User Review-Based Change File Localization for Mobile Applications

In the current mobile app development, novel and emerging DevOps practices (e.g., Continuous Delivery, Integration, and user feedback analysis) and tools are becoming more widespread. For instance, the integration of user feedback (provided in the form of user reviews) in the software release cycle represents a valuable asset for the maintenance and evolution of mobile apps. To fully make use of these assets, it is highly desirable for developers to establish semantic links between the user reviews and the software artefacts to be changed (e.g., source code and documentation), and thus to localize the potential files to change for addressing the user feedback. In this paper, we propose RISING (Review Integration via claSsification, clusterIng, and linkiNG), an automated approach to support the continuous integration of user feedback via classification, clustering, and linking of user reviews. RISING leverages domain-specific constraint information and semi-supervised learning to group user reviews into multiple fine-grained clusters concerning similar users' requests. Then, by combining the textual information from both commit messages and source code, it automatically localizes potential change files to accommodate the users' requests. Our empirical studies demonstrate that the proposed approach outperforms the state-of-the-art baseline work in terms of clustering and localization accuracy, and thus produces more reliable results.Comment: 15 pages, 3 figures, 8 table

The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis

In recent years, mobile devices (e.g., smartphones and tablets) have met an increasing commercial success and have become a fundamental element of the everyday life for billions of people all around the world. Mobile devices are used not only for traditional communication activities (e.g., voice calls and messages) but also for more advanced tasks made possible by an enormous amount of multi-purpose applications (e.g., finance, gaming, and shopping). As a result, those devices generate a significant network traffic (a consistent part of the overall Internet traffic). For this reason, the research community has been investigating security and privacy issues that are related to the network traffic generated by mobile devices, which could be analyzed to obtain information useful for a variety of goals (ranging from device security and network optimization, to fine-grained user profiling). In this paper, we review the works that contributed to the state of the art of network traffic analysis targeting mobile devices. In particular, we present a systematic classification of the works in the literature according to three criteria: (i) the goal of the analysis; (ii) the point where the network traffic is captured; and (iii) the targeted mobile platforms. In this survey, we consider points of capturing such as Wi-Fi Access Points, software simulation, and inside real mobile devices or emulators. For the surveyed works, we review and compare analysis techniques, validation methods, and achieved results. We also discuss possible countermeasures, challenges and possible directions for future research on mobile traffic analysis and other emerging domains (e.g., Internet of Things). We believe our survey will be a reference work for researchers and practitioners in this research field.Comment: 55 page

Automatically Classifying Requirements from App Stores: A Preliminary Study

In this paper we apply self-labeling algorithms as Semi-Supervised Classification (SSC) techniques in order to automate the classification of functional and non-functional requirements contained in reviews in the App Store. In this domain, where it is easy collect a large number of review but difficult to manually annotate then, we found that SSC techniques can successfully perform this task and that only a small amount of data is needed to achieve results similar to classical supervised techniques. We also found that the models learned can properly assign labels to the collected data and can classify unseen future reviews. We believe SSC techniques can be of particular use during requirements classification

Click Fraud Detection in Online and In-app Advertisements: A Learning Based Approach

Click Fraud is the fraudulent act of clicking on pay-per-click advertisements to increase a site’s revenue, to drain revenue from the advertiser, or to inflate the popularity of content on social media platforms. In-app advertisements on mobile platforms are among the most common targets for click fraud, which makes companies hesitant to advertise their products. Fraudulent clicks are supposed to be caught by ad providers as part of their service to advertisers, which is commonly done using machine learning methods. However: (1) there is a lack of research in current literature addressing and evaluating the different techniques of click fraud detection and prevention, (2) threat models composed of active learning systems (smart attackers) can mislead the training process of the fraud detection model by polluting the training data, (3) current deep learning models have significant computational overhead, (4) training data is often in an imbalanced state, and balancing it still results in noisy data that can train the classifier incorrectly, and (5) datasets with high dimensionality cause increased computational overhead and decreased classifier correctness -- while existing feature selection techniques address this issue, they have their own performance limitations. By extending the state-of-the-art techniques in the field of machine learning, this dissertation provides the following solutions: (i) To address (1) and (2), we propose a hybrid deep-learning-based model which consists of an artificial neural network, auto-encoder and semi-supervised generative adversarial network. (ii) As a solution for (3), we present Cascaded Forest and Extreme Gradient Boosting with less hyperparameter tuning. (iii) To overcome (4), we propose a row-wise data reduction method, KSMOTE, which filters out noisy data samples both in the raw data and the synthetically generated samples. (iv) For (5), we propose different column-reduction methods such as multi-time-scale Time Series analysis for fraud forecasting, using binary labeled imbalanced datasets and hybrid filter-wrapper feature selection approaches

