Demystifying Android Non-SDK APIs: Measurement and Understanding
Wed 11 May 2022 22:15 - 22:20 at ICSE room 4-even hours - Mobile Applications 2 Chair(s): Neil Ernst
During the Android app developments, the SDK is essential, which provides rich APIs to facilitate the implementations of functionalities. However, in the Android framework, there still exist plenty of non-SDK APIs that are not well documented. These non-SDK APIs can be invoked through unconventional ways, such as Java reflection. On the other hand, these APIs are not stable and may be changed or even removed in future Android versions, providing no guarantee for compatibility. From Android 9 (API level 28), Google began to strictly restrict the use of non-SDK APIs, and the corresponding checking mechanism has been integrated into the Android OS.
In this work, we systematically study the use and design of Android non-SDK APIs. Notably, we propose four research questions covering the restriction mechanism, the present usage status, malicious usage, and the API list evolution. To answer these questions, we conducted a large-scale measurement based on over 200K apps and the source code of three recent Android versions. As a result, a series of exciting and valuable findings are obtained. For example, Google’s restriction is not strong enough and can still be bypassed. Besides, app developers use only a tiny part of non-SDK APIs. Our work provides new knowledge to the research community and can help researchers improve the Android API designs.
Tue 10 MayDisplayed time zone: Eastern Time (US & Canada) change
03:00 - 04:00 | Mobile Applications 1Journal-First Papers / Technical Track at ICSE room 1-odd hours Chair(s): Luciano Baresi Politecnico di Milano | ||
03:00 5mTalk | FeatCompare: Feature Comparison for Competing Mobile Apps Leveraging User Reviews Journal-First Papers Maram Assi Queen's University, Safwat Hassan Thompson Rivers University, Yuan Tian Queens University, Kingston, Canada, Ying Zou Queen's University, Kingston, Ontario Link to publication Pre-print Media Attached | ||
03:05 5mTalk | Modx: Binary Level Partial Imported Third-Party Library Detection through Program Modularization and Semantic Matching Technical Track Can Yang Institute of Information Engineering, University of Chinese Academy of Sciences, Zhengzi Xu Nanyang Technological University, Hongxu Chen Huawei Technologies Co., Ltd., Yang Liu Nanyang Technological University, Xiaorui Gong Institute of Information Engineering, Chinese Academy of Science, Baoxu Liu Institute of Information Engineering, Chinese Academy of Sciences Pre-print Media Attached | ||
03:10 5mTalk | Large-scale Security Measurements on the Android Firmware Ecosystem Technical Track Qinsheng Hou Shandong University; Qi An Xin Group Corp., Wenrui Diao Shandong University, Yanhao Wang Qi An Xin Group Corp., Xiaofeng Liu Shandong University, Song Liu Qi An Xin Group Corp., Lingyun Ying Qi An Xin Group Corp., Shanqing Guo Shandong University, Yuanzhi Li Qi An Xin Group Corp., Meining Nie Qi An Xin Group Corp., Haixin Duan Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp. Pre-print Media Attached | ||
03:15 5mTalk | Demystifying Android Non-SDK APIs: Measurement and Understanding Technical Track Shishuai Yang Shandong University, Rui Li Shandong University, Jiongyi Chen National University of Defense Technology, Wenrui Diao Shandong University, Shanqing Guo Shandong University Pre-print Media Attached | ||
Wed 11 MayDisplayed time zone: Eastern Time (US & Canada) change
22:00 - 23:00 | Mobile Applications 2Technical Track / Journal-First Papers at ICSE room 4-even hours Chair(s): Neil Ernst University of Victoria | ||
22:00 5mTalk | FeatCompare: Feature Comparison for Competing Mobile Apps Leveraging User Reviews Journal-First Papers Maram Assi Queen's University, Safwat Hassan Thompson Rivers University, Yuan Tian Queens University, Kingston, Canada, Ying Zou Queen's University, Kingston, Ontario Link to publication Pre-print Media Attached | ||
22:05 5mTalk | Domain-Specific Analysis of Mobile App Reviews Using Keyword-Assisted Topic Models Technical Track Miroslav Tushev Amazon, Fahimeh Ebrahimi Louisiana State University, Anas "Nash" Mahmoud Louisiana State University Pre-print Media Attached | ||
22:10 5mTalk | DescribeCtx: Context-Aware Description Synthesis for Sensitive Behaviors in Mobile Apps Technical Track Shao Yang Case Western Reserve University, Yuehan Wang Nanjing University, Yuan Yao Nanjing University, Haoyu Wang Huazhong University of Science and Technology, China, Yanfang Ye Case Western Reserve University, Xusheng Xiao Case Western Reserve University DOI Pre-print Media Attached | ||
22:15 5mTalk | Demystifying Android Non-SDK APIs: Measurement and Understanding Technical Track Shishuai Yang Shandong University, Rui Li Shandong University, Jiongyi Chen National University of Defense Technology, Wenrui Diao Shandong University, Shanqing Guo Shandong University Pre-print Media Attached | ||