A Survey of Performance Optimization for Mobile Applications

Nowadays there is a mobile application for almost everything a user may think of, ranging from paying bills and gathering information to playing games and watching movies. In order to ensure user satisfaction and success of applications, it is important to provide high performant applications. This is particularly important for resource constraint systems such as mobile devices. Thereby, non-functional performance characteristics, such as energy and memory consumption, play an important role for user satisfaction. This paper provides a comprehensive survey of non-functional performance optimization for Android applications. We collected 155 unique publications, published between 2008 and 2020, that focus on the optimization of non-functional performance of mobile applications. We target our search at four performance characteristics, in particular: responsiveness, launch time, memory and energy consumption. For each performance characteristic, we categorize optimization approaches based on the method used in the corresponding publications. Furthermore, we identify research gaps in the literature for future work

The Smart Mobile Application Framework (SMAF) - Exploratory Evaluation in the Smart City Contex

What makes mobile apps "smart"? This paper challenges this question by seeking to identify the inherent characteristics of smartness. Starting with the etymological foundations of the term, elements of smart behavior in software applications are extracted from the literature, elaborated and contrasted. Based on these findings we propose a Smart Mobile Application Framework incorporating a set of activities and qualities associated with smart mobile software. The framework is applied to analyze a specific mobile application in the context of Smart Cities and proves its applicability for uncovering the implementation of smart concepts in real-world settings. Hence, this work contributes to research by conceptualizing a new type of application and provides useful insights to practitioners who want to design, implement or evaluate smart mobile applications

Smart mobility: a survey

Internet of Things (IoT) describes a world where everyday objects are always connected to the Internet, allowing them to communicate and interact with each other. By connecting these everyday objects to the Internet and making them available everywhere at any time, IoT allows to remotely monitor, manage, and gather status information about them and their surrounding environment. IoT is a revolutionary concept that brought new experiences to everyday life and enabled Smart City initiatives all over the world. These initiatives are using a combination of technology paired with physical infrastructure and services, to improve people’s quality of life. One of the high priority domain to support the Smart City’s vision is the field of Smart Mobility. This paper reviews the current IoT approaches and concepts related to Smart Cities and Smart Mobility. In addition, it analyzes distinct features and numerous applications covering both Intelligent Transportation and Real Time Traffic Management Systems.info:eu-repo/semantics/publishedVersio

Smart mobility: a survey

Internet of Things (IoT) describes a world where everyday objects are always connected to the Internet, allowing them to communicate and interact with each other. By connecting these everyday objects to the Internet and making them available everywhere at any time, IoT allows to remotely monitor, manage, and gather status information about them and their surrounding environment. IoT is a revolutionary concept that brought new experiences to everyday life and enabled Smart City initiatives all over the world. These initiatives are using a combination of technology paired with physical infrastructure and services, to improve people's quality of life. One of the high-priority domain to support the Smart City's vision is the field of Smart Mobility. This paper reviews the current IoT approaches and concepts related to Smart Cities and Smart Mobility. In addition, it analyzes distinct features and numerous applications covering both Intelligent Transportation and Real Time Traffic Management Systems

