The paper proposes a time-aware self-supervised learning framework using BYOL to improve Android malware detection robustness by accurately accounting for app release times.

The study surveyed Android developers to assess their willingness to adopt changes that mitigate device fingerprinting risks, finding that developers overwhelmingly support privacy protections even wi…

PrivacyAssist is a multi-agent LLM framework that detects inconsistencies between user-granted app permissions and the app's actual data collection practices, finding that most apps are not fully tran…

This paper provides the first comprehensive review of threats and defenses specifically targeting on-device AI inference, revealing a significant imbalance where certain attack types, like adversarial…

The paper reverse-engineers Apple's Private Cloud Compute (PCC) implementation to independently benchmark its model and evaluate its privacy claims, addressing the lack of transparency in Apple's syst…

MARD introduces a multi-agent framework that combines Large Language Models (LLMs) with traditional static analysis engines to achieve robust and highly interpretable Android malware detection with lo…

The paper introduces McNdroid, a large longitudinal multimodal benchmark for Android malware, demonstrating that temporal drift significantly degrades detection performance, which is best mitigated by…

The paper empirically compares the security and privacy implementation characteristics of major Android messaging apps (Meta Messenger, Signal, and Telegram) using static and dynamic analysis, finding…

WOOTdroid is a novel, non-invasive system for comprehensive on-device tracing on stock Android that simultaneously addresses syscall data loss and the semantic gap in Binder IPC events.

This study empirically analyzed 1,000 Android apps, finding that privacy policies are often vague and frequently fail to align with the actual sensitive data logged by the applications.

The paper introduces MyPhoneBench, a new framework that demonstrates that current phone-use agents often fail to respect user privacy, even when successfully completing simple tasks, primarily due to…

The paper introduces a static analysis pipeline using graph kernels to automatically attribute unknown Android proxy malware to specific commercial proxy networks with high accuracy.

This study empirically demonstrates that privacy exposure in mobile gaming apps is primarily driven by complex, configuration-level SDK ecosystems rather than just the permissions the app explicitly r…

The paper proposes and evaluates DePRa, a system that democratizes privacy assessment by making everyday users active evaluators of mobile app data access, showing its potential to complement expert a…

AndroScanner is an automated pipeline that detects backend vulnerabilities in Android applications by combining static and dynamic analysis, successfully identifying a zero-day Excessive Data Exposure…

The paper introduces SCAgent, an automated framework that uses LLM-assisted agents to systematically discover, analyze, and assess side-channel leakage risks in complex systems like iOS, moving beyond…

This study empirically analyzed 41 mobile gaming apps, finding that while device ID disclosures were relatively consistent, location and personal information disclosures showed significant mismatches…

The paper introduces AVDA, a framework that uses the Model Context Protocol (MCP) to automate cybersecurity detection authoring by integrating organizational context into AI code generation, achieving…

This study longitudinally evaluates the adversarial robustness of Android malware detection systems over a decade, finding that temporal separation significantly degrades robustness due to concept dri…

The paper proposes a cost-aware, adaptive maintenance framework using Reinforcement Learning (RL) and self-supervised learning to mitigate performance degradation (concept drift) in Android malware de…