Mobil Uygulamalarda Hibrit Sistemlerin Oluşturduğu Kullanım Kolaylıklarının İncelenmesi

We can notice that security problems of inappropriate integration of native and web technologies in hybrid mobile applications (apps) have been covered in the related state-of-the-art research. However, analyzing hybrid mobile apps' unique behaviors has been seldom addressed. In this paper, we explore the influence of native and web technologies integration in hybrid mobile apps on the generated profile of mobile applications. Specifically, we analyze the type of Security Sensitive APIs (SS-APIs) exposed to web content and identify the corresponding usage patterns by systematically tracking function-call-graphs of a large number of hybrid and native mobile apps. Our investigations indicate that the generated profiles for hybrid and native mobile apps are considerably different. Using our proposed tool, called Hybrid-scanner, for tracking and analyzing internal behaviors of hybrid mobile apps, we show that there is more trace of API calling for triggering a specific SS-API in a hybrid mobile app in comparison with Android native mobile apps. In addition, we have found that almost 40% of SS-APIs in hybrid mobile apps are invoked by third-party libraries, e.g. advertisement libraries. This knowledge, however, is crucial for designing appropriate malware detection or vulnerability mitigation strategies. Based on our results, we discuss two main approaches in Android malware analysis field and enumerate some suggestions which should be considered in order to successfully detect malicious behaviors in such new type of apps.

Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content and explain why they are ineffectual. We then present NoFrak, a capability-based defense against fracking attacks. NoFrak is platform-independent, compatible with any framework and embedded browser, requires no changes to the code of the existing hybrid apps, and does not break their advertising-supported business model.

With over a billion mobile devices in use worldwide and nearly half a billion mobile applications on offer, software developers must make choices between developing one or more versions of native, hybrid or mobile web applications. This paper compares development approaches across these three options and compiles a set of criteria on platforms and devices that can be used in critical development decisions. Key issues for each application development approach are discussed, and a comparative analysis highlights the advantages and disadvantages of each approach. Keywords: App, mobile application, native mobile app, hybrid mobile app, web mobile app, mobile application development

A large number of web applications are written using server-side scripting languages. Although web browsers allow clients to run these applications, it is often cumbersome to depend on desktops for the services provided by the applications. Given the popularity and convenience of mobile devices, there is a clear need to have native mobile apps driving the applications along with web browsers. In this paper, we present a solution to re-engineer web applications developed using server-side scripting languages, into native mobile apps. The solution takes source code of the web application along with its test suite as input and produces corresponding cross-platform mobile apps. The entire re-engineering process is fully automatic requiring no manual intervention at any stage. Our solution is generic enough not only to handle popular server-side scripting languages, but also to output mobile apps that support diverse popular platforms including Android, iOS, and Windows Mobile. To showcase the capability and generality of our solution, we have developed a prototype tool KIRKE to handle applications developed using JSP, PHP, and ASP.NET. We present three case studies based on real-life codebases to evaluate the correctness, coverage, usability, and performance of our solution. The results indicate that KIRKE is capable of generating a mobile app that preserves the functionality of original web application and uses resources more efficiently when compared to the web application running on a mobile browser.

With countless smartphones and mobile devices being widely used, users can have community interaction, recreation, and can even make a purchase through their mobile devices. Therefore, the mobile network service is becoming increasing irreplaceable and essential to modern people's daily life. That makes the network security of mobile Apps become relatively important. And it is every App designer's biggest challenge to guarantee the security of their Apps in mobile gadgets. Moreover, cross platform mobile app (CPMA) combines the features of Web applications and mobile Apps. On the one hand, like Web applications, CPMA is implemented in portable, platform-independent languages such as HTML and JavaScript. On the other hand, like native Apps, CPMA has direct access to local device resources -- file system, location, camera, contacts, etc. Owing to the above advantages, CPMA has gaining more and more popularity. To sum up, how to develop a secured cross platform mobile Apps to prevent users' personal information from being invaded becomes the most interesting and critical issue. In this paper, we present a security CPMA to provide IT network services developers with related idea and model case study.

