Let me Join Two Worlds! Analyzing the Integration of Web and Native Technologies in Hybrid Mobile Apps

Today millions of mobile apps are downloaded and used all over the world. Mobile apps are distributed via different app stores, such as the Google Play Store, the Apple App Store, the Windows Phone Store. One of the most intriguing challenges in mobile apps development is its fragmentation with respect to mobile platforms (e.g., Android, Apple iOS, Windows Phone). Recently, companies like IBM and Adobe and a growing community of developers advocate hybrid mobile apps development as a possible solution to mobile platforms fragmentation. Hybrid mobile apps are consistent across platforms and built on Web standards. In this paper, we present an empirical investigation into mobile hybrid apps. Our goal is to identify and analyse the traits and distinctions of publicly available hybrid mobile apps from end users' perspective. The study has been conducted by mining 11,917 free apps and 3,041,315 reviews from the Google Play Store, and analyzing them from the end users' perception perspective. The results of this study build an objective and reproducible snapshot about how hybrid mobile development is performing "in the wild" in real projects, thus establishing a base for future methods and techniques for developing hybrid mobile apps.

Hybrid mobile applications (or apps) are based on web technologies, such as HTML5 and JavaScript, and run in a browser environment. They facilitate cross-platform development. However, the security issues of web technologies are inherited by hybrid mobile apps, where the injected code may execute with the system-level privilege. In this paper, we propose a behavior model to detect malicious behaviors in hybrid mobile apps. Our model uses function-level information to describe how an app's behaviors are activated. Furthermore, once script injection happens, the behaviors made by the injected code can be detected according to the deviation from the app's behavior model.

One of the most intriguing challenges mobile apps development is its fragmentation with respect to mobile platforms (e.g., Android, Apple iOS, Windows Phone). Large companies like IBM and Adobe and a growing community of developers advocate hybrid mobile apps development as a possible solution to mobile platforms fragmentation. Hybrid mobile apps are consistent across platforms and built on web standards. How hybrid apps are performing production settings is still highly debated, with limited objective evidence.In this paper, we present the first realistic investigation into mobile hybrid apps through a solid empirical strategy. Our goal is exploratory and we aim at identifying, analysing, and understanding the traits and distinctions of publicly available hybrid mobile apps within their real-life context. The study has been conducted by mining 11,917 free apps and 3,041,315 reviews from the Google Play Store, and analyzing them from both a technical and end users' perception perspective. The results of this study build an objective and reproducible snapshot about how hybrid mobile development is performing in the wild real projects.

With over a billion mobile devices in use worldwide and nearly half a billion mobile applications on offer, software developers must make choices between developing one or more versions of native, hybrid or mobile web applications. This paper compares development approaches across these three options and compiles a set of criteria on platforms and devices that can be used in critical development decisions. Key issues for each application development approach are discussed, and a comparative analysis highlights the advantages and disadvantages of each approach. Keywords: App, mobile application, native mobile app, hybrid mobile app, web mobile app, mobile application development

The application permission system is one of the key components of Android security. Developers often use it incorrectly and claim more permissions than necessary, due to limitations of developers' knowledge and development tools. When application's vulnerabilities are exploited, the additional permissions give attackers more capability to carry out attacks. Hybrid mobile applications (apps) are a class of mobile apps that are built from web technologies, such as HTML, JavaScript, and CSS. In such applications, it is often easier to inject third-party code through vulnerabilities. When developers do not specify app's permissions correctly, the injected code will result in dangerous actions breaching system security. In this paper, we develop an automatic tool to assist developers to identify the permissions required by the apps based on the hybrid mobile apps' runtime permission checking.

One of the most intriguing challenges in mobile apps development is its fragmentation with respect to mobile platforms (e.g., Android, Apple iOS, Windows Phone). Large companies like IBM and Adobe and a growing community of developers advocate hybrid mobile apps development as a possible solution to mobile platforms fragmentation. Hybrid mobile apps are consistent across platforms and built on web standards. How hybrid apps are performing in production settings is still highly debated, with limited objective evidence. In this paper, we present the first empirical investigation into mobile hybrid apps involving a large number of mobile apps. Our goal is exploratory and we aim at identifying, analysing, and understanding the traits and distinctions of publicly available hybrid mobile apps within their real-life context. The study has been conducted by mining 11,917 free apps and their related metadata from the Google Play Store, and analyzing them from both a technical and end users’ perception perspective.

