to focus a precise symbolic analysis on the alarms reported by the points-to analysis.
 45 | + [SuSi](https://github.com/secure-software-engineering/SuSi) - automatically discover and categorize sources and sinks in the Android framework
 46 | 
 47 | ##Dynamic Analysis Tools
 48 | 
 49 | + [Android Hooker](https://github.com/AndroidHooker/hooker) – This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application.
 50 | + [Droidbox](https://code.google.com/p/droidbox/) – DroidBox is developed to offer dynamic analysis of Android applications
 51 | + [Drozer](https://www.mwrinfosecurity.com/products/drozer/) – Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.
 52 | + [TaintDroid](http://appanalysis.org/) – Tracking how apps use sensitive information required integrating our software into the Android platform at a low level.
 53 | + [Xposed Framework](http://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053)
 54 | + [Inspeckage](http://ac-pm.github.io/Inspeckage/) - Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime.
 55 | 
 56 | 
 57 | ##Reverse Engineering Tools
 58 | 
 59 | + [Androguard](https://github.com/androguard/androguard) – Reverse engineering, Malware and goodware analysis of Android applications … and more (ninja !)
 60 | + [dockerfile-androguard] (https://github.com/dweinstein/dockerfile-androguard) - Docker file for building androguard dependencies w/ an optional interactive shell environment
 61 | + [Android loadble Kernel Modules](https://github.com/strazzere/android-lkms) – It is mostly used for reversing and debugging on controlled systems/emulators.
 62 | + [AndBug](https://github.com/swdunlop/AndBug) – Android Debugging Library
 63 | + [ApkTool](https://code.google.com/p/android-apktool/) – A tool for reverse engineering Android Apk Files
 64 | + [APK Studio](https://apkstudio.codeplex.com/) – APK Studio is an IDE for decompiling/editing & then recompiling of android application binaries.
 65 | + [Bytecode-Viewer](https://github.com/Konloch/bytecode-viewer) – A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
 66 | + [CodeInspect](http://sseblog.ec-spride.de/2014/12/codeinspect/) – A Jimple-based Reverse-Engineering framework for Android and Java applications.
 67 | + [dedex](https://github.com/mariokmk/dedex) – A command line tool for disassembling Android DEX files.
 68 | + [enjarify](https://github.com/google/enjarify) - A tool for translating Dalvik bytecode to equivalent Java bytecode :star:
 69 | + [Dex2Jar](https://code.google.com/p/dex2jar/) – Tools to work with android .dex and java .class files
 70 | + [dexdisassembler](https://github.com/mariokmk/dexdisassembler) – A GTK tool for disassembling Android DEX files.
 71 | + [Fern Flower](https://github.com/fesh0r/fernflower) – FernFlower Java decompiler
 72 | + [Fino](https://github.com/sysdream/fino) – Android small footprint inspection tool
 73 | + [Introspy-Android](https://github.com/iSECPartners/Introspy-Android) – Blackbox tool to help understand what an Android application is doing at runtime and assist in the identification of potential security issues.
 74 | + [JD-Gui](http://jd.benow.ca/) – Yet another fast Java Decompiler
 75 | + [JEB](https://www.pnfsoftware.com/index) – The Interactive Android Decompiler
 76 | + [smali](https://code.google.com/p/smali/) – An assembler/disassembler for Android’s dex format
 77 | 
 78 | ##Hooking Tools
 79 | 
 80 | + [ADBI Framework](https://github.com/crmulliner/ddi) – Simple and easy to use toolkit for dynamic instrumentation of Dalvik code.
 81 | + [Cydia Substrate](http://www.cydiasubstrate.com/) – Cydia Substrate for Android enables developers to make changes to existing software with Substrate extensions that are injected in to the target process’s memory.
 82 | + [Xposed Framework](http://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053) – Xposed framework enables you to modify the system or application aspect and behaviour at runtime, without modifying any Android application package(APK) or re-flashing.
 83 | + [Dexposed](https://github.com/alibaba/dexposed) - Dexposed is a powerful yet non-invasive runtime AOP (Aspect-oriented Programming) framework for Android app development, based on the work of open-source Xposed framework project.
 84 | + [Frida](http://www.frida.re/) – Inject JavaScript to explore native apps on Android
 85 | + [ELLA](https://github.com/saswatanand/ella) - Ella is a tool to instrument Android APK's for various purposes. Out of the box, it instruments apps to record which methods gets executed. It can also record time-stamped trace of executed methods, values of arguments passed at call-sites, values of formal parameters of methods, etc.
 86 | 
 87 | ##Obfuscators & Deobfuscators Tools
 88 | 
 89 | + [APK Obfuscator](https://github.com/strazzere/APKfuscator) – A generic DEX file obfuscator and munger.
 90 | + [Bytecode-Viewer](https://github.com/Konloch/bytecode-viewer) – A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
 91 | + [Class Name Deobfuscator](https://github.com/HamiltonianCycle/ClassNameDeobfuscator) – Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.
 92 | + [Dalvik Obfuscator](https://github.com/thuxnder/dalvik-obfuscator) – A set of tools/scripts to obfuscate and manipulate dex files
 93 | + [Simplify](https://github.com/CalebFenton/simplify) – Generic Android Deobfuscator
 94 | 
 95 | ##Online Analyzers
 96 | 
 97 | + [Android Observatory](https://androidobservatory.org/) – The Android Observatory is a web interface to a large repository of Android applications. It allows users to search or browse through thousands of Android apps and retrieve metadata for those apps.
 98 | + [Android APK Decompiler](http://www.decompileandroid.com/) – Decompiling APK files made easy. Online decompiler.
 99 | + [AndroidTotal](http://andrototal.org/) – AndroTotal is a free service to scan suspicious APKs against multiple mobile antivirus apps.
100 | + [Anubis](http://anubis.iseclab.org/) – Malware Analysis for Unknown Binaries.
101 | + [Akana](http://www.mobiseclab.org/akana/Intro.html) – Akana is an online Android app Interactive Analysis Enviroment (IAE), which is combined with some plugins for checking the malicious app.
102 | + [App360Scan](http://www.app360scan.com/) – Tells about permissons used by an Application and what harm it can cause to users.
103 | + [Baidu](http://seclab.safe.baidu.com/) – It provides an online security analysis of Android apps.
104 | + [CopperDroid](http://copperdroid.isg.rhul.ac.uk/copperdroid/) – It automatically perform out-of-the-box dynamic behavioral analysis of Android malware.
105 | + [Dexter](https://dexter.bluebox.com/) – Dexter is an interactive Android software analysis environment with collaboration features.
106 | + [Eacus](http://www.mobiseclab.org/eacus.jsp) – A lite Android app analysis framework
107 | + [Mobile Sandbox](http://mobilesandbox.org/) – The Mobile-Sandbox provides static and dynamic malware analysis combined with machine learning techniques for Android applications.
108 | + [Sandroid](http://sanddroid.xjtu.edu.cn/#overview) – An automatic Android application analysis system
109 | + [Virus Total](https://www.virustotal.com/) – VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
110 | 
111 | ##Android Testing Distributions
112 | 
113 | + [Appie](https://manifestsecurity.com/appie) – A portable software package for Android Pentesting and an awesome alternative to existing Virtual machines.It is a one stop answer for all the tools needed in Android Application Security Assessment, Android Forensics, Android Malware Analysis.
114 | + [Android Tamer](https://androidtamer.com/) – Android Tamer is a Virtual / Live Platform for Android Security professionals.
115 | + [AppUse](https://appsec-labs.com/AppUse/) – AppUse is a VM (Virtual Machine) developed by AppSec Labs.
116 | + [Mobisec](http://sourceforge.net/projects/mobisec/) – Mobile security testing live environment
117 | + [Now Secure App Testing Suite:Community Edition](https://www.nowsecure.com/apptesting/community/#viaprotect)
118 | + [Santoku Linux](https://santoku-linux.com/) – Santoku Linux is a virtual machine developed by NowSecure Mobile.
119 | + [Shadow OS](http://h30499.www3.hp.com/t5/Fortify-Application-Security/Announcing-ShadowOS/ba-p/6725771#.VUzhUJOupKg) – ShadowOS is a free tool designed by Fortify on Demand to help Security and QA teams test Android applications for security vulnerabilities. It is a custom OS based off of KitKat that intercepts specific areas of the device’s operation and makes testing apps for security vulnerabilites easier.
120 | + [Vezir Project](https://github.com/oguzhantopgul/Vezir-Project) – Yet Another Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis.
121 | + [AndroidJUnitRunner](https://developer.android.com/reference/android/support/test/runner/AndroidJUnitRunner.html) - An Instrumentation that runs JUnit3 and JUnit4 tests against an Android package (application).
122 | + [Espresso](https://google.github.io/android-testing-support-library/docs/espresso/) – 
123 | 
124 | ##Android Vulnerable Apps
125 | 
126 | + [Android Challenges of Various Conferences/Events](https://drive.google.com/folderview?id=0B7rtSe_PH_fTWDQ0RC1DeWVoVUE&usp=sharing)
127 | + [Owasp Goatdroid Project](https://github.com/jackMannino/OWASP-GoatDroid-Project)
128 | + [ExploitMe labs by SecurityCompass](http://securitycompass.github.io/AndroidLabs/setup.html)
129 | + [InsecureBank V2](https://github.com/dineshshetty/Android-InsecureBankv2)
130 | + [Sieve](https://labs.mwrinfosecurity.com/system/assets/380/original/sieve.apk)– Sieve is a password manager app, riddled with security vulnerabilities.
