SaTS 2025
ACM Workshop on Security and Privacy of AI-Empowered Mobile Super Apps (SaTS ’25)
Co-located with ACM CCS 2025 »
October 13th, 2025
Mobile super apps present an emerging paradigm in the realm of mobile computing. These applications,
which offer a plethora of services often in the form of “miniapps”, have experienced an accelerated
growth trajectory in recent years. Specifically, the miniapps, analogous to native apps, have enabled
super apps to construct a comprehensive ecosystem around themselves, akin to Google Play and the Apple
App Store. By doing so, they not only enhance the host's functionalities, but also bestow an elevated
level of convenience upon mobile users. Nevertheless, the surging popularity of these apps, such as
WeChat, Alipay, TikTok, and Grab, has resulted in an immense volume of user data being generated,
stored, and transmitted via these platforms. With their integration of diverse services within a single
platform or application, these super apps pose significant security and privacy challenges. This
burgeoning issue has caught the attention of not just users, but also researchers and regulatory
authorities.
Building on this evolving landscape, the integration of large language models (LLMs) into mobile apps
opens a new research frontier, generating an unforeseen paradigm of LLM-empowered mobile super apps.
Many of such LLM-driven apps, acting as autonomous agents with broad privileges, offer enhanced
functionality by managing traditional miniapps, traditional mobile apps, and any other external tools
(e.g., smart-home devices, third-party Web services) accessible to the super apps. Yet, this evolution
also presents significant challenges, including potential data exposure and heightened cybersecurity
risks. Addressing these concerns calls for new studies in secure architecture design, permission
management, root trust frameworks, and innovative threat models for LLM-enabled mobile super app and
super app development ecosystems.
In light of these developments, the ACM Workshop on Security and Privacy of AI-Empowered Mobile Super
Apps (SaTS 2025), co-located with ACM CCS 2025, is a highly relevant and timely event. Super apps are
rapidly becoming indispensable tools for communication, entertainment, and commerce, while
simultaneously raising crucial security and privacy issues. By fostering discussion and collaboration
among researchers and practitioners, this workshop aims to address these concerns and provide insights
and solutions to the security community, industry, and society at large. The objective of SaTS 2025 is
to turn the spotlight on these concerns and foster an environment of knowledge exchange and
problem-solving.
Important Dates (hard deadline)
| Paper Submission Deadline | |
| Acceptance Notification | |
| Camera-ready Deadline | August 22nd, 2025 (AoE, UTC-12) |
| Workshop | October 13th, 2025 |
Program anchor
Tentative SaTS 2025 Program
October 13 (Monday)
09:00 AM - 09:10 AM | Opening Remark
09:10 AM - 10:10 AM | Keynote Speech
Research Scientist at Google.
10:10 AM - 10:30 AM | Casual Discussion among Attendees
10:30 AM - 11:00 AM | Morning Coffee Break
11:00 AM - 12:00 PM | Paper Session 1
Stealthy Trackers: Uncovering Permission-less Fingerprinting in WeChat Miniapps
Yuqing Yang (The Ohio State University), Zhiqiang Lin (The Ohio State University)
11:30 AM - 12:00 PM
LLM-Enhanced Framework for Multi-dimensional Security Risk Analysis and Prioritization in Miniapp Ecosystems
Yuyang Han (Beijing Eletronic Science and Technology Institute), Zexiao Zou (Beijing Eletronic Science and Technology Institute), Jianyi Zhang (Beijing Electronics Science and Technology Institute), Zhiqiang Wang (Beijing Eletronic Science and Technology Institute)
12:00 PM - 01:40 PM | Lunch Break
01:40 PM - 03:00 PM | Paper Session 2
Fast Play, Fast Profit: Unveiling the Prevalence of Aggressive Ad Behaviors in Mini-Game
Pei Chen (Fudan University), Geng Hong (Fudan University), Yicheng Qin (Fudan University), Huazhe Wang (Fudan University), Mengying Wu (Fudan University), Yuan Zhang (Fudan University), Min Yang (Fudan University), Ziru Zhao (vivo Mobile Communication Co., Ltd), Yuanpeng Zhu (vivo Mobile Communication Co., Ltd), Tao Su (vivo Mobile Communication Co., Ltd)
02:00 PM - 02:30 PM
LLM-Based Detection of Authorization Processes in Mini Program
Nan Hu (Xi'an Jiaotong University), Yi Wu (China Academy of Information and Communications Technology), Zhengfan Wang (Xi'an Jiaotong University), Ming Fan (Xi'an Jiaotong University)
02:30 PM - 03:00 PM
Unmasking Logic Flaws in Miniapps: A Demo on Authorization Bypass & Weak Authentication