Measuring and Mitigating Potential Risks of Third-party Resource Inclusions

In today's computer services, developers commonly use third-party resources like libraries, hosting infrastructure and advertisements. Using third-party components improves the efficiency and enhances the quality of developing custom applications. However, while using third-party resources adopts their benefits, it adopts their vulnerabilities, as well. Unfortunately, developers are uninformed about the risks, as a result of which, the services are susceptible to various attacks. There has been a lot of work on how to develop first-hand secure services. The key focus in my thesis is quantifying the risks in the inclusion of third-party resources and looking into possible ways of mitigating them. Based on the fundamental ways that risks arise, we broadly classify them into Direct and Indirect Risks. Direct risk is the risk that comes with invoking the third-party resource incorrectly—even if the third party is otherwise trustworthy whereas indirect risk is the risk that comes with the third-party resource potentially acting in an untrustworthy manner—even if it were invoked correctly. To understand the security related direct risks in third-party inclusions, we study cryptographic frameworks. Developers often use these frameworks incorrectly and introduce security vulnerabilities. This is because current cryptographic frameworks erode abstraction boundaries, as they do not encapsulate all the framework-specific knowledge and expect developers to understand security attacks and defenses. Starting from the documented misuse cases of cryptographic APIs, we infer five developer needs and we show that a good API design would address these needs only partially. Building on this observation, we propose APIs that are semantically meaningful for developers. We show how these interfaces can be implemented consistently on top of existing frameworks using novel and known design patterns, and we propose build management hooks for isolating security workarounds needed during the development and test phases. To understand the performance related direct risks in third-party inclusions, we study resource hints in webpage HTML. Today's websites involve loading a large number of resources, resulting in a considerable amount of time issuing DNS requests, requesting resources, and waiting for responses. As an optimization for these time sinks, websites may load resource hints, such as DNS prefetch, preconnect, preload, pre-render, and prefetch tags in their HTML files to cause clients to initiate DNS queries and resource fetches early in their web-page downloads before encountering the precise resource to download. We explore whether websites are making effective use of resource hints using techniques based on the tool we developed to obtain a complete snapshot of a webpage at a given point in time. We find that many popular websites are highly ineffective in their use of resource hints, causing clients to query and connect to extraneous domains, download unnecessary data, and may even use resource hints to bypass ad blockers. To evaluate the indirect risks, we study the web topology. Users who visit benign, popular websites are unfortunately bombarded with malicious popups, malware- loading sites, and phishing sites. The questions we want to address here are: Which domains are responsible for such malicious activity? At what point in the process of loading a popular, trusted website does the trust break down to loading dangerous content? To answer these questions, we first understand what third-party resources websites load (both directly and indirectly). I present a tool that constructs the most complete map of a website’s resource-level topology to date. This is surprisingly nontrivial; most prior work used only a single run of a single tool (e.g., Puppeteer or Selenium), but I show that this misses a significant fraction of resources. I then apply my tool to collect the resource topology graphs of 20,000 websites from the Alexa ranking, and analyze them to understand which third-party resource inclusions lead to malicious resources. I believe that these third-party inclusions are not always constant or blocked by existing Ad-blockers. We argue that greater accountability of these third parties can lead to a safer web

Techniques for the Analysis of Modern Web Page Traffic using Anonymized TCP/IP Headers

Analysis of traces of network traffic is a methodology that has been widely adopted for studying the Web for several decades. However, due to recent privacy legislation and increasing adoption of traffic encryption, often only anonymized TCP/IP headers are accessible in traffic traces. For traffic traces to remain useful for analysis, techniques must be developed to glean insight using this limited header information. This dissertation evaluates approaches for classifying individual web page downloads — referred to as web page classification — when only anonymized TCP/IP headers are available. The context in which web page classification is defined and evaluated in this dissertation is different from prior traffic classification methods in three ways. First, the impact of diversity in client platforms (browsers, operating systems, device type, and vantage point) on network traffic is explicitly considered. Second, the challenge of overlapping traffic from multiple web pages is explicitly considered and demultiplexing approaches are evaluated (web page segmentation). And lastly, unlike prior work on traffic classification, four orthogonal labeling schemes are considered (genre-based, device-based, navigation-based, and video streaming-based) — these are of value in several web-related applications, including privacy analysis, user behavior modeling, traffic forecasting, and potentially behavioral ad-targeting. We conduct evaluations using large collections of both synthetically generated data, as well as browsing data from real users. Our analysis shows that the client platform choice has a statistically significant impact on web traffic. It also shows that change point detection methods, a new class of segmentation approach, outperform existing idle time-based methods. Overall, this work establishes that web page classification performance can be improved by: (i) incorporating client platform differences in the feature selection and training methodology, and (ii) utilizing better performing web page segmentation approaches. This research increases the overall awareness on the challenges associated with the analysis of modern web traffic. It shows and advocates for considering real-world factors, such as client platform diversity and overlapping traffic from multiple streams, when developing and evaluating traffic analysis techniques.Doctor of Philosoph