131 | 
132 | ##Android Security Apps
133 | 
134 | + [Android IMSI-Catcher-Detector](https://github.com/SecUpwN/Android-IMSI-Catcher-Detector) – It is an app to detect IMSI-Catchers. IMSI-Catchers are false mobile towers (base stations) acting between the target mobile phone(s) and the real towers of service providers. As such they are considered a Man-In-The-Middle (MITM) attack. In the USA the IMSI-Catcher technology is known under the name “StingRay”.
135 | + [Am I Vulnerable](http://delhi.securitycompass.com/) – AIV is an Android security app that notifies the user of publicly known vulnerabilities found in the installed version of apps on the device.
136 | 
137 | ##Application Security Framework
138 | 
139 | + [AppRay](http://www.app-ray.com/) – App-Ray takes a look inside your apps and helps you understand what they really do. In fully automated tests, App-Ray analyzes apps and highlights vulnerabilities, data leaks, and privacy breaches.
140 | + [YSO-Mobile Security Framework](https://github.com/ajinabraham/YSO-Mobile-Security-Framework) – Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis.
141 | 
142 | ##Android Malwares Related
143 | 
144 | + [Contagio Mini Dump](http://contagiominidump.blogspot.com/) – Contagio mobile mini-dump offers an upload dropbox for you to share your mobile malware samples.
145 | + [Android Malwares Databases](https://code.google.com/p/androguard/wiki/DatabaseAndroidMalwares) – No Longer Maintained.
146 | + [Android Malware Evaluating Tools](https://github.com/faber03/AndroidMalwareEvaluatingTools) – Evaluation tools for Android Malwares
147 | + [Maldrolyzer](https://github.com/maldroid/maldrolyzer) – Simple framework to extract “actionable” data from Android malware (C&Cs, phone numbers etc.)
148 | 
149 | ##Tutorials
150 | 
151 | + [Android Application Security Series](https://manifestsecurity.com/android-application-security/) – A simple and elaborative series on Android Application Security. Beneficial for Android Security Professionals and Developers.
152 | + [Android Forensics Course](http://opensecuritytraining.info/AndroidForensics.html)
153 | + [Introduction to ARM](http://opensecuritytraining.info/IntroARM.html)
154 | + [Android Security Articles By Infosec Institute](http://resources.infosecinstitute.com/author/srinivas/)
155 | + [Learning Android Bytecode](https://mariokmk.github.io/programming/2015/03/06/learning-android-bytecode.html)
156 | 
157 | ##Android Vulnerability List
158 | 
159 | + [Android Vulnerability/Exploit List](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html)
160 | + [Android CVE Details](http://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-19997/Google-Android.html)
161 | 
162 | ##Android Security Libraries
163 | 
164 | + [Android Password Store](https://github.com/zeapo/Android-Password-Store)
165 | + [Android Pinning](https://github.com/moxie0/AndroidPinning) – A standalone library project for certificate pinning on Android.
166 | + [Conceal By Facebook](https://github.com/facebook/conceal) – Conceal provides easy Android APIs for performing fast encryption and authentication of data.
167 | + [Dexguard](http://www.saikoa.com/dexguard) – DexGuard is our specialized optimizer and obfuscator for Android. Create apps that are faster, more compact, and more difficult to crack.
168 | + [Encryption](https://github.com/simbiose/Encryption) – Encryption is a simple way to create encrypted strings to Android project.
169 | + [CWAC-Security](https://github.com/commonsguy/cwac-security) – Helping You Help Your Users Defend Their Data
170 | + [IOCipher](https://github.com/guardianproject/IOCipher) – IOCipher is a virtual encrypted disk for apps without requiring the device to be rooted.
171 | + [Java AES Crypto](https://github.com/tozny/java-aes-crypto) – A simple Android class for encrypting & decrypting strings, aiming to avoid the classic mistakes that most such classes suffer from.
172 | + [NetCipher](https://github.com/guardianproject/NetCipher) – This is an Android Library Project that provides multiple means to improve network security in mobile applications.
173 | + [OpenPGP API](https://github.com/open-keychain/openpgp-api-lib) – The OpenPGP API provides methods to execute OpenPGP operations, such as sign, encrypt, decrypt, verify, and more without user interaction from background threads.
174 | + [OWASP Java HTML Sanitizer](https://code.google.com/p/owasp-java-html-sanitizer/)
175 | + [Proguard](http://proguard.sourceforge.net/) – ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes.
176 | + [Spongy Castle](https://github.com/rtyley/spongycastle) – a repackage of Bouncy Castle for Android
177 | + [SQL Cipher](https://www.zetetic.net/sqlcipher/sqlcipher-for-android/) – SQLCipher is an open source extension to SQLite that provides transparent 256-bit AES encryption of database files.
178 | + [Secure Preferences](https://github.com/scottyab/secure-preferences) – Android Shared preference wrapper than encrypts the keys and values of Shared Preferences.
179 | + [Trusted Intents](https://github.com/guardianproject/TrustedIntents) – Library for flexible trusted interactions between Android apps
180 | 
181 | ##Best Practices
182 | 
183 | + [Android Security Overview](http://source.android.com/devices/tech/security/)
184 | + [Android Security Tips for Developers](http://developer.android.com/training/articles/security-tips.html)
185 | + [Projects/OWASP Mobile Security Project – Top Ten Mobile Controls](https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Controls)
186 | + [PCI Mobile Payment Acceptance Security Guidelines for Developers](https://www.pcisecuritystandards.org/documents/Mobile%20Payment%20Security%20Guidelines%20v1%200.pdf)
187 | + [Secure Coding in Android](https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=111509535)
188 | 
189 | ## Android App Crawler
190 | + [APK Downloader](http://apps.evozi.com/apk-downloader/): A web service to take package name as input, and generate a link to download apps in Google Play.
191 | + [Gplaycli](https://github.com/matlink/gplaycli): A framework to download Android apps from Google Play via command line
192 | 


--------------------------------------------------------------------------------
/LiteratureReview.md:
--------------------------------------------------------------------------------
  1 | 
  2 | ## Malware Detection
  3 | 
  4 | + Static Analysis
  5 | 
  6 |   + SCanDroid: Automated Security Certification of Android Applications, Technical Report, 2009
  7 |   + Static Analysis of Executables for Collaborative Malware Detection on Android, ICC 2009
  8 |   + RiskRanker: Scalable and Accurate Zero-day Android Malware Detection, MobiSys 2012
  9 |   + Static Analysis of Android Programs, Information and Software Technolog, 2012
 10 |   + Systematic Detection of Capability Leaks in Stock Android Smartphones, NDSS 2012
 11 |   + CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities, CCS 2012
 12 |   + SCADAL: Static Analyzer for Detecting Privacy Leaks in Android Applications, MoST 2012
 13 |   + Structural Detection of Android Malware Using Embedded Call Graphs, AISec 2013 (tool: Adagio)
 14 |   + Targeted and Depth-first Exploration for Systematic Testing of Android Apps, OOPSLA 2013 (tool: A3E)
 15 |   + Detecting Passive Content Leaks and Pollution in Android Applications, NDSS 2013
 16 |   + Slicing Droids: Program Slicing for Smali Code, SAC 2013 (tool: SAAF)
 17 |   + Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation, SPSM 2013 (tool: Anadroid)
 18 |   + FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps, PLDI 2014
 19 |   + Apposcopy: Semantics-based Detection of Android Malware Through Static Analysis, FSE 2014
 20 |   + Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps, CCS 2014
 21 |   + AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Contexts, ICSE 2014
 22 |   + AsDroid: Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Constradiction, ICSE 2014
 23 |   + Android Taint Flow Analysis for App Sets, SOAP 2014
 24 |   + Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale, USENIX Security 2015 (tool: MassVet)
 25 |   + Information Flow Analysis of Android Applications in DroidSafe, NDSS 2015
 26 |   + EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework, NDSS 2015
 27 |   + IccTA: Detecting Inter-Component Privacy Leaks in Android Apps, ICSE 2015
 28 |   + Static Control-Flow Analysis of User-Driven Callbacks in Android Applications, ICSE 2015
 29 |   + DroidJust: Automated Functionality-Aware Privacy Leakage Analysis for Android Applications, WiSec 2015 (tool: DroidJust)
 30 |   + DroidEagle: Seamless Detection of Visually Similar Android Apps, WiSec 2015 (tool: DroidEagle)
 31 |   + Profiling User-Trigger Dependence for Android Malware Detection, Computer&Security 2015
 32 |   + Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques, NDSS 2016 (tool: HARVESTER)
 33 |   + HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving, Euro S&P 2016