Multiple Sclerosis (MS) is a chronic neurodegenerative disorder. People living with MS (plwMS) require long-term, multidisciplinary care in both clinical and community settings. MS-specific mHealth interventions have advanced in the form of clinical treatments, rehabilitation, disease monitoring and self-management of disease. However, mHealth interventions for plwMS appear to have limited proof of clinical efficacy. As native mobile apps target specific mobile operating systems, they tend to have better interactive designs leveraging platform-specific guidelines. Thus, to improve such efficacy, it is pivotal to explore the design characteristics of native mobile apps used for plwMS. This study aimed to explore the design characteristics of native mobile apps used for adults living with MS in academic settings. A scoping review of studies was conducted. A literature search was performed through PubMed, CINAHL, MEDLINE and Cochrane Library. Per native mobile apps, characteristics, persuasive technology elements and evaluations were summarized. A total of 14 native mobile apps were identified and 43% of the identified apps were used for data collection (n=6). Approximately 70% of the included apps involved users (plwMS) whilst developing (n=10). A total of three apps utilized embedded sensors. Videos or photos were used for physical activity interventions (n=2) and gamification principles were applied for cognitive and/or motor rehabilitation interventions (n=3). Behavior change theories were integrated into the design of the apps for fatigue management and physical activity. Regarding persuasive technology, the design principles of primary support were applied across all identified apps. The elements of dialogue support and social support were the least applied. The methods for evaluating the identified apps were varied. The findings suggest that the identified apps were in the early stages of development and had a user-centered design. By applying the persuasive systems design model, interaction design qualities and features of the identified mobile apps in academic settings were systematically evaluated at a deeper level. Identifying the digital functionality and interface design of mobile apps for plwMS will help researchers to better understand interactive design and how to incorporate these concepts in mHealth interventions for improvement of clinical efficacy.

The global expansion of smartphones and tablets has created a huge industry of mobile applications. The cloud computing together with the mobile cloud apps, have been both gaining importance against native apps in the last years. This paper aims to perform a comparative study about the features of native and mobile cloud apps for health care. With that purpose, we have developed an academic and non-academic review of features, advantages and disadvantages of both types of apps and we have applied these features in three different health care scenarios: an Electronic Health Records (EHRs) administration app in a wide region, a heart rate monitoring app in a rural area, and a diabetes management app. It was concluded that although the mobile cloud apps offer significant advantages, which overcome the ones of native apps in some scenarios, there are other cases where native apps are the only solution. Hence, both types need to coexist for a while. As users seem to prefer native apps, a possible solution can be the use of hybrid apps, mobile cloud apps with a native container, since they get advantages from both types.

These days, almost every successful company owns a web application for their business. Essentially, companies try to develop a website that is easy to navigate, so that a user could have a great experience regardless of a used device. But, a web app, even if developed to be used on any device, can be constraining for a user as it does not have features that have been reserved to native apps. Thus, companies are forced to develop a native application for their product and two applications are needed for two different OS IOS and Android to reach all potential users and match the modern criteria of a successful product. However, such a strategy of developing a web and two native applications are time and money consuming, which is far from ideal from a business point of view. In 2015, Google introduced Progressive Web Apps (PWA), which aims to close the gap between web and native applications by combining the best features from web and native apps. In this article I am going to describe several APIs that can make PWA feel like a native app.

Objectives: This research study provides an analysis model which is used to analyze the requirements of mobile native apps contextually under any domain. Methods/Statistical Analysis: Based on the background study, the research process have taken three research approaches and also have identified various activities which are performed among a native mobile app user and mobile native apps and formed them into questionnaires which are sent to different mobile native app developers of different software industries. This research process has determined the requirements based on four contexts in mobile domain such as device context, mobility contexts, user context and social contexts. Findings: These activities are mapped into attributes and contexts for modeling the requirements under mobile domain and for developing the sub models of the analysis model. Finally the analysis model is built and composed of four sub models. These sub models are content analysis model, interaction analysis model, functional analysis model and configuration analysis model. Application/Improvements: This research study provides the analysis model where the requirements are analyzed in a mobile native app under any domain such as agriculture, learning or healthcare applications. This analysis model is significant as it determines the contexts and models the contexts which are not specified in any frameworks or process models. Keywords: Configuration Analysis, Content Analysis, Functional Analysis, Interaction Analysis