Kano-sarnase mudeli kasutamine avatud innovatsiooni saavutamiseks nõuete analüüsi protsessis

Kui viiakse läbi nõuete analüüsi (inglise k Requirements Engineering, lühend RE), siis sageli järjestatakse nõuded nende olulisuse alusel (inglise k requirements prioritization), et saada selgust, milliste välja pakutud nõuetega funktsioon peaks tarkvaral olemas olema, seega sõltub tarkvara analüüsist tarkvara majandusliku väärtuse suurendamisega seotud otsuste tegemine. Tänapäeval arenevad tooted väga kiiresti ning ka nõuete olulisuse alusel järjestamine (inglise k requirements prioritization) on muutunud kiiremaks. Ettevõtted sooviksid saada kasutajatelt kiiret tagasisidet selle kohta, mis peaks olema järgmises mudelis olemas. Üks häid lahendusi sellele on Kano mudel (inglise k Kano model). Kano mudel selgitab välja kasutajate rahulolu ja toodete tunnuste vahelise suhte. See meetod liigitab kasutajate eelistused nende tähtsuse järjekorras, seega toetab see ka nõuete olulisuse järjekorra moodustamist. Aga Kano mudeli rakendamine on kallis ja aeganõudev ning seda ei saa kiiresti korrata. Veelgi enam – see mudel on keeruline väikeste ettevõtete jaoks, sest neil ei tarvitse olla piisavalt rahalisi jm vahendeid, et kasutajatega ühendust võtta ja neid intervjueerida. See omakorda paneb väikesed ettevõtted, eriti just idufirmad, ebavõrdsesse olukorda suurte ettevõtetega. Et sellele probleemile lahendust leida ja Kano mudeli kasutuselevõttu lihtsamaks ning odavamaks teha, arvame, et Kano mudelit tuleks arendada kahel viisil. Esiteks tuleks kasutada tasuta võrgus leiduvaid kirjalikke andmeid, mida saaks asendada intervjueeritavatelt kogutud vastustega. Teiseks – selleks, et hakkama saada võrgust kogutud kirjalike andmete suure mahuga, ning et kaasa aidata korrapärastele analüüsidele, peaks andmete analüüsimine olema automaatne. Selle uurimuse eesmärk on välja pakkuda meetodeid, et kasutajate avamusi, mis on võrgus saadavatest vabadest allikatest kogutud, (semi-)automaatselt liigitada, ja seda selleks, et aidata otsustajatel otsustada, millised tarkvara nõuded järgmises mudelis kindlasti olemas peaksid olema. Et seda uurimuse eesmärki saavutada, pakume me välja avatud innovatsiooni nõuete analüüsi (OIRE) meetodi, mille abil saavad tarkvarafirmad parema ülevaate kasutajate vajadustest ja sellest, kuivõrd rahul on nad olemasolevate toodetega.When Requirements Engineering (RE) is applied, requirements analysis is often used to determine which candidate requirements of a feature should be included in a software release. This plays a crucial role in the decisions made to increase the economic value of software. Nowadays, products evolve fast, and the process of requirements prioritization is becoming shorter as well. Companies benefit from receiving quick feedback from end users about what should be included in subsequent releases. One effective approach supporting requirements prioritization is the Kano model. The Kano model defines the relationship between user satisfaction and product features. It is a method used to classify user preferences according to their importance, and in doing so, supports requirements prioritization. However, implementing the Kano model is costly and time-consuming, and the application of the Kano model cannot be repeated quickly. Moreover, this is even more difficult for small companies because they might not have sufficient funds and resources to contact end users and conduct interviews. This puts small businesses, especially start-ups, at an unfair disadvantage in competing with big companies. To address this problem and make the application of the Kano model simpler, faster, and cheaper, we propose evolving the Kano model in two aspects. First, free online text data should be used to replace responses collected from interviewees. Second, in order to handle the higher amount of data that can be collected from free online text data and in order to facilitate frequent analyses, the data analysis process should be automated. The goal of this research is to propose methods for (semi-)automatically classifying user opinions collected from online open sources (e.g., from online reviews) to help decision-makers decide which software requirements to include in subsequent product versions. To achieve this research goal, we propose the Open Innovation in Requirements Engineering (OIRE) method to help software organizations gain a better understanding of user needs and satisfaction with existing products. A key element of the OIRE method is its Kano-like model. This Kano-like model mimics the traditional Kano model, except that it uses data from online reviews instead of interviews conducted with select focus groups.https://www.ester.ee/record=b527385