Yuyang Han (Beijing Electronic Science and Technology Institute), Zexiao Zou (Beijing Electronic Science and Technology Institute), Zhiqiang Wang (Beijing Electronic Science and Technology Institute), Jianyi Zhang (Beijing Electronic Science and Technology Institute)
03:00 PM - 03:30 PM | Afternoon Coffee Break
03:30 PM - 05:00 PM | Paper Session 3
Who Grants the Agent Power? Defending Against Instruction Injection via Task-Centric Access Control
Yifeng Cai (Peking University), Ziming Wang (Peking University), Zhaomeng Deng (Peking University), Mengyu Yao (Peking University), Junlin Liu (Peking University), Yutao Hu (Huazhong University of Science and Technology), Ziqi Zhang (UIUC), Yao Guo (Peking University), Ding Li (Peking University)
16:00 PM - 16:20 PM
Illicit Data Exfiltration in Miniapps via Broken Object-Level Authorization: An Empirical Study
Queping Kong (Guangzhou Forensic Science Institute & Sun Yat-sen University), Jiangrong Wu (Sun Yat-sen University), Yiming Zhang (Sun Yat-sen University), Yuhong Nan (Sun Yat-sen University), Cong Feng (Electronic Data Forensic Laboratory of Guangzhou Public Security Bureau)
16:20 PM - 16:40 PM
Detecting Logic Discrepancies in Mini-Program Frameworks
Jiangfeng Yuan (Renmin University of China), Run Lin (Renmin University of China), Wei You (Renmin University of China)
16:40 PM - 17:00 PM
Who Moved My Transaction? Uncovering Post-Transaction Auditability Vulnerabilities in Modern Super Apps
Junlin Liu (Peking University), Zhaomeng Deng (Peking University), Ziming Wang (Peking University), Mengyu Yao (Peking University), Yifeng Cai (Peking University), Yutao Hu (Huazhong University of Science and Technology), Ziqi Zhang (UIUC), Yao Guo (Peking University), Ding Li (Peking University)
05:00 PM | Best paper awards and closing remarks
Keynote anchor
Keynote
Title: Time to Deprecate Permissions? A Look at the Present and Future of Permissions
Keynote Speaker: Dr. Mihai Christodorescu, Research Scientist at Google.
Abstract:
Permissions form the bedrock of computer security, enabling precise control over data access for users.
However, the paradigm is breaking under the weight of modern system complexities, diverse application
models, and dynamic usage patterns. We are seeing a reactive explosion of permission updates across
operating systems and applications, to introduce flexibility, context-awareness, and dynamic policies.
This rapid, uncoordinated evolution has created a "permission maze": developers are frustrated by the
sheer complexity of implementing and securing these intricate access scenarios, while users are
overwhelmed by the cognitive load of understanding and managing ever-growing combinations of data access
rights. The current trajectory of incremental improvements leads to friction, not security. To
fundamentally reinvent permissions, we must shift away from treating permissions as a reactive, complex
gatekeeping mechanism to a proactive, intuitive system. This talk’s argument centers on empowering users
with permission models that can delegate control over data by aligning with user-defined goals and
intentions.
Bio:
Dr. Mihai Christodorescu is a Research Scientist at Google, where he focuses on software security and
privacy, especially for the mobile domain. His research interests are in fundamental approaches to
computer security and privacy problems by combining methods from multiple domains, from programming
languages, to machine learning, behavioral modeling, and formal methods. Most recently, he focused on
translating progress in user authentication to software service authentication and on designing
cryptographic techniques to allow users to disclose their personal data in flexible ways. He received
his Ph.D. in Computer Sciences from the University of Wisconsin–Madison in 2007. Dr. Christodorescu
holds 25 patents and has published more than 35 papers in several international conferences and
journals, including the IEEE Symposium on Security and Privacy (S&P), the ACM Conference on Computer and
Communications Security (CCS), the USENIX Security Symposium, the Annual Computer Security Applications
Conference (ACSAC), and many more.
cfp anchor
Call for Papers
Emerging AI and LLM-powered mobile super apps—offering a range of functionalities through integrated
external tools and traditional miniapps—have experienced rapid growth in recent years. Platforms such as
Operator (by OpenAI), WeChat, Slack, TikTok and Alipay unite various external tools and miniapps to
deliver services like payments, search, communication, and entertainment, thereby significantly
enhancing functionalities and user convenience. However, the integration of these external tools and
miniapps also introduces substantial security and privacy concerns, as large amounts of user data are
generated, stored, and transmitted across interconnected systems.
