Accessing inaccessible android APIs: An empirical study

Li Li, Tegawendé F. Bissyandé, Yves Le Traon, Jacques Klein

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

Abstract

As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

LanguageEnglish
Title of host publicationProceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages411-422
Number of pages12
ISBN (Electronic)9781509038060
DOIs
Publication statusPublished - 12 Jan 2017
Externally publishedYes
EventIEEE International Conference on Software Maintenance and Evolution 2016 - Raleigh, United States
Duration: 2 Oct 201610 Oct 2016
Conference number: 32nd
http://icsme2016.github.io/

Conference

ConferenceIEEE International Conference on Software Maintenance and Evolution 2016
Abbreviated titleICSME 2016
CountryUnited States
CityRaleigh
Period2/10/1610/10/16
Internet address

Cite this

Li, L., Bissyandé, T. F., Le Traon, Y., & Klein, J. (2017). Accessing inaccessible android APIs: An empirical study. In Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016 (pp. 411-422). [7816486] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICSME.2016.35
Li, Li ; Bissyandé, Tegawendé F. ; Le Traon, Yves ; Klein, Jacques. / Accessing inaccessible android APIs : An empirical study. Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. IEEE, Institute of Electrical and Electronics Engineers, 2017. pp. 411-422
@inproceedings{5b2975b281d84c1b94479229faa36347,
title = "Accessing inaccessible android APIs: An empirical study",
abstract = "As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally {"}inaccessible{"} APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.",
author = "Li Li and Bissyand{\'e}, {Tegawend{\'e} F.} and {Le Traon}, Yves and Jacques Klein",
year = "2017",
month = "1",
day = "12",
doi = "10.1109/ICSME.2016.35",
language = "English",
pages = "411--422",
booktitle = "Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Li, L, Bissyandé, TF, Le Traon, Y & Klein, J 2017, Accessing inaccessible android APIs: An empirical study. in Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016., 7816486, IEEE, Institute of Electrical and Electronics Engineers, pp. 411-422, IEEE International Conference on Software Maintenance and Evolution 2016, Raleigh, United States, 2/10/16. https://doi.org/10.1109/ICSME.2016.35

Accessing inaccessible android APIs : An empirical study. / Li, Li; Bissyandé, Tegawendé F.; Le Traon, Yves; Klein, Jacques.

Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. IEEE, Institute of Electrical and Electronics Engineers, 2017. p. 411-422 7816486.

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

TY - GEN

T1 - Accessing inaccessible android APIs

T2 - An empirical study

AU - Li, Li

AU - Bissyandé, Tegawendé F.

AU - Le Traon, Yves

AU - Klein, Jacques

PY - 2017/1/12

Y1 - 2017/1/12

N2 - As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

AB - As Android becomes a de-facto choice of development platform for mobile apps, developers extensively leverage its accompanying Software Development Kit to quickly build their apps. This SDK comes with a set of APIs which developers may find limited in comparison to what system apps can do or what framework developers are preparing to harness capabilities of new generation devices. Thus, developers may attempt to explore in advance the normally "inaccessible" APIs for building unique API-based functionality in their app. The Android programming model is unique in its kind. Inaccessible APIs, which however are used by developers, constitute yet another specificity of Android development, and is worth investigating to understand what they are, how they evolve over time, and who uses them. To that end, in this work, we empirically investigate 17 important releases of the Android framework source code base, and we find that inaccessible APIs are commonly implemented in the Android framework, which are further neither forward nor backward compatible. Moreover, a small set of inaccessible APIs can eventually become publicly accessible, while most of them are removed during the evolution, resulting in risks for such apps that have leveraged inaccessible APIs. Finally, we show that inaccessible APIs are indeed accessed by third-party apps, and the official Google Play store has tolerated the proliferation of apps leveraging inaccessible API methods.

UR - http://www.scopus.com/inward/record.url?scp=85013124219&partnerID=8YFLogxK

U2 - 10.1109/ICSME.2016.35

DO - 10.1109/ICSME.2016.35

M3 - Conference Paper

SP - 411

EP - 422

BT - Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Li L, Bissyandé TF, Le Traon Y, Klein J. Accessing inaccessible android APIs: An empirical study. In Proceedings - 2016 IEEE International Conference on Software Maintenance and Evolution, ICSME 2016. IEEE, Institute of Electrical and Electronics Engineers. 2017. p. 411-422. 7816486 https://doi.org/10.1109/ICSME.2016.35