 34 |   + StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework, ICSE 2016
 35 |   + Toward a Framework for Detecting Privacy Policy Violation in Android Application Code, ICSE 2016
 36 |   + R-Droid: Leveraging Android App Analysis with Static Slice Optimization, AsiaCCS 2016 (tool: R-Droid)
 37 |   + Semantic Modelling of Android Malware for Effective Malware Comprehension, Detection and Classification, ISSTA 2016 (tool: SMART)
 38 |   + DroidRA: Taming Reflection to Support Whole-Program Analysis of Android Apps, ISSTA 2016 (tool: DroidRA)
 39 |   + TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime, CCS 2016 (tool: TaintART)
 40 |   + ICCDetector: ICC-Based Malware Detection on Android, TIFS 2016 (tool: ICCDetector)
 41 |   + Software Architectural Principles in Contemporary Mobile Software: from Conception to Practice, Journal of Systems and Software, 2016
 42 |   + Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis, NDSS 2017
 43 |   + MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models, NDSS 2017 (tool: MaMaDroid)
 44 |   + A SEALANT for Inter-App Security Holes in Android, ICSE 2017 (tool: SEALANT)
 45 |   + Adaptive Unpacking of Android Apps, ICSE 2017 (tool: PackerGrind)
 46 |   + An Efficient, Robust, and Scalable Approach for Analyzing Interacting Android Apps, ICSE 2017 (tool: JITANA)
 47 |   + LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications, arxiv 2017 (tool: LeakSemantic)
 48 |   + TriFlow: Triaging Android Applications using Speculative Information Flows, AsiaCCS 2017 (tool: TriFlow)
 49 |   + Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications, AsiaCCS 2017 (tool: DIALDroid)
 50 |   + A Monte Carlo Tree Search approach to Active Malware Analysis, IJCAI 2017
 51 |   + Android Malware Clustering through Malicious Payload Mining, RAID 2017
 52 |   + Detection of Repackaged Android Malware with Code-Heterogeneity Features, TDSC 2017 (tool: DR-Droid)
 53 |   + JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code, CCS 2018 (tool: JN-SAF)
 54 |   + FraudDroid: Automated Ad Fraud Detection for Android Apps, ESEC/FSE 2019 (tool: FraudDroid)
 55 |   + Towards Large-Scale Hunting for Android Negative-Day Malware, RAID 2019 (tool: Lshand)
 56 |   + Discovering Flaws in Security-Focused Static Analysis Tools for Android using Systematic Mutation, USENIX Security 2019
 57 |   + FlowCog: Context-aware Semantics Extraction and Analysis of Information Flow Leaks in Android Apps, USENIX Security 2019
 58 |   + A Qualitative Analysis of Android Taint-Analysis Results, ASE 2019 (tool: COVA)
 59 |   + ER Catcher: A Static Analysis Framework for Accurate and Scalable Event-Race Detection in Android, ASE 2020 (tool: ER Catcher)
 60 |   
 61 | + Dynamic Analysis
 62 | 
 63 |   + TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones, OSDI 2010
 64 |   + Crowdroid: Behavior-based Malware Detection System for Android, SPSM 2011
 65 |   + XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks, Technical Report, 2011
 66 |   + DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis, USENIX Security 2012
 67 |   + AndroTotal: A Flexible, Scalable Toolbox and Service for Testing Mobile Malware Detector, SPSM 2013
 68 |   + PUMA: Programmable UI-automation for Large-scale Dynamic Analysis of Mobile Apps, MobiSys 2014 (tool: PUMA)
 69 |   + Checking Interation-Based Declassification Policies for Android Using Symbolic Execution, ESORICS 2015 (tool: ClickRelease)
 70 |   + BareDroid: Large-Scale Analysis of Android Apps on Real Devices, ACSAC 2015 (tool: BareDroid)
 71 |   + CopperDroid: Automatic Reconstruction of Android Malware Behaviors, NDSS 2015
 72 |   + Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques, NDSS 2016 (tool: HARVESTER)
 73 |   + IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware, NDSS 2016
 74 |   + DroidScribe: Classifying Android Malware Based on Runtime Behavior, MoST 2016 (tool: DroidScribe)
 75 |   + LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications, arxiv 2017 (tool: LeakSemantic)
 76 |   + DroidForensics: Accurate Reconstruction of Android Attacks via Multi-layer Forensic Logging, AsiaCCS 2017 (tool: DroidForensics)
 77 |   + Exploring Syscall-Based Semantics Reconstruction of Android Applications, RAID 2019
 78 |   + DroidScraper: A Tool for Android In-Memory Object Recovery and Reconstruction, RAID 2019 (tool: DroidScraper)
 79 |   + Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems, USENIX Security 2019 (tool: Charm)
 80 | 
 81 | + Machine Learning
 82 | 
 83 |   + Crowdroid: Behavior-based Malware Detection System for Android, SPSM 2011
 84 |   + "Andromaly": a Behavioral Malware Detection Framework for Android Devices, Journal of Intelligent Information Systems 2012
 85 |   + A Machine Learning Approach to Android Malware Detection, EISIC 2012
 86 |   + DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android, Security and Privacy in Communication Networks, 2013
 87 |   + MAST: Triage for Market-scale Mobile Malware Analysis, 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2013
 88 |   + Machine Learning for Android Malware Detection Using Permission and API Calls, ICTAI 2013
 89 |   + Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis, CCS 2013
 90 |   + Structural Detection of Android Malware Using Embedded Call Graphs, AISec 2013 (tool: Adagio)
 91 |   + Rapid Permissions-Based Detection and Analysis of Mobile Malware Using Random Decision Forests, MILCOM 2013
 92 |   + DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications, ESORICS 2014
 93 |   + Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs, CCS 2014
 94 |   + Drebin: Effective and Explainable Detection of Android Malware in Your Pocket, NDSS 2014
 95 |   + AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Contexts, ICSE 2014
 96 |   + RiskMon: Continuous and Automated Risk Assessment of Mobile Applications, CODASPY 2014 (tool: RiskMon)
 97 |   + Machine Learning-Based Malware Detection for Android Applications: History Matters! Technical Report, 2014
 98 |   + Linear SVM-Based Android Malware Detection, Frontier and Innovation in Future Computing and Communications 2014
 99 |   + Mining Apps for Abnormal Usage of Sensitive Data, ICSE 2015
100 |   + Obfuscation-Resilient, Efficient, and Accurate Detection and Family Identification of Android Malware, Technical Report, 2015 (tool: RevealDroid)
101 |   + Heldroid: Fast and Efficient Linguistic-Based Ransomware Detection, UIC Master Disseration, 2015 (tool: Heldroid)
102 |   + StormDroid: A Streaminglized Machine Learning-based System for Detecting Android Malware, AsiaCCS 2016
103 |   + DroidScribe: Classifying Android Malware Based on Runtime Behavior, MoST 2016 (tool: DroidScribe)
104 |   + LUNA: Quantifying and Leveraging Uncertainy in Android Malware Analysis through Bayesian Machine Learning, Euro S&P 2017 (tool: LUNA)
105 |   + Dark Hazard: Learning-based, Large-Scale Discovery of Hidden Sensitive Operations in Android Apps, NDSS 2017
106 |   + LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications, arxiv 2017 (tool: LeakSemantic
107 |   + HinDroid: An Intelligent Android Malware Detection System Based on Structured Heterogeneous Information Network, KDD 2017 (tool: HinDroid)
108 |   + Detection of Repackaged Android Malware with Code-Heterogeneity Features, TDSC 2017 (tool: DR-Droid)
109 |   + SecureDroid: Enhancing Security of Machine Learning-based Detection against Adversarial Android Malware Attacks, ACSAC 2017 (SecureDroid)
110 |   + TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time, USENIX Security 2019 (tool: TESSERACT)
111 |   + SEdroid: A Robust Android Malware Detector using Selective Ensemble Learning, CCS 2019 (not quite sure) (tool: SEdroid)
112 |   + DroidEvolver: Self-Evolving Android Malware Detection System, Euro S&P 2019
113 |   + Neurlux: Dynamic Malware Analysis Without Feature Engineering, ACSAC 2019 (tool: Neurlux)
114 |   + A Multi-modal Neural Embeddings Approach for Detecting Mobile Counterfeit Apps, WWW 2019
115 |   
116 | + Fingerprint & matching
117 | 
118 |   + Get Off of My Market: Detecting Malcious Apps in Official and ALternative Android Markets, NDSS 2012 (tool: DroidRanger)
119 |   + DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware, TRUSTCOM 2013
120 |   + AppInk: Watermarking Android Apps for Repacking Deterrence, AsiaCCS 2013
121 | 
122 | + Formal Method & Symoblic Execution
123 | 
124 |   + New Privacy Issues in Mobile Telephony: Fix and Verification, CCS 2012
125 |   + Contextual Policy Enforcement in Android Applications with Permission Event Graphs, NDSS 2012
126 |   + Efficient Runtime Monitoring with Metric Temporal Logic: A Case Study in the Android Operating System, FM 2013
127 |   + Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation, SPSM 2013 (tool: Anadroid)
128 |   + AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection, CCS 2013
