Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow
0 likes46 views
This presentation investigates mobile app security trends and challenges by analyzing developer discussions on Stack Overflow. Examining over 5,700 security-related questions, the study reveals how developers approach security challenges in an ecosystem with 4+ million apps and $400+ billion in revenue. The research identifies seven major security categories including secured communications, database security, and encryption, while highlighting the evolution of security discussions over time. Through a combination of quantitative analysis, topic modeling, and manual review, the study provides actionable insights for developers, educators, and researchers, helping to improve mobile app security practices and address real-world challenges faced by the development community. Presented at: The 58th Hawaii International Conference on System Sciences (HICSS '25) Date of Conference: Jan 2025 Conference Location: Waikoloa, Hawaii, United States
Ad
More Related Content
Similar to Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow (20)
More from University of Hawai‘i at Mānoa (20)
![A Primer on High-Quality Identifier Naming [ASE 2022]](https://cdn.slidesharecdn.com/ss_thumbnails/tutorialidentifiernaming-221010194443-15a389e4-thumbnail.jpg?width=560&fit=bounds)
Ad
Recently uploaded (20)
![Get & Download Wondershare Filmora Crack Latest [2025]](https://cdn.slidesharecdn.com/ss_thumbnails/revolutionizingresidentialwi-fi-250422112639-60fb726f-250429170801-59e1b240-thumbnail.jpg?width=560&fit=bounds)
Ad
Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow
- 1. Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow Timothy Huo, Ana Catarina Araújo, Jake Imanaka, Anthony Peruma, Rick Kazman H a w a i i I n t e r n a t i o n a l C o n f e r e n c e o n S y s t e m S c i e n c e s J a n u a r y 2 0 2 5 | W a i k o l o a , H a w a i i
- 2. Apps for everything 4+ million apps on major app stores & $400+ billion in app revenue Ease of App Development Tech advancements: almost anyone can create an app! Why Study Mobile App Security? Sensitive Data Handling Apps handle sensitive personal, financial, and health data Unique Characteristics Mobile apps differ from non- mobile systems: energy, permissions, etc.
- 3. Why Study Mobile App Security on Stack Overflow? Developer Community 20M+ questions, answers, and user -- Stack Overflow represents actual developer needs Research Gap Limited understanding of real-world security challenges developers face
- 4. Research Goals Understand key trends, topics, and challenges around developer discussions on securing mobile apps RQ1: Discussion Growth How have mobile security discussions evolved on Stack Overflow? RQ2: Security Challenges What specific security challenges do mobile developers face?
- 5. Study Design
- 6. Tag Query Title Query Source Dataset Data Extraction Data Analysis Statistical Analysis Topic Modeling Manual Review Search keywords: “android”, “ios”, “security”
- 7. Results
- 8. RQ1: Growth of Mobile Security Discussions Questions Answered 80% Total Questions 5,759 Median Response Time 87.1m
- 10. RQ1: Tag Categories Security Concepts/Features e.g., “oauth”, “android- securityexception” Framework/ Library/API e.g., “cordova”, “angularjs” Programming/Software Engineering Concepts e.g., “debugging”, “web-services” 154 101 42 Tools e.g., “xcode”, “eclipse” Operating System e.g., “android”, “macos” 29 25
- 11. RQ2: Security Challenges What security challenges do mobile developers face? Topic Analysis 7 security categories identified through LDA topic modeling Sample Size 1,499 questions manually reviewed for categorization
- 12. RQ2: Security Challenges Security Topic Distribution • Authentication & access control • OAuth integration • Source code protection • User input validation General Security • SSL/TLS implementation • Certificate handling • HTTPS configuration • App Transport Security Secured Communications • Firebase security rules • Access control • Data encryption • Authentication setup Database • Key generation • Data encryption/decryption • KeyStore management • Encryption algorithm selection Encryption • Store security policies • App signing issues • Vulnerability warnings • Policy compliance App Distribution Service • Zip path traversal vulnerabilities • Security/permission exceptions when downloading files • Security policy configurations File-Specific • SecurityException handling • Permission request implementations • AndroidManifest configuration • Runtime permission handling Permissions
- 13. Conclusion
- 14. Developers Better anticipate and address potential vulnerabilities in mobile apps by planning for security issues that commonly arise in practice Educators Improve security training materials and tools tailored to app developers Researchers Investigate on high- impact area and develop better security tools Practical Implications
- 15. Threats To Validity Data Source Limitation Limited to Stack Overflow, may not fully represent broader mobile app development landscape Query Constraints Limited to Android and iOS questions with 'security' in title/tag, may miss other relevant posts Version Analysis Only most recent versions of questions analyzed, missing historical context Sample Review Manual review used statistically significant sample, but may miss important data points
- 16. Conclusion • Developers seek help in seven specific security areas: • Secured Communications • Database • App Distribution Service • Encryption • Permissions • File-Specific • General Security Concerns RQ 2 • Stack Overflow is a major platform for mobile security help • Android security questions dominate • Platform changes trigger question surges RQ 1
- 17. Thank You!