Explore the security implications of copying and pasting code snippets from Stack Overflow into Android applications in this IEEE conference talk. Delve into a comprehensive study that quantifies the proliferation of security-related code from Stack Overflow in Android apps available on Google Play. Learn about the alarming findings: 15.4% of 1.3 million analyzed Android applications contained security-related code snippets from Stack Overflow, with 97.9% of those containing at least one insecure snippet. Understand the challenges developers face when integrating ready-to-use code solutions into production software, especially concerning code security. Gain insights into the research methodology, including the use of a stochastic gradient descent classifier to evaluate security scores and state-of-the-art static analysis to identify code reuse in Android applications. Reflect on the importance of caution and expertise when utilizing online programming resources for security-related code implementations.
Stack Overflow Considered Harmful - The Impact of Copy & Paste on Android Application Security
Overview
Syllabus
Stack Overflow Considered Harmful? --- The Impact of Copy&Paste on Android Application Security
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
You Get Where You're Looking For - The Impact Of Information Sources On Code Security
-
Following Devil's Footprints - Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS
-
The Rise of the Citizen Developer - Assessing the Security Impact of Online App Generators
-
The Impact of Third-party Code on Android App Security
-
TextExerciser - Feedback-Driven Text Input Exercising for Android Applications