129 |   + Checking Interation-Based Declassification Policies for Android Using Symbolic Execution, ESORICS 2015 (tool: ClickRelease)
130 |   + HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving, Euro S&P 2016
131 |   + Practical, Formal Synthesis and Autonomic Enforcement of Security Policies for Android, DSN 2016
132 |   + Towards Model Checking Android Applications, TSE 2017 (tool: DroidPF)
133 | 
134 | + Realtime Monitoring
135 | 
136 |   + On Lightweight Mobile Phone Application Certification, CCS 2009 (tool: Kirin)
137 |   + "Andromaly": a Behavioral Malware Detection Framework for Android Devices, Journal of Intelligent Information Systems 2012
138 |   + Efficient Runtime Monitoring with Metric Temporal Logic: A Case Study in the Android Operating System, FM 2013
139 |   + AppsPlayground: Automatic Security Analysis of Smartphone Applications, CODASPY 2013 (tool: AppsPlayground)
140 |   + ARTist: The Android Runtime Instrumentation and Security Toolkit, Euro S&P 2017 (tool: ARTist)
141 | 
142 | + Testing
143 |   + A GUI Crawling-based technique for Android Mobile Application Testing, ICSTW 2011
144 |   + Experiences of System-Level Model-based GUI Testing of an Android Application, ICST 2011
145 |   + Using GUI Ripping for Automated Testing of Android Applications, ASE 2012 (tool: AndroidRipper)
146 |   + Testing Android Apps Through Symbolic Execution, ACM SIGSOFT Software Engineering Notes 2012
147 |   + Automated Concolic Testing of Smartphone Apps, FSE 2012
148 |   + Systematic Testing for Resource Leaks in Android Applications, ISSRE 2013
149 |   + Automated Testing with Targeted Event Sequence Generation, ISSTA 2013 (tool: Collider)
150 |   + Dynodroid: An Input Generation System for Android Apps, ESEC/FSE 2013 (tool: Dynodroid)
151 |   + Automated Test Input Generation for Android: Are We There Yet? ASE 2015
152 |   + Systematic Execution of Android Test Suites in Adverse Conditions, ISSTA 2015
153 |   + Reducing Combinatorics in GUI Testing of Android Applications, ICSE 2016 (tool: TrimDroid)
154 |   + Sapienz: Multi-objective Automated Testing for Android Applications, ISSTA 2016 (tool: Sapienz)
155 |   + Energy-Aware Test-Suite Minimization for Android Apps, ISSTA 2016
156 |   + Lifecycle and Event-based Testing for Android Applications, Ph.D Dissertation (author: GRAZIUSSI, SIMONE)
157 |   + Automatic Input Generation for Mobile Testing, ICSE 2017
158 |   + Guided, Stochastic Model-Based GUI Testing of Android Apps, FSE 2017 (tool: Stoat)
159 |   + µDroid: An Energy-Aware Mutation Testing Framework for Android, FSE 2017 (tool: µDroid)
160 |   + PATDroid: Permission-Aware GUI Testing of Android, FSE 2017 (tool: PATDroid)
161 |   + Enabling Mutation Testing for Android Apps, FSE 2017 (tool: MDroid+)
162 |   + Continuous, Evolutionary and Large-Scale: A New Perspective for Automated Mobile App Testing, ICSME 2017
163 |   + Systematically Testing Background Services of Mobile Apps, ASE 2017 (tool: Snowdrop)
164 |   + Crowd Intelligence Enhances Automated Mobile Testing, ASE 2017 (tool: Polariz)
165 |   + EHBDroid: Beyond GUI Testing for Android Applications, ASE 2017 (tool: EHBDroid)
166 |   + Sketch-guided GUI test generation for mobile applications, ASE 2017 
167 |   + SimplyDroid: efficient event sequence simplification for Android application, ASE 2017 (tool: DimplyDroid)
168 |   + Automated cross-platform inconsistency detection for mobile apps, ASE 2017 (tool: DiffDroid)
169 |   + DetReduce: Minimizing Android GUI Test Suites for Regression Testing, ICSE 2018
170 |   + Efficiently Manifesting Asynchronous Programming Errors in Android Apps, ASE 2018 (tool: APEChecker)
171 |   + An Empirical Study of Android Test Generation Tools in Industrial Cases, ASE 2018
172 |   + Practical GUI testing of Android applications via model abstraction and refinement, ICSE 2019
173 |   + Mimic: UI Compatibility Testing System for Android Apps, ICSE 2019 (tool: Mimic)
174 |   + DaPanda: Detecting Aggressive Push Notification in Android Apps, ASE 2019 (tool: DaPanda)
175 |   +	Goal-Driven Exploration for Android Applications, ASE 2019 (tool: GoalExplorer)
176 |   +	Test Transfer Across Mobile Apps Through Semantic Mapping, ASE 2019 (tool: CraftDroid)
177 |   +	Seven Reasons Why: An In-Depth Study of the Limitations of Random Test Input Generation for Android, ASE 2020
178 |   +	Test Automation in Open-Source Android Apps: A Large-Scale Empirical Study, ASE 2020
179 | 
180 | 
181 | ## Native Code Analysis
182 |  + Finding Bugs in Java Native Interface Programs, ISSTA 2008
183 |  + Robusta: Taming the Native Beast of the JVM, CCS 2010
184 |  + Native Code Execution Control for Attack Mitigation on Android, SPSM 2013 
185 |  + NativeGuard: Protecting Android Applicaions from Third-Party Native Libraries, WiSec 2014
186 |  + Towards Bridging the Gap Between Dalvik Bytecode and Native Code During Static Analysis of Android Applications, IWCMC 2015
187 |  + Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy, NDSS 2016
188 |  + DroidNative: Semantic-Based Detection of Android, arXiv 2016 (tool: DroidNative)
189 | 
190 | ## Clone Analysis
191 | + Juxtapp: A Scalable System for Detecting Code Resuse Among Android Applications, DIMVA 2012
192 | + Attack of the Clones: Detecting Cloned Applications on Android Markets, ESORICS 2012
193 | + Detecting Repackaged Smartphone Applications in Third-party Android Marketplaces, 2nd ACM Conference on Data and Application Security and Privacy, 2012 (tool: DroidMOSS)
194 | + Plagiarizing Smartphone Applications: Attack Strategies and Defense Techniques, ESSoS 2012
195 | + Fast, Scalable Detection of "Piggybacked" Mobile Applications, 3rd ACM Conference on Data and Application Security and Privacy, 2013
196 | + Achieving Accuracy and Scalability Simultaneously in Detecting Application Clones on Android Markets, ICSE 2014
197 | + ViewDoird: Towards Obfuscation-Resilient Mobile Application Repackaging Detection, WiSec 2014
198 | + WuKong: A Scalable and Accurate Two-Phase Approach to Android App Clone Detection, ISSTA 2015
199 | + CodeMatch: Obfuscation Won’t Conceal Your Repackaged App, FSE 2017 (tool: CodeMatch)
200 | + Detecting Plagiarized Mobile Apps using API Birthmarks, ASE 2017 
201 | 
202 | ## Network Traffic Analysis
203 | + NetworkProfiler: Towards Automatic Fingerprinting of Android Apps, INFOCOM 2013
204 | + AndroGenerator: An Automated and Configurable Android App Network Traffic Generation System, Security and Communication Networks 2015 (tool: AndroGenerator)
205 | + I Know What You Did on Your Smartphone: Inferring App Usage Over Encrypted Data Traffic, CNS 2015
206 | + Analysis of Location Data Leakage in the Internet Traffic of Android-based Mobile Devices, RAID 2019
207 | 
208 | ## Ads & Libraries Analysis
209 | + Unsafe Exposure Analysis of Mobile In-App Advertisements, WISEC 2012 (tool: AdRisk)
210 | + AdSplit: Separating Smartphone Advertising from Applications, USENIX Security 2012 (tool: AdSplit)
211 | + AdDroid: Privilege Separation for Applications and Advertisers in Android, AsiaCCS 2012 (tool: AdDroid)
212 | + DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps, NSDI 2014 (tool: DECAF)
213 | + An Investigation into the Use of Common Libraries in Android Apps, arXir 2015
214 | + An Empirical Study of Mobile Ad Targeting, arXir 2015
215 | + MAdScope: Characterizing Mobile In-App Targeted Ads, MobiSys 2015 (tool: MAdScope)
216 | + Are these Ads Safe: Detecting Hidden Attacks through the Mobile App-Web Interfaces, NDSS 2016
217 | + The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads, NDSS 2016
218 | + Free for All! Assessing User Data Exposure to Advertising Libraries on Android, NDSS 2016 (tool: Pluto)
219 | + Following Devil’s Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS, S&P 2016 (tool: PhaLib)
220 | + Reliable Third-Party Library Detection in Android and its Security Applications, CCS 2016
221 | + LibD: Scalable and Precise Third-party Library Detection in Android Markets, ICSE 2017 (tool: LibD)
222 | + Revisiting Mobile Advertising Threats with MAdLife, WWW 2019 (tool: MAdLife)
223 | + Automated Third-party Library Detection for Android Applications: Are We There Yet? ASE 2020 (tool: LibPecker)
224 | 
225 | ## Inter-Component Communication Analysis
226 | + Analyzing Inter-Application Communication in Android, MobiSys 2011 (tool: ComDroid)
227 | + Effective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis, USENIX Security 2013
228 | + An Empirical Study of the Robustness of Intercomponent Commmunication in Android, DSN 2012
229 | + Scippa: System-Centric IPC Provenance on Android, ACSAC 2014 (tool: Scippa)
230 | + Combining Static Analysis with Probabilistic Models to Enable Market-Scale Android Inter-component Analysis, POPL 2016 (tool: PRIMO [http://siis.cse.psu.edu/primo/])
231 | + DroidDisintegrator: Intra-Application Information Flow Control in Android Apps, AsiaCCS 2016
232 | + Checking Intent-based Communication in Android with Intent Space Analysis, AsiaCCS 2016
