In this work, we report and study a phenomenon that contributes to Android API sprawls. We observe that OEM developers introduce new private APIs that are composed by copy-paste-editing full or partial code from AOSP APIs – we call such APIs, Replicas.
To quantify the prevalence of Replicas in the wild fragmented Android ecosystem, we perform the first large-scale (security) measurement study, aiming at detecting and evaluating Replicas across 342 ROMs, manufactured by 10 vendors and spanning 7 versions. Our study is motivated by the intuition that Replicas contribute to the production of bloated custom Android codebases, add to the complexity of the Android access control mechanism and updates process, and hence may lead to access control vulnerabilities.
Our study is facilitated by Repfinder, a tool that infers the core functionality of an API and detects syntactically and semantically similar APIs using static program paths. Repfinder reveals that Replicas are commonly introduced by OEMs and more importantly, they do unnecessarily introduce security enforcement anomalies. Our study thus points to the urgent need to debloat them.
Tue 29 OctDisplayed time zone: Pacific Time (US & Canada) change
13:30 - 15:00 | AndroidJournal-first Papers / Research Papers / Industry Showcase at Magnoila Chair(s): Ziyao He University of California, Irvine | ||
13:30 15mTalk | How Does Code Optimization Impact Third-party Library Detection for Android Applications? Research Papers Zifan Xie Huazhong University of Science and Technology, Ming Wen Huazhong University of Science and Technology, Tinghan Li Huazhong University of Science and Technology, Yiding Zhu Huazhong University of Science and Technology, Qinsheng Hou Shandong University; Qi An Xin Group Corp., Hai Jin Huazhong University of Science and Technology Media Attached | ||
13:45 15mTalk | MaskDroid: Robust Android Malware Detection with Masked Graph Representations Research Papers Jingnan Zheng National University of Singapore, Jiahao Liu National University of Singapore, An Zhang , Jun ZENG Huawei, Ziqi Yang Zhejiang University, Zhenkai Liang National University of Singapore, Tat-Seng Chua National University of Singapore | ||
14:00 15mTalk | A Longitudinal Analysis Of Replicas in the Wild Wild Android Research Papers Syeda Mashal Abbas Zaidi University of Waterloo, Shahpar Khan University of Waterloo, Parjanya Vyas University of Waterloo, Yousra Aafer University of Waterloo | ||
14:15 15mTalk | Android Malware Family Labeling: Perspectives from the Industry Industry Showcase Liu Wang Beijing University of Posts and Telecommunications, Haoyu Wang Huazhong University of Science and Technology, Tao Zhang Macau University of Science and Technology, Haitao Xu Zhejiang University, Guozhu Meng Institute of Information Engineering, Chinese Academy of Sciences, Peiming Gao MYbank, Ant Group, Chen Wei MYbank, Ant Group, Yi Wang | ||
14:30 15mTalk | DexBERT: Effective, Task-Agnostic and Fine-grained Representation Learning of Android Bytecode Journal-first Papers Tiezhu Sun University of Luxembourg, Kevin Allix Independent Researcher, Kisub Kim Singapore Management University, Singapore, Xin Zhou Singapore Management University, Singapore, Dongsun Kim Korea University, David Lo Singapore Management University, Tegawendé F. Bissyandé University of Luxembourg, Jacques Klein University of Luxembourg | ||
14:45 15mTalk | Same App, Different Behaviors: Uncovering Device-specific Behaviors in Android Apps Industry Showcase Zikan Dong Beijing University of Posts and Telecommunications, Yanjie Zhao Huazhong University of Science and Technology, Tianming Liu Monash Univerisity, Chao Wang University of Southern California, Guosheng Xu Beijing University of Posts and Telecommunications, Guoai Xu Harbin Institute of Technology, Shenzhen, Lin Zhang The National Computer Emergency Response Team/Coordination Center of China (CNCERT/CC), Haoyu Wang Huazhong University of Science and Technology | ||