Accessing inaccessible android APIs

an empirical study

Li Li, Tegawendé F. Bissyandé, Yves Le Traon, Jacques Klein

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

Abstract

As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016
EditorsBram Adams, Denys Poshyvanyk
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages411-422
Number of pages12
ISBN (Electronic)9781509038060
ISBN (Print)9781509038077
DOIs
Publication statusPublished - 2017
Externally publishedYes
EventIEEE International Conference on Software Maintenance and Evolution 2016 - Raleigh, United States of America
Duration: 2 Oct 201610 Oct 2016
Conference number: 32nd
http://icsme2016.github.io/

Conference

ConferenceIEEE International Conference on Software Maintenance and Evolution 2016
Abbreviated titleICSME 2016
CountryUnited States of America
CityRaleigh
Period2/10/1610/10/16
Internet address

Cite this

Li, L., Bissyandé, T. F., Le Traon, Y., & Klein, J. (2017). Accessing inaccessible android APIs: an empirical study. In B. Adams, & D. Poshyvanyk (Eds.), Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016 (pp. 411-422). [7816486] Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICSME.2016.35
Li, Li ; Bissyandé, Tegawendé F. ; Le Traon, Yves ; Klein, Jacques. / Accessing inaccessible android APIs : an empirical study. Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. editor / Bram Adams ; Denys Poshyvanyk. Piscataway NJ USA : IEEE, Institute of Electrical and Electronics Engineers, 2017. pp. 411-422
@inproceedings{5b2975b281d84c1b94479229faa36347,
title = "Accessing inaccessible android APIs: an empirical study",
abstract = "As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally {"}inaccessible{"} APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.",
author = "Li Li and Bissyand{\'e}, {Tegawend{\'e} F.} and {Le Traon}, Yves and Jacques Klein",
year = "2017",
doi = "10.1109/ICSME.2016.35",
language = "English",
isbn = "9781509038077",
pages = "411--422",
editor = "Adams, {Bram } and Poshyvanyk, {Denys }",
booktitle = "Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States of America",

}

Li, L, Bissyandé, TF, Le Traon, Y & Klein, J 2017, Accessing inaccessible android APIs: an empirical study. in B Adams & D Poshyvanyk (eds), Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016., 7816486, IEEE, Institute of Electrical and Electronics Engineers, Piscataway NJ USA, pp. 411-422, IEEE International Conference on Software Maintenance and Evolution 2016, Raleigh, United States of America, 2/10/16. https://doi.org/10.1109/ICSME.2016.35

Accessing inaccessible android APIs : an empirical study. / Li, Li; Bissyandé, Tegawendé F.; Le Traon, Yves; Klein, Jacques.

Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. ed. / Bram Adams; Denys Poshyvanyk. Piscataway NJ USA : IEEE, Institute of Electrical and Electronics Engineers, 2017. p. 411-422 7816486.

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

TY - GEN

T1 - Accessing inaccessible android APIs

T2 - an empirical study

AU - Li, Li

AU - Bissyandé, Tegawendé F.

AU - Le Traon, Yves

AU - Klein, Jacques

PY - 2017

Y1 - 2017

N2 - As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

AB - As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

UR - http://www.scopus.com/inward/record.url?scp=85013124219&partnerID=8YFLogxK

U2 - 10.1109/ICSME.2016.35

DO - 10.1109/ICSME.2016.35

M3 - Conference Paper

SN - 9781509038077

SP - 411

EP - 422

BT - Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016

A2 - Adams, Bram

A2 - Poshyvanyk, Denys

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - Piscataway NJ USA

ER -

Li L, Bissyandé TF, Le Traon Y, Klein J. Accessing inaccessible android APIs: an empirical study. In Adams B, Poshyvanyk D, editors, Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers. 2017. p. 411-422. 7816486 https://doi.org/10.1109/ICSME.2016.35