233 | 
234 | ## Android OS Enhancement
235 | + Enhancing Security of Linux-based Android Devices, 15th international linux system technology conference, 2008
236 | + Semantically Rich Application-CEntric Security in Android, ACSAC 2009 (tool: Saint)
237 | + Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints, AsiaCCS 2011 (tool: Apex)
238 | + YAASE: Yet Another Android Security Extension, IEEE International Conference on Privacy, Security, Risk and Trust, and IEEE International Conference on Social Computing 2011
239 | + MockDroid: Trading Privacy for Application Functionality on Smartphones, HotMobile 2011 (tool: MockDroid)
240 | + "These Aren't the Droids You're Looking For" Retrofitting Android to Protect Data from Imperious Applications, CCS 2011 (tool: AppFence)
241 | + Aurasium: Practical Policy Enforcement for Android Applications, USENIX Security 2012
242 | + RetroSkeleton: Retrofitting Android Apps, MobiSys 2013 (tool: RetroSkeleton)
243 | + Flexible and Fine-grained Mandatory Access Control on Android for Devices Security and Privacy Policies, USENIX Security 2013 (tool: FlaskDroid)
244 | + Security Enhanced (SE) Android: Bringing Flexible MAC to Android, NDSS 2013
245 | + Android Security Framework: Extensible Multi-Layered Access Control on Android, ACSAC 2014 (framework: ASF)
246 | + ASM: A Programmable Interface for Extending Android Security, USENIX Security, 2014
247 | + A Bayesian Approach to Privacy Enforcement in Smartphones, USENIX Security 2014 (tool: BayesDroid)
248 | + Surveying the Development of Biometric User Authentication on Mobile Phones, IEEE Communications Surveys & Tutorials, 2015
249 | + DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices, NDSS 2015
250 | + Boxify: Full-fledged App Sandboxing for Stock Android, USENIX Security 2015
251 | + EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning, USENIX 2015
252 | + FLEXDROID: Enforcing In-App Privilege Separation in Android, NDSS 2016
253 | + Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices, ICSE 2016 (prototype: PatchMan, ControlMan and TaintMan)
254 | + Automated Partitioning of Android Applications for Trusted Execution Environments, ICSE 2016
255 | + FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization, AsiaCCS 2016
256 | + WindowGuard: Systematic Protection of GUI Security in Android, NDSS 2017 (tool: WindowGuard)
257 | + Adaptive Android Kernel Live Patching, USENIX Security 2017
258 | + SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android, AsiaCCS 2017
259 | + InstaGuard: Instantly Deployable Hot-patches for Vulnerable System Programs on Android, NDSS 2018 (tool: InstaGuard)
260 | + A Temporal Permission Analysis and Enforcement Framework for Android, ICSE 2018
261 | + DroidCap: OS Support for Capability-based Permissions in Android, NDSS 2019 (tool: DroidCap)
262 | + Automatic Generation of Non-intrusive Updates for Third-Party Libraries in Android Applications, RAID 2019
263 | 
264 | ## Android Permission System
265 | + A Formal Model to Analyze the Permission Authorization and Enforcement in the Android Framework, IEEE International Conference on Social Computing/IEEE International Conferene on Privacy, Security, Risk and Turst 2010
266 | + Permission Re-Delegation: Attacks and Defenses, USENIX Security 2011
267 | + Curbing Android Permission Creep, W2SP 2011
268 | + Android Permissions Demystified, CCS 2011
269 | + Is this App Safe? A Large Scale Study on Application Permissions and Risk Signals, WWW 2012
270 | + Android Security Permissions - Can we trust them? S&P 2012
271 | + PScout: Analyzing the Android Permission Specification, CCS 2012
272 | + Permission based Android security: Issues and Countermeasures, Computers&Security 2014
273 | + Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection, TIFS 2014
274 | + Android Permission Remystified: A Field Study on Contextual Integrity, USENIX Security 2015
275 | + Detection of Design Flaws in the Android Permission Protocol through Bounded Verification, FM 2015
276 | + revDroid: Code Analysis of the Side Effects after Dynamic Permission Revocation of Android Apps, AsiaCCS 2016
277 | + Small Changes, Big Changes: An Updated View on the Android Permission System, RAID 2016
278 | + A Formal Approach for Detection of Security Flaws in the Android Permission System, Journal on Formal Aspects of Computing 2016
279 | + Resolving the Predicament of Android Custom Permissions, NDSS 2018
280 | + A Temporal Permission Analysis and Enforcement Framework for Android, ICSE 2018
281 | + Precise Android API Protection Mapping Derivation and Reasoning, CCS 2018 (tool: Arcade)
282 | + DroidCap: OS Support for Capability-based Permissions in Android, NDSS 2019 (tool: DroidCap)
283 | 
284 | ## Anti-Malware Tool Auditing
285 | + DroidChameleon: Evaluating Android Anti-malware Against Transformation Attacks, AsiaCCS 2013
286 | + ADAM: An Automatic and Extensible Platform to Stree Test Android Anti-virus Systems, DIMVA 2013
287 | + Enter Sandbox: Android Sandbox Comparison, IEEE Mobile Security Technologies (MoST) 2014
288 | + Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks, IEEE TIFS 2014
289 | + Towards Discovering and Understanding Unexpected Hazards in Tailoring Antivirus Software for Android, AsiaCCS 2015
290 | + Uncovering the Dilemmas on Antivirus Software Design in Modern Mobile Platforms, ICST 2015
291 | + How Current Android Malware Seeks to Evade Automated Code Analysis, Information Security Theory and Practice, 2016
292 | + Mystique: Evolving Android Malware for Auditing Anti-Malware Tools, AsiaCCS 2016 (tool: Mystique)
293 | + Auditing Anti-Malware Tools by Evolving Android Malware and Dynamic Loading Technique, TIFS 2017 (tool: Mystique-S)
294 | + A Large-Scale Empirical Study on the Effects of Code Obfuscations on Android Apps and Anti-Malware Products, ICSE 2018
295 | 
296 | ## Characterization and Evolution
297 | + Understanding Android Security, S&P 2009
298 | + Language-Based Security on Android, PLAS 2009
299 | + A Study of Android Application Security, USENIX Security 2011
300 | + All Your Droid Are Belong To Us: A Survey of Current Android Attacks, USENIX WOOT 2011
301 | + ProfileDroid: Multi-layer Profiling of Android Applications, MobiCom 2012
302 | + Dissecting Android Malware: Characterization and Evoluation, S&P 2012
303 | + An Empirical Study of API Stability and Adoption in the Android Ecosystem, ICSM 2013
304 | + The Impact of Vendor Customizations on Android Security, CCS 2013
305 | + An Empirical Study of Cryptographic Misuse in Android Applications, CCS 2013
306 | + AndroSAT: Security Analysis Tool for Android Application, 8th International Conference on Emerging Security Information, System and Technologies, 2014
307 | + A Taxonomy of Privilege Escalation Attacks in Android Applications, International Journal of Security and Networks 2014
308 | + A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks, NDSS 2014
309 | + Andrubis -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors, BADGERS 2014 (tool: Andrubis)
310 | + DroidRay: A Security Evaluation System for Customized Android Firmwares, AsiaCCS 2014 (tool: DroidRay)
311 | + Securing Android: A Survey, Taxonomy, and Challenges, CSUR 2015
312 | + Collaborative Security: A Survey and Taxonomy, CSUR 2015
313 | + Android Malware Static Analysis Techniques, CISR 2015
314 | + PRADA: Prioritizing Android Devices for Apps by Mining Large-Scale Usage Data, ICSE 2016 (It finds the prioritized devices for apps)
315 | + SoK: Lessons Learned From Android Security Research For Appified Software Platforms, IEEE S&P 2016 (framework: SoK)
316 | + A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android Software, TSE 2016
317 | + FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature, CCS 2016 (tool: FeatureSmith)
318 | + *droid: Assessment and Evaluation of Android Application Analysis Tools, CSUR 2016 (tool: *droid)
319 | + Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques, CSUR 2016
320 | + The Evolution of Android Malware and Android Analysis Techniques, CSUR 2017
321 | + Analysis of SEAndroid Policies: Combining MAC and DAC in Android, ACSAC 2017
322 | + Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting, TIFS 2017
323 | + To Update or Not to Update: Insights From a Two-Year Study of Android App Evolution, AsiaCCS 2017
324 | + Measuring the Insecurity of Mobile Deep Links of Android, USENIX Security 2017
325 | + Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole-System Emulation, NDSS 2018
326 | + Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps, NDSS 2018
327 | + Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem, NDSS 2018
328 | + Resolving the Predicament of Android Custom Permissions, NDSS 2018
329 | + The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators, IEEE S&P 2018
330 | + EnMobile: Entity-based Characterization and Analysis of Mobile Malware, ICSE 2018
331 | + Large-Scale Analysis of Framework-Specific Exceptions in Android Apps, ICSE 2018
