Accessing inaccessible android APIs: an empirical study

Li Li; Tegawendé F. Bissyandé; Yves Le Traon; Jacques Klein

doi:10.1109/ICSME.2016.35

Accessing inaccessible android APIs: an empirical study

Li Li, Tegawendé F. Bissyandé, Yves Le Traon, Jacques Klein

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

22 Citations (Scopus)

Abstract

As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

Original language	English
Title of host publication	Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016
Editors	Bram Adams, Denys Poshyvanyk
Place of Publication	Piscataway NJ USA
Publisher	IEEE, Institute of Electrical and Electronics Engineers
Pages	411-422
Number of pages	12
ISBN (Electronic)	9781509038060
ISBN (Print)	9781509038077
DOIs	https://doi.org/10.1109/ICSME.2016.35
Publication status	Published - 2017
Externally published	Yes
Event	IEEE International Conference on Software Maintenance and Evolution 2016 - Raleigh, United States of America Duration: 2 Oct 2016 → 10 Oct 2016 Conference number: 32nd http://icsme2016.github.io/ https://ieeexplore.ieee.org/xpl/conhome/7807393/proceeding (Proceedings)

Conference

Conference	IEEE International Conference on Software Maintenance and Evolution 2016
Abbreviated title	ICSME 2016
Country	United States of America
City	Raleigh
Period	2/10/16 → 10/10/16
Internet address	http://icsme2016.github.io/ https://ieeexplore.ieee.org/xpl/conhome/7807393/proceeding (Proceedings)

Access to Document

10.1109/ICSME.2016.35

Link to publication in Scopus

Cite this

Li, L., Bissyandé, T. F., Le Traon, Y., & Klein, J. (2017). Accessing inaccessible android APIs: an empirical study. In B. Adams, & D. Poshyvanyk (Eds.), Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016 (pp. 411-422). [7816486] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICSME.2016.35

@inproceedings{5b2975b281d84c1b94479229faa36347,

title = "Accessing inaccessible android APIs: an empirical study",

abstract = "As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally {"}inaccessible{"} APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.",

author = "Li Li and Bissyand{\'e}, {Tegawend{\'e} F.} and {Le Traon}, Yves and Jacques Klein",

year = "2017",

doi = "10.1109/ICSME.2016.35",

language = "English",

isbn = "9781509038077",

pages = "411--422",

editor = "Adams, {Bram } and Poshyvanyk, {Denys }",

booktitle = "Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

address = "United States of America",

note = "IEEE International Conference on Software Maintenance and Evolution 2016, ICSME 2016 ; Conference date: 02-10-2016 Through 10-10-2016",

url = "http://icsme2016.github.io/, https://ieeexplore.ieee.org/xpl/conhome/7807393/proceeding",

}

Li, L, Bissyandé, TF, Le Traon, Y & Klein, J 2017, Accessing inaccessible android APIs: an empirical study. in B Adams & D Poshyvanyk (eds), Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016., 7816486, IEEE, Institute of Electrical and Electronics Engineers, Piscataway NJ USA, pp. 411-422, IEEE International Conference on Software Maintenance and Evolution 2016, Raleigh, United States of America, 2/10/16. https://doi.org/10.1109/ICSME.2016.35

Accessing inaccessible android APIs : an empirical study. / Li, Li; Bissyandé, Tegawendé F.; Le Traon, Yves; Klein, Jacques.

Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. ed. / Bram Adams; Denys Poshyvanyk. Piscataway NJ USA : IEEE, Institute of Electrical and Electronics Engineers, 2017. p. 411-422 7816486.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Accessing inaccessible android APIs

T2 - IEEE International Conference on Software Maintenance and Evolution 2016

AU - Li, Li

AU - Bissyandé, Tegawendé F.

AU - Le Traon, Yves

AU - Klein, Jacques

N1 - Conference code: 32nd

PY - 2017

Y1 - 2017

N2 - As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

AB - As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

UR - http://www.scopus.com/inward/record.url?scp=85013124219&partnerID=8YFLogxK

U2 - 10.1109/ICSME.2016.35

DO - 10.1109/ICSME.2016.35

M3 - Conference Paper

AN - SCOPUS:85013124219

SN - 9781509038077

SP - 411

EP - 422

BT - Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016

A2 - Adams, Bram

A2 - Poshyvanyk, Denys

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - Piscataway NJ USA

Y2 - 2 October 2016 through 10 October 2016

ER -

Li L, Bissyandé TF, Le Traon Y, Klein J. Accessing inaccessible android APIs: an empirical study. In Adams B, Poshyvanyk D, editors, Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers. 2017. p. 411-422. 7816486 https://doi.org/10.1109/ICSME.2016.35