I often get the question if there is still use in learning desktop technologies like WPF or WinForms. My answer is always the same: of course there is! There has been a big movement toward the Web the past few years, which definitely makes sense in regard to ease of deployment and installation. No need to juggle MSI files around, making sure every client computer has the correct version of .NET installed, finding out what version of the software a customer is using, and so on. With web applications, we install the software on a server, and all of our users just use their browsers to use the application. So why are native apps (both desktop and mobile apps) still a thing? The answer is simple, performance and capabilities. The Web, for now, does not have the same level of access to peripherals and operating system as a native app does. As for performance, let’s look at the way an operating system renders its applications. Rendering happens in steps, layer by layer. A WPF application, for example, will render its main window followed by the controls on that specific window; the whole rendering of an application is optimized to draw the user interface as fast as possible to not make the user feel like the application is hanging. If we apply that same logic to a web browser, you’ll understand that the browser’s main window and controls like the back and forward buttons, favorite bar, extension icons, and so on are rendered first. Once everything is on the screen, the browser will start interpreting and rendering the HTML, so the actual user interface of your web application is last to render. Another major difference is threading, JavaScript is single-threaded, so it’s not possible to schedule heavy work on a separate thread. The advice there is to have a server handle the heavy lifting and make your frontend wait for the response, which is a very valid argument, except for applications that need real-time heavy processing, like the software stock brokers use, for example. Every millisecond of delay caused by a request going over the network can cost them money. A native desktop application, running on a powerful client computer, can handle these calculations with ease.

Currently, mobile devices are available in several formats; their applications can be grouped into three categories: native applications, Web applications and hybrid applications. Hybrid applications use Web programming features, such as HTML, CSS and Javascript, and are able to access native device capabilities, such as GPS, camera and contacts. Several works automated software testing in native applications and this fact suggests a lack of testing approaches for hybrid applications. In this paper, we investigate test automation process in hybrid applications running graphical user interface (GUI) under various mobile platforms. Three applications were tested in five different mobile devices (Android and iOS). The manual inspections indicated correct functioning of the features under test. Automated executions found some differences between the platforms, such as in the user interface and test script coding.

Mobile apps have found wide acceptance in today’s world which heavily depend on smart technology to access data over wide location. The apps are mostly of native type which can be used for accessing data even without the internet availability. In this paper the development of mobile native applications requires the assimilation of various analytical contexts depending on the requirement of users. We have done an empirical study of various papers based on ubiquitous systems and mobile apps for finding out the contexts in building mobile native apps and the mobile contexts are such as device context, user context, mobility context and social context. We have found that the overall weight of each mobile context is an empirical study. We have taken various activities which are performed among a user and mobile native apps and formed them into questionnaires which are sent to different mobile native app developers of different software industries. The mapping is done among these activities with the attributes and their associated mobile contexts. We have identified and obtained four contexts as main requirements for developing mobile native apps under any domain. The analysis of requirements is done modeling the contexts and their attributes through OWLDL language. We have determined from the empirical study that the overall weight of device context is more than the other contexts. Hence it is clear that the device context with its numerous features have a great impact on developing mobile native apps under any domain.

Recent developments in mobile technology have enabled mobile phones to work as mobile Web servers. However, the composition of mobile phone applications and Web resources to form new mashup applications requires mobile programming knowledge ranging from how to create user interfaces, network connections and access to Web resources. Furthermore, the unique capabilities of mobile phone applications such as access to camera inputs or sensor data are often limited to local use only. To address these problems, we present a description-based approach and an Integration Model for the composition of mobile mashup applications combining Web applications, Web services and mobile phone applications (i.e., generic components). The compositions appear to require less native mobile programming knowledge. In the current work, to leverage access to these services and applications, an Interface Wrapper was used to transform generic components into mashup components. Composers were able to transform and reuse form-based query results from Web applications and integrate them with wrapped output from users' interaction with mobile phone applications, and other Web services. The final applications can be configured to work two ways: 1) as native mobile phone applications or 2) as a Web application accessible externally via a mobile Web server application.