332 | + Self-Hiding Behavior in Android Apps: Detection and Characterization, ICSE 2018
333 | + A Large Scale Investigation of Obfuscation Use in Google Play, arXiv 2018
334 | + ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands Within the Android Ecosystem, USENIX Security 2019
335 | + Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones, ACSAC 2019
336 | + Understanding the Evolution of Mobile App Ecosystems: A Longitudinal Measurement Study of Google Play, WWW 2019
337 | + Characterizing Android App Signing Issues, ASE 2019
338 | + OAuthLint: An Empirical Study on OAuth Bugs in Android Applications, ASE 2019 (tool: OAuthLint)
339 | + Demystifying Diehard Android Apps, ASE 2020
340 | 
341 | ## Automatic Malware Generation
342 | + Automatic Generation of Mobile Malware Using Genetic Programming, Applications of Evolutionary Computation, 2015
343 | + Mystique: Evolving Android Malware for Auditing Anti-Malware Tools, AsiaCCS 2016 (tool: Mystique)
344 | + Auditing Anti-Malware Tools by Evolving Android Malware and Dynamic Loading Technique, TIFS 2017 (tool: Mystique-S)
345 | + Automatic Generation of Inter-Component Communication Exploits for Android Applications, FSE 2017 (tool: LetterBomb)
346 | + DroidPill: Pwn Your Daily-Use Apps, AsiaCCS 2017 (tool: DroidPill)
347 | 
348 | ## New vulnerabilities & Attacks
349 | + Fuzzing the Phone in Your Phone, Black Hat USA 2009
350 | + Privilege Escalation Attacks on Android, Information Security 2010
351 | + Application Collusion Attack on the Permission-based Security Model and its Implications for Modern Smartphone Systems, REPORT 2011
352 | + A Stealthy and Context-Aware Sound Trojan for Smartphones, NDSS 2011
353 | + New Privacy Issues in Mobile Telephony: Fix and Verification, CCS 2012
354 | + Why Eve and Mallory love Android: An analysis of Android SSL (in) security, CCS 2012
355 | + UI Redressing Attacks on Android Devices, US BlackHat 2012 (vul: tapjacking)
356 | + Upgrading Your Android, Elevating My Malware: Priviledge Escalation Through Mobile OS Updating, S&P 2014
357 | + The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations, S&P 2014
358 | + From Zygote to Morula: Fortifying Weakened ASLR on Android, S&P 2014
359 | + Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks, USENIX Security 2014
360 | + Gyrophone: Recognizing Speech From Gyroscope Signals, USENIX Security 2014
361 | + Mayhem in the Push Clouds: Understanding and Mitigating Security Hazards in Mobile Push-Messaging Services, CCS 2014
362 | + Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications, NDSS 2014
363 | + Divide-and-Conquer: Why Android Malware cannot be Stopped, ARES 2014 (tool:Sand-Finger)
364 | + Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware, EuroSec 2014
365 | + Evading Android Runtime Analysis via Sandbox Detection, AsiaCCS 2014
366 | + Supor: Precise and Scalable Sensitive User Input Detection for Android Apps, USENIX 2014 (tool: Supor)
367 | + AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications, NDSS 2014 (tool: AppSealer)
368 | + Screenmilker: How to milk your android screen for secrets, NDSS 2014 (tool: ScreenMilker)
369 | + You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps, USENIX Security 2015
370 | + COVERT: Compositional Analysis of Android Inter-App Permission Leakage, TSE 2015
371 | + Grab'n Run: Practical and Safe Dynamic Code Loading in Android, Ph.D Disertation 2015
372 | + From System Services Freezing to System Server Shutdown in Android: All You Need is a Loop in an App, CCS 2015 (tool: ASV-Hunter, vul:Android Stroke Vulnerabilies)
373 | + Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References, CCS 2015 (tool: Harehunter, vul: hanging attribute references)
374 | + Android Root and its Providers: A Double-Edged Sword, CCS 2015
375 | + Leave Me Alone: App-Level Protection Against Runtime Information Gathering on Android, IEEE S&P 2015 (tool: App Guardian)
376 | + An Investigation of the Android/BadAccents Malware which Exploits a new Android Tapjacking Attack, TechReport (TUD-CS-2015-0065), 2015
377 | + Life after App Unistallation: Are the Data Still Alive? Data Residue Attacks on Android, NDSS 2016
378 | + Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework, NDSS 2016 (tool: Kratos)
379 | + MobiPlay: A Remote Execution Based Record-and-Replay Tool for Mobile Applications, ICSE 2016
380 | + CDRep: Automatic Repair of Cryptographic-Misuses in Android Applications, AsiaCCS 2016
381 | + Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback, CCS 2016
382 | + Android ION Hazard: the Curse of Customizable Memory Management System, CCS 2016
383 | + The Misuse of Android Unix Domain Sockets and Security Implications, CCS 2016
384 | + Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis, USENIX Security 2016
385 | + Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps, NDSS 2017
386 | + Semi-Automated Discovery of Server-Based Information Oversharing Vulnerabilities in Android Applications, ISSTA 2017
387 | + BootStomp: On the Security of Bootloaders in Mobile Devices, USENIX Security 2017 (tool: BootStomp)
388 | + Detecting Android Root Exploits by Learning from Root Providers, USENIX Security 2017
389 | + An Autonomic and Permissionless Android Covert Channel, WiSec 2017
390 | + DroidPill: Pwn Your Daily-Use Apps, AsiaCCS 2017 (tool: DroidPill)
391 | + Secure Integration of Web Content and Applications on Commodity Mobile Operating Systems, AsiaCCS 2017 (tool: WIREFrame/WIRE)
392 | + JGRE: An Analysis of JNI Global Reference Exhaustion Vulnerabilities in Android, DSN 2017 (tool: JGRE)
393 | + System Service Call-oriented Symbolic Execution of Android Framework with Applications to Vulnerability Discovery and Exploit Generation, MobySys 2017 (tool: Centaur)
394 | + Ghera: A Repository of Android App Vulnerability Benchmarks, PROMISE 2017 (tool: Ghera)
395 | + Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews, CCS 2017
396 | + Removing Secrets from Android’s TLS, NDSS 2018
397 | + Broken Fingers: On the Usage of the Fingerprint API in Android, NDSS 2018
398 | + ABC: Enabling Smartphone Authentication with Built-in Camera, NDSS 2018
399 | + “Tipped Off by Your Memory Allocator”: Device-Wide User Activity Sequencing from Android Memory Images, NDSS 2018
400 | + Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps, NDSS 2018
401 | + AceDroid: Normalizing Diverse Android Access Control Checks for Inconsistency Detection, NDSS 2018 (tool: AceDroid)
402 | + Characterizing and Identifying Misexposed Activities in Android Applications, ASE 2018
403 | + A Tale of Two Cities: How WebView Induces Bugs to Android Applications, ASE 2018
404 | + Dual-Force: Understanding WebView Malware via Cross-language Forced Execution, ASE 2018
405 | + Self-Protection of Android Systems from Inter-Component Communication Attacks, ASE 2018
406 | + PatternListener: Cracking Android Pattern Lock Using Acoustic Signals, CCS 2018 (tool: PatternListener)
407 | + Phishing Attacks on Modern Android, CCS 2018
408 | + ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android, CCS 2018 (tool: ClickShield)
409 | + EviHunter: Identifying Digital Evidence in the Permanent Storage of Android Devices via Static Analysis, CCS 2018 (tool: EviHunter)
410 | + Invetter: Locating Insecure Input Validations in Android Services, CCS 2018 (tool: Invetter)
411 | + Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers, NDSS 2019
412 | + Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment, NDSS 2019
413 | + Total Recall: Persistence of Password in Android, NDSS 2019
414 | + Nearby Threats: Reversing, Analyzing, and Attacking Google’s “Nearby Connections” on Android, NDSS 2019
415 | + BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals, NDSS 2019 (tool: BadBluetooth)
416 | + Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens, IEEE S&P 2019
417 | + Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps, IEEE S&P 2019
418 | + Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android, RAID 2019
419 | + HideMyApp: Hiding the Presence of Sensitive Apps on Android, USENIX Security 2019 (tool: HideMyApp)
420 | + PatternListener: Cracking Android Pattern Lock Using Acoustic Signals, CCS 2019 (tool: PatternListener)
421 | + An Empirical Study of the SMS One-Time Password Authentication in Android Apps, ACSAC 2019
422 | 
423 | ## Performance Analysis
424 | + Responsiveness Analysis Tool for Android Applications, DeMobile 2014
425 | + SunCat: Helping Developers Understand and Predict Performance Problems in Smartphone Applications, ISSTA 2014 (tool: SunCat)
426 | + Characterizing and Detecting Performance Bugs for Smartphone Applications, ICSE 2014 (tool: PerfChecker)
427 | + How Developers Detect and Fix Performance Bottlenecks in Android Apps, ICSME 2015
428 | + PersisDroid: Android Performance Diagnosis via Anatomizing Asynchronous Executions, arXiv 2015
429 | + CLAPP: Characterizing Loops in Android Applications, FSE 2015 (tool: CLAPP)