Building on this evolving landscape, the integration of large language models (LLMs) into mobile apps
opens a new research frontier, generating an unforeseen paradigm of LLM-empowered mobile super apps.
These LLM-driven apps, acting as autonomous agents with broad privileges, offer enhanced functionality
by managing traditional miniapps, traditional mobile apps, and any other external tools (e.g.,
smart-home devices, third-party Web services) accessible to the super apps. Yet, this evolution also
presents significant challenges, including potential data exposure and heightened cybersecurity risks.
Addressing these concerns calls for new studies in secure architecture design, permission management,
root trust frameworks, and innovative threat models for LLM-enabled mobile super app and super app
development ecosystems.
We invite researchers and practitioners to submit original research papers for the new edition of the
Workshop on Security and Privacy of AI-Empowered Mobile Super Apps (SaTS 2025), co-located with ACM CCS
2025 (see last year’s workshop at https://superappsec.github.io/2024/). The aim of this workshop is to
bring together experts from academia and industry to discuss and address the security and privacy
challenges posed by the increasing use of AI-empowered mobile super apps.
Topics of interest in this workshop include, but are not limited to, the following
categories:
- LLM-Enabled Mobile (Super) Apps
- Agentic apps (LLM-empowered apps) related external tools, traditional apps and mini-apps related to
- Secure permission management for LLM-enabled super apps
- Architecture and threat models for LLM-enabled super apps
- Privacy-preserving techniques for mobile super apps (including their miniapps)
- Security analysis of mobile super app ecosystems
- Authentication and authorization mechanisms for super apps
- Data protection and secure storage in super apps
- Privacy policies, compliance, and regulations for mobile super apps
- User behavior and privacy risk analysis
- Surveillance and censorship in mobile super apps
- Anonymity and pseudonymity in miniapp communication
- Security and privacy issues in third-party integrations
- Secure payment systems in mobile super apps
- Case studies and real-world experiences with mobile super app security and privacy
In addition, topics of interest include, but are not limited to other emerging paradigms in mobile and
ubiquitous computing, especially those related to LLM agents based mobile systems.
The PC will select a best paper award for work that distinguishes itself in advancing the security and
privacy of mobile superapps/miniapps and emerging computing paradigms through novel insights, attacks or
defenses.
Submission Instructions
Submitted papers must be in English, unpublished, and must not be currently under review for any other
publication. Submissions must be a PDF file in double-column ACM format (see ACM Proceedings Template, using the
sigconf style). We accept (1) regular papers with up to 7 pages, (2) attack/defense demos with up to 2
pages. The page limits does not include bibliography and well-marked appendices, which can be up to 2
pages long. Note that reviewers are not required to read the appendices or any supplementary material.
Authors should not change the font or the margins of the ACM format. The review process is double-blind.
All papers must be in Adobe Portable Document Format (PDF) and submitted through the web submission form
via HotCRP (submission link below).
Submission Website »
Organization anchor
Organization
Steering Committee
Adam Doupe (Arizona State University, USA)
Zhiqiang Lin (The Ohio State University, USA)
Nick Nikiforakis (Stony Brook University)
Ben Stock (CISPA)
Luyi Xing (University of Illinois Urbana-Champaign, USA)
Program Committee Chairs
Luyi Xing (University of Illinois Urbana-Champaign, USA)
Yue Xiao (IBM Research, USA)
Publicity Chair
Yuqing Yang (CISPA)
Program Committee
Adwait Nadkarni (William & Mary, USA)
Ding Li (Peking University, China)
Kaushal Kafle (University of South Florida, USA)
Omar Alrawi (Georgia Institute of Technology, USA)
Yue Xiao (IBM Research, USA)
Yue Zhang (Drexel University, USA)
Zhiqiang Lin (The Ohio State University, USA)
Xusheng Xiao (Arizona State University, USA)
Trent Jaeger (University of California, Riverside, USA)
Yuqing Yang (CISPA)