It is our great pleasure to welcome you to the proceedings of the workshop held as part of SPLASH 2014! This year's Workshop continues the tradition of allowing both graduate and undergraduate students to present their ongoing work and get productive feedback on their latest results. Workshop Overview Mobile application usage and development is experiencing exponential growth. According to Gartner, by 2016 more than 300 billion applications will be downloaded annually. The mobile domain presents new challenges to software engineering. Mobile platforms are rapidly changing, including diverse capabilities as GPS, sensors, and input modes. Applications must be omni-channel and work on all platforms. Activated on mobile platforms, modern applications must be elastic and scale on demand according to the hardware abilities. Applications often need to support and use third-party services. Therefore, during development, security and authorization processes for the dataflow must be applied. Bring your own device (BYOD) policies bring new security data leaks challenges. Developing such applications requires suitable practices and tools e.g., architecture techniques that relate to the complexity at hand; improved refactoring tools for hybrid applications using dynamic languages and polyglot development and applications; and testing techniques for applications that run on different devices. This workshop aims at establishing a community of researchers and practitioners to share their work and lead further research in the mobile software engineering. The workshop has several goals. First, we want to develop relationships to create a vibrant research community in the area of mobile software development. Second, we want to identify the most important research problems for mobile software development. Our program includes: Distinguished keynote by Dr. Daniel M. Yellin the Vice President, IBM Mobile Platform Development, and an IBM Distinguished EngineerInvited talksMarco Pistoia and Omer Trip Integrating Security, Analytics and Application Management into the Mobile Development LifecycleNikolai Tillmann Rapidly Prototyping Apps for Mobile Cloud-Connected DevicesLucas Brutschy, Pietro Ferrara and Mueller Peter. Static Analysis for Independent App DevelopersPanel: "How Mobile Affects Business Processes? : The Research Perspective"Activity: "Killer Apps for Mobile Opportunity and ChallengesResearch papers Mobile software engineering presents new challenges and directions. Among others, we observe the following five areas of interest: Management of the mobile applications. This refers to the technical capabilities to create, deploy, and manage a suite of applications for multiple heterogeneous devices (e.g., iOS, Android, BlackBerry, Windows) that connect securely to enterprise back-end servers.Hybrid applications versus native applications. A native application is an application designed to run in a specific environment written in a specific language. A hybrid mobile application, however, is developed using web technologies such as HTML, CSS, and JavaScript activated by a native wrapper. Building native applications requires comprehensive knowledge in the specific environment, such as Objective C (iOS), Java (Android), and C# (Windows mobile and BlackBerry). However, hybrid applications based on web technologies require more common knowledge.User experience. Applications must be developed that provide different user experiences depending on the target environment. For example, an iOS application provides a different user experience than an Android application, even though the functionality of the application must be the same.Battery life. How can developers write software that uses up as little battery life as possible?Migrations to mobile. As more users access and use mobile-based tools, developers need to enable and support migration from legacy software such as web applications to mobile.Mobile security. Mobile devices have strong networking capabilities. Hence security of ersonal information and businesses data become very important. Employees use their smartphones to access sensitive information. The operating system of those devices collects sensitive data that may be visible to third-party applications. Hence vulnerabilities from both the web browser and operating system must be considered. Moreover, the development of mobile applications includes the following aspects that extend existing software engineering practices: Software characteristics. 1) Software is distributed on several platforms that link between them over the network. For example, one part of an application could be on mobile phones browsers, another part might be on the cloud, and both of them are reading data from some legacy systems. 2) Mobile applications need to be elastic and scale on demand according to their environments' abilities. Functionalities need to be easily removed, added, or moved to or from the cloud. 3) Many hardware platforms exist for an application and the platforms are rapidly changing, including flexible capabilities such as GPS, sensors, and input modes. Development, however, should be for all platforms.Architecture. Mobile application development also includes several architectural challenges, such as how to support omni-channel communications and how to support new application data updates from the server, e.g., notifications about new mail or software updates. Applications must be able to easily communicate with new systems. Traditional solutions enable software to be easily designed and modified to communicate with new environments. However, the environments with which applications need to communicate are rapidly changing. As a result, traditional solutions do not fit modern software and we cannot modify applications using traditional architectural approaches to support all channels.Testing. Another aspect of mobile application development concerns software testing. How can applications be tested on arbitrary and unknown hardware? And how can we develop test-driven software without being able to run the test itself?