430 | + DiagDroid: Android Performance Diagnosis via Anatomizing Asynchronous Executions, FSE 2016 (tool: DiagDroid)
431 | + Mining Test Repositories for Automatic Detection of UI Performance Regressions in Android Apps (tool: DUNE)
432 | + Hit by the Bus: QoS Degradation Attack on Android, AsiaCCS 2017 
433 | + Leveraging Program Analysis to Reduce User-Perceived Latency in Mobile Applications, ICSE 2018
434 | + Remove RATs from your code: automated optimization of resource inefficient database writes for mobile applications, ISSTA 2018
435 | + Empirically Assessing Opportunities for Prefetching and Caching in Mobile Apps, ASE 2018
436 | + Demystifying Application Performance Management Libraries for Android, ASE 2019
437 | 
438 | 
439 | ## Energy Analysis
440 | + Accurate Online Power Estimation and Automatic Battery Behavior Based Power Model Generation for Smartphones, CODES+ISSS 2010(tool: PowerTutor)
441 | + Monitoring Energy Consumption of Smartphones, iThings/CPSCom 2011(tool: SEMO)
442 | + Bootstrapping Energy Debugging on Smartphones: A First Look at Energy Bugs in Mobile Devices, HotNets-X 2011
443 | + Fine-Grained Power Modeling for Smartphones Using System Call Tracing, EuroSys 2011
444 | + Where is the energy spent inside my app? Fine Grained Energy Accounting on Smartphones with Eprof, EuroSys 2012
445 | + eDoctor: Automatically Diagnosing Abnormal Battery Drain Issues on Smartphones, USENIX 2013(tool: eDoctor)
446 | + Calculating Source Line Level Energy Information for Android Applications, ISSTA 2013 (tool: vLens)
447 | + GreenDroid: Automated Diagnosis of Energy Inefficiency for Smartphone Applications, TSE 2014
448 | + Detecting Energy Bugs and Hotspots in Mobile Apps, FSE 2014
449 | + Retrofitting Concurrency for Android Applications Through Refactoring, FSE 2014 (tool: Asynchronizer)
450 | + Making Web Applications More Energy Efficient for OLED Smartphones, ICSE 2014 (tool: Nyx)
451 | + Comparing Energy Profilers for Android, 21st Twente Student Conference on IT 2014
452 | + Mining Energy-Greedy API Usage Patterns in Android Apps: An Empirical Study, MSR 2014
453 | + An Empirical Study of the Energy Consumption of Android Applications, ICSME 2014
454 | + Optimizing Energy of HTTP Requests in Android Applications, DeMobile 2015
455 | + EnTrack: A System Facility for Analyzing Energy Consumption of Android System Services, UbiComp 2015
456 | + Runtime Verification of Expected Energy Consumption in Smartphones, Model Checking Software 2015
457 | + Energy-Aware Test-Suite Minimization for Android Apps, ISSTA 2016
458 | + Automatically Verifying and Reproducing Event-based Races in Android Apps, ISSTA 2016
459 | + Battery-Aware Mobile Data Service, TMC 2016 (tool: B-MODS)
460 | + Automated Energy Optimization of HTTP Requests for Mobile Applications, ICSE 2016 (tool: Bouquet)
461 | + DefDroid: Towards a More Defensive Mobile OS Against Disruptive App Behavior, MobySys 2016 (tool: DefDroid)
462 | + Battery State-of-Health Estimation for Mobile Devices, ICCPS 2017 (tool: V-BASH)
463 | + µDroid: An Energy-Aware Mutation Testing Framework for Android, FSE 2017 (tool: µDroid)
464 | + EARMO: An Energy-Aware Refactoring Approach for Mobile Apps, TSE 2018 (tool: EARMO)
465 | 
466 | ## Android GUI Analysis
467 | + Automating GUI Testing for Android Applications, AST 2011
468 | + SmartDroid: An Automatic System for Revealing UI-based Trigger Conditions in Android Applications, SPSM 2012
469 | + Finding Errors in Multi-threaded GUI Applications, ISSTA 2012
470 | + A Grey-Box Approach for Automated GUI-model Generation of Mobile Applications, FASE 2013  
471 | + Guided GUI Testing of Android Apps with Minimal Restart and Approximate learning, OOPSLA 2013 (tool: Swift-Hand)
472 | + Estimating Mobile Application Energy Consumption using Program Analysis, ICSE 2013 (tool: eLens)
473 | + Static Window Transition Graphs for Android, ASE 2015
474 | + What the App is That? Deception and Countermeasures in the Android User Interface, S&P 2015
475 | + GUITAR: Piecing Together \Android App GUIs from Memory Images, CCS 2015
476 | + Static Analysis of GUI Behavior in Android Applications, Ph.D Dissetation 2015
477 | + Detecting Display Energy Hotspots in Android Apps, ICST 2015 (tool: dLens)
478 | + Reducing Combinatorics in GUI Testing of Android Applications, ICSE 2016 (tool: TrimDroid)
479 | + Attacks and Defence on Android Free Floating Windows, AsiaCCS 2016
480 | + Automated Model-Based Android GUI Testing using Multi-level GUI Comparison Criteria, ASE 2016
481 | + PATDroid: Permission-Aware GUI Testing of Android, FSE 2017 (tool: PATDroid)
482 | + UI Driven Android Application Reduction, ASE 2017 (tool: TOFU)
483 | + Automated Reporting of GUI Design Violations for Mobile Apps, ICSE 2018
484 | + From UI Design Image to GUI Skeleton: A Neural Machine Translator to Bootstrap Mobile GUI Implementation, ICSE 2018
485 | + GUILeak: Tracing Privacy-Policy Claims on User Input Data for Android Applications, ICSE 2018 (tool: GUILeak)
486 | + Launch-Mode-Aware Context-Sensitive Activity Transition Analysis for Android Apps, ICSE 2018
487 | + Detecting and Summarizing GUI Changes in Evolving Mobile Apps, ASE 2018
488 | + IconIntent: Automatic Identification of Sensitive UI Widgets based on Icon Classification for Android Apps, ICSE 2019 (tool: IconIntent)
489 | + DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile Apps, CCS 2019 (tool: DeepIntent)
490 | + Owl Eyes: Spotting UI Display Issues via Visual Understanding, ASE 2020 (tool: Owl Eyes)
491 | 
492 | ## Forensic Analysis
493 | + WHYPER: Towards Automating Risk Assessment of Mobile Applications, USENIX Security 2013
494 | + Checking App Behavior Against App Descriptions, ICSE 2014 (tool: CHABADA)
495 | + A Forensic Analysis of Android Malware - How is Malware Written and How it Could be Detected? COMPSAC 2014
496 | + "What parts of your apps are loved by users?", ASE 2015 (tool: SURMiner)
497 | + Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers, CCS 2014
498 | + VCR: App-Agnostic Recovery of Photographic Evidence from Android Device Memory Images, CCS 2015
499 | + Towards Automatic Generation of Security-Centric Descriptions for Android Apps, CCS 2015 (tool: DESCRIBEME)
500 | + AUTOREB: Automatically Understanding the Review-to-Behavior Fidelity in Android Applications, CCS 2015 (tool: AUTOREB)
501 | + On the Lack of Consensus in Anti-Virus Decisions Metrics and Insights on Building Ground Truths of Android Malware with VirusTotal, DIMVA 2016 
502 | + AVclass: A Tool for Massive Malware Labeling, RAID 2016 (tool: AVClass)
503 | + Revisiting the Description-to-Behavior Fidelity in Android Applications, SANER 2016 (tool: TAPVerifier)
504 | + Can We Trust the Privacy Policies of Android Apps? DSN 2016 (tool: PPChecker)
505 | + Checking App User Interfaces against App Descriptions, WAMA 2016
506 | + Automated Analysis of Privacy Requirements for Mobile Apps, NDSS 2017
507 | + Recommending and Localizing Change Requests for Mobile Apps based on User Reviews, ICSE 2017
508 | + Toward Detecting Collusive Ranking Manipulation Attackers in Mobile App Markets, AsiaCCS 2017
509 | + Boosting the Guessing Attack Performance on Android Lock Patterns with Smudge Attacks, AsiaCCS 2017
510 | + Enhancing the Description-to-Behavior Fidelity in Android Apps with Privacy Policy, TSE 2017 (tool: TAPVerifier)
511 | + OASIS: Prioritizing Static Analysis Warnings for Android Apps Based on App User Reviews, FSE 2017 (tool: OASIS)
512 | + Online App Review Analysis for Identifying Emerging Issues, ICSE 2018
513 | + StoryDroid: Automated Generation of Storyboard for Android Apps, ICSE 2019 (tool: StoryDroid)
514 | + Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy, IEEE S&P 2019
515 | + The Art and Craft of Fraudulent App Promotion in Google Play, CCS 2019
516 | + Automating App Review Response Generation, ASE 2019 (tool: RRGen)
517 | 
518 | ## Obfuscation & Evasion Techniques
519 |  + Evading Android Runtime Analysis via Sandbox Detection, AsiaCCS 2014
520 |  + Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware, EuroSec 2014
521 |  + Stealth Attacks: An Extended Insight into the Obfuscation Effects on Android Malware, Computer & Science 2015
522 |  + Statistical Deobfuscation of Android Applications, CCS 2016
523 |  + Software Protection on the Go: A Large-Scale Empirical Study on Mobile App Obfuscation, ICSE 2018
524 |  + Tackling runtime-based obfuscation in Android with TIRO, USENIX Security 2019
525 |  + UI Obfuscation and Its Effects on Automated UI Analysis for Android Apps, ASE 2020
526 | 
527 | ## Fuzzing Test for Vulnerabilities
528 |  + Droidfuzzer: Fuzzing the Android Apps with Intent-filter Tag, MoMM 2013 (tool: Droidfuzzer)
529 |  + Intent Fuzzer: Crafting Intents of Death, WODA 2014
530 |  + Fuzzing Android System Services by Binder Call. (url: https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-BinderCall-To-Escalate-Privilege.pdf.)