Despite their recentness, hybrid mobile apps have established an increasing share in the mobile apps market. This can be attributed to the fact that these apps offer the balance between providing full functionality at an affordable development cost. Hybrid mobile apps are web apps hosted in a thin native container. Several libraries facilitate building hybrid apps by providing interfaces through which native phone resources can be accessed using Javascript code. Configuring mobile hybrid apps properly is an important but often neglected activity. Coarse-grained configurations and risky default settings result in several privacy and security breaches. Moreover, middleware libraries provide a basic interface to the developers which may drive them off from changing the default settings. We are seeking to provide an automated, interactive, and contextual support for configuring hybrid apps. In this paper, we present a tool prototype, CordovaConfig, which provides fine-grained configurations that are aligned with the app's behavior. We evaluate the potential use and effectiveness of CordovaConfig on 22 students. Our results demonstrate that interactive configuration support can (1) help address this important non-functional requirement early in the development cycle (2) increase programmers awareness in potential risks associated with insecure settings (3) increase developers understanding of configuration items. This is supported by a quantitative and qualitative evaluation. We also uncover common programmers practices and perceptions of hybrid apps security & configurations

Smartphone apps support people to adopt healthy lifestyles. Therefore, it is useful to understand the persuasive design strategies involved in hybrid mobile applications that facilitate behavior changes. The aim of our research is to show the ease of use of hybrid mobile applications compared to Web and Native applications. Hybrid mobile apps combine the features of Web apps and Native mobile apps. Like web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. They directly access local device resources such as native apps. Transition to hybrid applications has been increasing in recent years with the rapid progress of technology. Although it has performance disadvantages compared to native applications, it is more preferred by software developers due to its ease of use. From the results, it has been determined that the user interface for hybrid applications is simpler to develop with its dynamic structure and it uses mobile device features better in terms of performance when used in hybrid applications.

Web-based or hybrid mobile applications (apps) are widely used and supported by various modern hybrid app development frameworks. In this architecture, any JavaScript code, local or remote, can access available APIs, including JavaScript bridges provided by the hybrid framework, to access device resources. This JavaScript inclusion capability is dangerous, since there is no mechanism to determine the origin of the code to control access, and any JavaScript code running in the mobile app can access the device resources through the exposed APIs. Previous solutions are either limited to a particular platform (e.g., Android) or a specific hybrid framework (e.g., Cordova) or only protect the device resources and disregard the sensitive elements in the web environment. Moreover, most of the solutions require the modification of the base platform. In this paper, we present HybridGuard, a novel policy enforcement framework that can enforce principal-based, stateful policies, on multiple origins without modifying the hybrid frameworks or mobile platforms. In HybridGuard, hybrid app developers can specify principal-based permissions, and define fine-grained, and stateful policies that can mitigate a significant class of attacks caused by potentially malicious JavaScript code included from third-party domains, including ads running inside the app. HybridGuard also provides a mechanism and policy patterns for app developers to specify fine-grained policies for multiple principals. HybridGuard is implemented in JavaScript, therefore, it can be easily adapted for other hybrid frameworks or mobile platforms without modification of these frameworks or platforms. We present attack scenarios and report experimental results to demonstrate how HybridGuard can thwart attacks against hybrid mobile apps.

Developing mobile apps are always a difficult task. We currently have three different mobile platforms (Android, iOS and Windows Phone), each of them with their own development framework and a variety of mobile development frameworks that facilitates the development sharing part of the code. In this paper we present a recent study for selecting the best framework for developing mobile applications. We found that hybrid apps are the best choice to develop a mobile app, quickly, and well appreciated by users like native apps.

This paper describes the contents of a tutorial on web-based hybrid mobile apps. Nowadays millions of mobile apps are downloaded and used all over the world. Mobile apps are distributed via different app stores like Google Play Store, the Apple App Store, the Windows Phone Store. One of the most intriguing challenges in mobile apps development is its fragmentation with respect to mobile platforms (e.g., Android, Apple iOS, Windows Phone). Recently, companies like IBM and Adobe and a growing community of developers advocate web-based hybrid mobile apps development as a possible solution to mobile platforms fragmentation. Web-based hybrid mobile apps are consistent across platforms and built on web standards like HTML5, CSS3, JavaScript. This tutorial provides a state of the art overview of the solutions, technologies, and research opportunities related to the development of web-based hybrid mobile apps. Apache Cordova is presented as one of the possible technologies for hybrid apps development. The results of two empirical studies performed on real hybrid mobile apps are presented as an up-to-date snapshot of the state of the practice in the field. Research opportunities and an open discussion close the tutorial.