Mobile application usage and development is experiencing exponential growth. According to Gartner, by 2016 more than 300 billion applications will be downloaded annually. The mobile domain presents new challenges to software engineering. Mobile platforms are rapidly changing, including diverse capabilities as GPS, sensors, and input modes. Applications must be omnichannel and work on all platforms. Activated on mobile platforms, modern applications must be elastic and scale on demand according to the hardware abilities. Applications often need to support and use third-party services. Therefore, during development, security and authorization processes for the dataflow must be applied. Bring your own device (BYOD) policies and bring new security data leaks challenges. Developing such applications requires suitable practices and tools e.g., architecture techniques that relate to the complexity at hand; improved refactoring tools for hybrid applications using dynamic languages and polyglot development and applications; and testing techniques for applications that run on different devices. This workshop aims at establishing a community of researchers and practitioners to share their work and lead to further research in the mobile software engineering. The workshop has several goals. First, we want to develop relationships to create a vibrant research community in the area of mobile software development. Second, we want to identify the most important research problems for mobile software development. We have two distinguished keynote speakers, invited talks, and papers of mobile software engineering. We welcome you to work with us on these topics and define the next research directions in mobile software engineering. Mobile software engineering presents new challenges and directions. Among others, we observe the following five areas of interest: Management of the mobile applications. This refers to the technical capabilities to create, deploy, and manage a suite of applications for multiple heterogeneous devices (e.g., iOS, Android, BlackBerry, Windows) that connect securely to enterprise back-end servers.Hybrid applications versus native applications. A native application is an application designed to run in a specific environment written in a specific language. A hybrid mobile application, however, is developed using web technologies such as HTML, CSS, and JavaScript activated by a native wrapper. Building native applications requires comprehensive knowledge in the specific environment, such as Objective C (iOS), Java (Android), and C# (Windows mobile and BlackBerry). However, hybrid applications based on web technologies require more common knowledge.User experience. Applications must be developed that provide different user experiences depending on the target environment. For example, an iOS application provides a different user experience than an Android application, even though the functionality of the application must be the same.Battery life. How can developers write software that uses up as little battery life as possible?Migrations to mobile. As more users access and use mobile-based tools, developers need to enable and support migration from legacy software such as web applications to mobile.Mobile security. Mobile devices have strong networking capabilities. Hence security of personal information and businesses data become very important. Employees use their smartphones to access sensitive information. The operating system of those devices collect sensitive data that may be visible to a third-party application. Hence vulnerabilities from both the web browser and operating system must be considered. Moreover, the development of mobile applications includes the following aspects that extend existing software engineering practices: Software characteristics. 1) Software is distributed on several platforms that link between them over the network. For example, one part of an application could be on mobile phone browsers, another part might be on the cloud, and both of them are reading data from some legacy systems. 2) Mobile applications need to be elastic and scale on demand according to their environments' abilities. Functionalities need to be easily removed, added, or moved to or from the cloud. 3) Many hardware platforms exist for an application and the platforms are rapidly changing, including flexible capabilities such as GPS, sensors, and input modes. Development, however, should be for all platforms.Architecture. Mobile application development also includes several architectural challenges, such as how to support omni-channel communications and how to support new application data updates from the server, e.g., notifications about new mail or software updates. Applications must be able to easily communicate with new systems. Traditional solutions enable software to be easily designed and modified to communicate with new environments. However, the environments with which applications need to communicate are rapidly changing. As a result, traditional solutions do not fit modern software and we cannot modify applications using traditional architectural approaches to support all channels.Testing. Another aspect of mobile application development concerns software testing. How can applications be tested on arbitrary and unknown hardware? And how can we develop test-driven software without being able to run the test itself?