531 |  + BinderCracker: Assessing the Robustness of Android System Services, arxiv 2016 (tool: BinderCracker)
532 |  + Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments, ICSE 2017 (tool: FuzzDroid)
533 |  + kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, USENIX Security 2017 (tool: kAFL)
534 |  + IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing, NDSS 2018 (tool: IoTFuzzer)
535 |  + What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices, NDSS 2018
536 |  + Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, NDSS 2018
537 | 
538 | ## Analysis of Hybrid Android App
539 |  + Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks, NDSS 2014 (tool: NOFRAK)
540 |  + Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation, CCS 2014
541 |  + Reducing Attack Surface on Cordova-based Hybrid Mobile Apps, MobileDeli 2014
542 |  + Attack and Countermeasures for Webview on Mobile System, Dissertations 2014
543 |  + On the Static Analysis of Hybrid Mobile Apps, A Report on the State of Apache Cordova Nation, ESSoS 2016
544 |  + Automatic Permission Inference for Hybrid Mobile Apps, Journal of High Speed Networks 2016
545 |  + HybriDroid: Static Analysis Framework for Android Hybrid Applications, ASE 2016
546 |  + Fine-Grained Access Control for HTML5-Based Mobile Applications in Android, CCS 2016
547 |  + Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android, CCS 2016 (tool: Draco)
548 |  + Automated Generation of Event-Oriented Exploits in Android Hybrid Apps, NDSS 2018
549 | 
550 | ## Android Compatibility Issues
551 |  + Understanding Android Fragmentation with Topic Analysis of Vendor-Specific Bugs, WCRE 2012
552 |  + Taming Android Fragmentation: Characterizing and Detecting Compatibility Issues for Android Apps, ASE 2016 (tool: FicFinder)
553 |  + Understanding and Detecting Callback Compatibility Issues for Android Applications, ASE 2018
554 |  
555 | ## Large-Scale Android Malware Analysis
556 |  + Dissecting Android Malware: Characterization and Evoluation, S&P 2012
557 |  + AndRadar: Fast Discovery of Android Applications in Alternative Markets, DIMVA 2014 (tool: AndRadar)
558 |  + ANDRUBIS - 1,000,000 Apps Later: A View on Current Android Malware Behaviors, BADGERS 2014 (tool: Andrubis)
559 |  + SherlockDroid: a Research Assistant to Spot Unknown Malware in Android Marketplaces, Journal of Computer Virology and Hacking Techniques 2015 (tool: SherlockDroid)
560 |  + DroidSearch: A Tool for Scaling Android App Triage to Real-world App Stores, SAI 2015 (tool: DroidSearch)
561 |  + Android Malware Development on Public Malware Scanning Platforms: A Large-scale Data-driven Study, IEEE BigData 2016 (tool: AMDHunter)
562 |  + 50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System, USENIX Security 2019
563 |  + A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape, USENIX Security 2019
564 |  + An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications, USENIX Security 2019
565 |  
566 | ## Sandbox Evasion
567 |  + Common Weakness of Android Malware Analysis Frameworks, NULL
568 |  + BareDroid: Large-Scale Analysis of Android Apps on Real Devices, ACSAC 2015 (tool: BareDroid)
569 |  
570 |  
571 | ## Android Ransomware
572 |   + Heldroid: Fast and Efficient Linguistic-Based Ransomware Detection, UIC Master Disseration, 2015 (tool: Heldroid)
573 |   
574 | ## Financial App Analysis
575 |  + DroydSeuss: A Mobile Banking Trojan Tracker, TechReport? 2014 (tool: DroydSeuss)
576 |  + Mo (bile) money, mo (bile) problems: Analysis of branchless banking applications in the developing world. USENIX Security 2015
577 |  + Security Report of Top 100 Mobile Banking Apps in APAC, AppKnox TechReport 2015
578 |  + An Experimental Evaluation of Vulnerability of Branchless Banking Application in Android Environment, International Journal of Emerging Research in Management & Technology, 2016
579 |  +  Mobile money in the australasian region-a technical security perspective, International Conference on Applications and Techniques in Information Security 2016
580 |  + Security Analysis of The Top 500 Global Ecommerce Mobile Apps in USA, AppKnox TechReport 2016
581 |  + Let’stalkmoney: Evaluating the security challenges of mobile money in the developing world, Annual Symposium on Computing for Development 2016.
582 |  + Repackaging Attack on Android Banking Applications and Its Countermeasures, Wireless Personal Communications 2016
583 |  + Breaking Ad-hoc Runtime Integrity Protection Mechanisms in Android Financial Apps, AsiaCCS 2017 (tool: MERCIDroid)
584 |  + Mo (bile) money, mo (bile) problems: analysis of branchless banking applications. ACM Transactions on Privacy and Security (TOPS) 2017
585 |  + Show Me the Money! Finding Flawed Implementations of Third-party In-app Payment in Android Apps, NDSS 2017
586 |  + Forensic analysis and security assessment of Android m-banking apps, Australian Journal of Forensic Sciences 2018
587 |  + DBank: Predictive Behavioral Analysis of Recent Android Banking Trojans, TDSC 2019 (tool: DBank)
588 |  
589 | ## Race Condition Analysis
590 |  + Effective Race Detection for Event-Driven Programs, OOPSLA 2013 (tool: EventRacer)
591 |  + Race Detection for Event-Driven Mobile Application, PLDI 2014 (tool: CAFA)
592 |  + SdnRacer: Detecting Concurrency Violations in Software-Defined Networks, SOSR 2015 (tool: SdnRacer)
593 |  + Scalable Race Detection in Android Applications, OOPSLA 2015
594 |  + Automatically Verifying and Reproducing Event-based Races in Android Apps, ISSTA 2016 (tool: ERVA)
595 |  + Efficient Race Detection in the Presence of Programmatic Event Loops, ISSTA 2016 (tool: SparseRacer)
596 |  + Generating Test Cases to Expose Concurrency Bugs in Android Applications, ASE 2016 (tool: RacerDroid)
597 |  + Stateless Model Checking with Data-Race Preemption Points, OOPSLA 2016 (tool: Quicksand)
598 |  + Partial Order Reduction for Event-Driven Multi-threaded Programs, TACAS 2016
599 |  + Precise and Maximal Race Detection from Incomplete Traces, OOPSLA 2016 (tool: RDIT)
600 |  + RDIT: Race Detection from Incomplete Traces, FSE 2016 (tool: RDIT)
601 |  
602 | ## IoT Stuff
603 |  + Analysis and Testing of Notifications in Android Wear Applications, ICSE 2017 
604 |  
605 | ## Knowledge Mining
606 | + An Empirical Analysis of Bug Reports and Bug Fixing in Open Source Android Apps, CSMR 2013
607 | + Works For Me! Characterizing Non-reproducible Bug Reports, MSR 2014
608 | + A Cross-platform Analysis of Bugs and Bug-fixing in Open Source Projects: Desktop vs. Android vs. iOS, EASE 2015
609 | + An Empirical Study on Bug Reports of Android 3rd Party Libraries
610 | 
611 | ## Data & Code Protection
612 | + Understanding Users’ Requirements for Data Protection in Smartphones, ICDEW 2012
613 | + Code Protection in Android, MASTER Dissertation 2012
614 | + AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware, RAID 2015 (tool: AppSpear)
615 | + DexHunter: Toward Extracting Hidden Code from Packed Android Applications, ESORICS 2015 (tool: DexHunter)
616 | + Cashtags: Protecting the Input and Display of Sensitive Data, USENIX Security 2015 (tool: Cashtags)
617 | + SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps, USENIX Security 2015 (tool: SUPOR)
618 | + UIPicker: User-Input Privacy Identification in Mobile Applications, USENIX Security 2015 (tool: UIPicker)
619 | + AppShell: Making Data Protection Practical for Lost or Stolen Android Devices, NOMS 2016 (tool: AppShell)
620 | + SchrodinText: Strong Protection of Sensitive Textual Content of Mobile Applications, MobiSys 2017 (tool: SchrodinText)
621 | + UiRef: Analysis of Sensitive User Inputs in Android Applications, WiSec 2017 (tool: UiRef)
622 | + Using Hover to Compromise the Confidentiality of User Input on Android, WiSec 2017 (tool: Hoover)
623 | + Adaptive Unpacking of Android Apps, ICSE 2017
624 | + Android Code Protection via Obfuscation Techniques: Past, Present and Future Directions, arXiv 2017
625 | 
626 | ## Security Assessment of Android apps
627 | + Smv-hunter: Large scale, automated detection of ssl/tls man-in-the-middle vulnerabilities in android apps, NDSS 2014 (tool: SMV-Hunter)
628 | + Modelling analysis and auto-detection of cryptographic misuse in android applications, DASC 2014
629 | + Measuring the Insecurity of Mobile Deep Links of Android, USENIX Security 2017
630 | 
631 | ## Android Crash Analysis and Repair
632 | + Large-Scale Analysis of Framework-Specific Exceptions in Android Apps, ICSE 2018
633 | + Repairing Crashes in Android Apps, ICSE 2018
634 | 


--------------------------------------------------------------------------------