The authors begin by introducing the background of the field, explaining the general operating system, programming features, and security mechanisms. The authors capture the semantic-level behavior of mobile applications and use it to reliably detect malware variants and zero-day malware. Next, they propose an automatic patch generation technique to detect and block dangerous information flow. A bytecode rewriting technique is used to confine privacy leakage. User-awareness, a key factor of security risks, is addressed by automatically translating security-related program semantics into natural languagedescriptions. Frequent behavior mining is used to discover and compress common semantics. As a result, the produced descriptions are security-sensitive, human-understandable and concise.

By covering the background, current threats, and future work in this field, the brief is suitable for both professionals in industry and advanced-level students working in mobile security and applications. It is valuable for researchers, as well.