To cite the analysis of hybrid Android Applications (e.g., using Cordova
or SAP Kapsel), please use

  Achim D. Brucker and Michael Herzberg. On the Static Analysis of
  Hybrid Mobile Apps: A Report on the State of Apache Cordova
  Nation. In International Symposium on Engineering Secure Software
  and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages
  72-88, Springer-Verlag, 2016.  doi: :10.1007/978-3-319-30806-7_5

A BibTeX entry for LaTeX users is

@InCollection{	  brucker.ea:cordova-security:2016,
  author	= {Achim D. Brucker and Michael Herzberg},
  booktitle	= {International Symposium on Engineering Secure Software and
		  Systems (ESSoS)},
  language	= {USenglish},
  editor	= {Juan Caballero and Eric Bodden},
  publisher	= {Springer-Verlag},
  pages		= {72--88},
  talk		= {talk:brucker.ea:cordova-security:2016},
  address	= {Heidelberg},
  series	= {Lecture Notes in Computer Science},
  number	= {9639},
  title		= {On the Static Analysis of Hybrid Mobile Apps: A Report on
		  the State of Apache Cordova Nation},
  year		= {2016},
  isbn		= {978-3-642-11746-6},
  classification= {conference},
  areas		= {security, software},
  public	= {yes},
  doi		= {10.1007/978-3-319-30806-7_5},
  pdf		= {https://www.brucker.ch/bibliography/download/2016/brucker.ea-cordova-security-2016.pdf},
  abstract	= {Developing mobile applications is a challenging business:
		  developers need to support multiple platforms and, at the
		  same time, need to cope with limited resources, as the
		  revenue generated by an average app is rather small. This
		  results in an increasing use of cross-platform development
		  frameworks that allow developing an app once and offering
		  it on multiple mobile platforms such as Android, iOS, or
		  Windows.
		  
		  Apache Cordova is a popular framework for developing
		  multi-platform apps. Cordova combines HTML5 and JavaScript
		  with native application code. Combining web and native
		  technologies creates new security challenges as, e.g., an
		  XSS attacker becomes more powerful.
		  
		  In this paper, we present a novel approach for statically
		  analysing the foreign language calls. We evaluate our
		  approach by analysing the top Cordova apps from Google
		  Play. Moreover, we report on the current state of the
		  overall quality and security of Cordova apps. },
  keywords	= {static program analysis, static application security
		  testing, Android, Cordova, hybrid mobile apps},
  url		= {https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016}
}