This paper provides an in-depth comparative study and an interoperability study between a WebRTC browser-based P2P videoconferencing solution and a hybrid mobile app based one, built with the React Native framework. The comparison is in terms of CPU load, RAM occupancy, and network data usage. To carry out our experiments, we designed and implemented a WebRTC P2P videoconferencing prototype, including a signaling server and two separate client applications based on the same algorithm written in JavaScript. The first application is a WebRTC web client (compatible desktop and mobile) and the second is a WebRTC React Native hybrid mobile application. According to the results obtained after several video calls performed over WLAN and LTE networks, our WebRTC hybrid app consume less CPU (~−10%) compared to the web browser-based one. The two types of applications show comparable RAM occupancies. In short, our results showed that implementing WebRTC real-time video streaming in a hybrid mobile app can be a better alternative in the WebRTC videoconferencing on mobile devices, while most of the scientific researches carried out around WebRTC still focus on the web browser.KeywordsWebRTCVideoconferencingHybrid AppWeb AppCPU consumptionRAM occupancyBandwidth occupancyQuality of Experience (QoE)

Multiple Sclerosis (MS) is a chronic neurodegenerative disorder. People living with MS (plwMS) require long-term, multidisciplinary care in both clinical and community settings. MS-specific mHealth interventions have advanced in the form of clinical treatments, rehabilitation, disease monitoring and self-management of disease. However, mHealth interventions for plwMS appear to have limited proof of clinical efficacy. As native mobile apps target specific mobile operating systems, they tend to have better interactive designs leveraging platform-specific guidelines. Thus, to improve such efficacy, it is pivotal to explore the design characteristics of native mobile apps used for plwMS. This study aimed to explore the design characteristics of native mobile apps used for adults living with MS in academic settings. A scoping review of studies was conducted. A literature search was performed through PubMed, CINAHL, MEDLINE and Cochrane Library. Per native mobile apps, characteristics, persuasive technology elements and evaluations were summarized. A total of 14 native mobile apps were identified and 43% of the identified apps were used for data collection (n=6). Approximately 70% of the included apps involved users (plwMS) whilst developing (n=10). A total of three apps utilized embedded sensors. Videos or photos were used for physical activity interventions (n=2) and gamification principles were applied for cognitive and/or motor rehabilitation interventions (n=3). Behavior change theories were integrated into the design of the apps for fatigue management and physical activity. Regarding persuasive technology, the design principles of primary support were applied across all identified apps. The elements of dialogue support and social support were the least applied. The methods for evaluating the identified apps were varied. The findings suggest that the identified apps were in the early stages of development and had a user-centered design. By applying the persuasive systems design model, interaction design qualities and features of the identified mobile apps in academic settings were systematically evaluated at a deeper level. Identifying the digital functionality and interface design of mobile apps for plwMS will help researchers to better understand interactive design and how to incorporate these concepts in mHealth interventions for improvement of clinical efficacy.

Objectives: This research study provides an analysis model which is used to analyze the requirements of mobile native apps contextually under any domain. Methods/Statistical Analysis: Based on the background study, the research process have taken three research approaches and also have identified various activities which are performed among a native mobile app user and mobile native apps and formed them into questionnaires which are sent to different mobile native app developers of different software industries. This research process has determined the requirements based on four contexts in mobile domain such as device context, mobility contexts, user context and social contexts. Findings: These activities are mapped into attributes and contexts for modeling the requirements under mobile domain and for developing the sub models of the analysis model. Finally the analysis model is built and composed of four sub models. These sub models are content analysis model, interaction analysis model, functional analysis model and configuration analysis model. Application/Improvements: This research study provides the analysis model where the requirements are analyzed in a mobile native app under any domain such as agriculture, learning or healthcare applications. This analysis model is significant as it determines the contexts and models the contexts which are not specified in any frameworks or process models. Keywords: Configuration Analysis, Content Analysis, Functional Analysis, Interaction Analysis

Mobile apps have found wide acceptance in today’s world which heavily depend on smart technology to access data over wide location. The apps are mostly of native type which can be used for accessing data even without the internet availability. In this paper the development of mobile native applications requires the assimilation of various analytical contexts depending on the requirement of users. We have done an empirical study of various papers based on ubiquitous systems and mobile apps for finding out the contexts in building mobile native apps and the mobile contexts are such as device context, user context, mobility context and social context. We have found that the overall weight of each mobile context is an empirical study. We have taken various activities which are performed among a user and mobile native apps and formed them into questionnaires which are sent to different mobile native app developers of different software industries. The mapping is done among these activities with the attributes and their associated mobile contexts. We have identified and obtained four contexts as main requirements for developing mobile native apps under any domain. The analysis of requirements is done modeling the contexts and their attributes through OWLDL language. We have determined from the empirical study that the overall weight of device context is more than the other contexts. Hence it is clear that the device context with its numerous features have a great impact on developing mobile native apps under any domain.