Same App, Different Behaviors: Uncovering Device-specific Behaviors in Android Apps
The Android ecosystem is significantly challenged by fragmentation, arising from diverse system versions, device specifications, and manufacturer customizations. The growing divergence among devices leads to marked variations in how a given app behaves across diverse devices. This is referred to as...
Uložené v:
| Vydané v: | IEEE/ACM International Conference on Automated Software Engineering : [proceedings] s. 2099 - 2109 |
|---|---|
| Hlavní autori: | , , , , , , , |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
ACM
27.10.2024
|
| Predmet: | |
| ISSN: | 2643-1572 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | The Android ecosystem is significantly challenged by fragmentation, arising from diverse system versions, device specifications, and manufacturer customizations. The growing divergence among devices leads to marked variations in how a given app behaves across diverse devices. This is referred to as device-specific behaviors. Fragmentation not only complicates development processes but also impacts the overall industry by increasing maintenance costs and potentially harming user experience due to inconsistent app performance. In this work, we present the first large-scale empirical study of device-specific behaviors in real-world Android apps. We have designed a three-phase static analysis framework to accurately detect and understand the device-specific behaviors. Upon employing our tool on a dataset comprising more than 20,000 apps, we detected device-specific behaviors in 2,357 of them. By examining the distribution of device-specific behaviors, our analysis revealed that apps within the Chinese third-party app market exhibit more such behaviors compared to their counterparts in Google Play. Additionally, these behaviors are more likely to feature dominant brands that hold larger market shares. Reflecting this, we have classified these device-specific behaviors into 29 categories based on the functionalities implemented, providing a structured insight that is crucial for developers and stakeholders in the industry. Beyond the common behaviors, such as issue fixes and feature adaptations, we have observed 33 aggressive apps, including popular ones with millions of downloads. These apps abuse system properties of customized ROMs to obtain user-unresettable identifiers without requiring any permissions, posing significant privacy risks. Finally, we investigated the origins of device-specific behaviors, highlighting the significant challenges developers encounter in implementing them comprehensively. Our research aims to inform and equip industry practitioners with knowledge to enhance user experience and user privacy, marking a critical step toward addressing the less touched yet vital aspect of device-specific behaviors in the Android ecosystem. |
|---|---|
| AbstractList | The Android ecosystem is significantly challenged by fragmentation, arising from diverse system versions, device specifications, and manufacturer customizations. The growing divergence among devices leads to marked variations in how a given app behaves across diverse devices. This is referred to as device-specific behaviors. Fragmentation not only complicates development processes but also impacts the overall industry by increasing maintenance costs and potentially harming user experience due to inconsistent app performance. In this work, we present the first large-scale empirical study of device-specific behaviors in real-world Android apps. We have designed a three-phase static analysis framework to accurately detect and understand the device-specific behaviors. Upon employing our tool on a dataset comprising more than 20,000 apps, we detected device-specific behaviors in 2,357 of them. By examining the distribution of device-specific behaviors, our analysis revealed that apps within the Chinese third-party app market exhibit more such behaviors compared to their counterparts in Google Play. Additionally, these behaviors are more likely to feature dominant brands that hold larger market shares. Reflecting this, we have classified these device-specific behaviors into 29 categories based on the functionalities implemented, providing a structured insight that is crucial for developers and stakeholders in the industry. Beyond the common behaviors, such as issue fixes and feature adaptations, we have observed 33 aggressive apps, including popular ones with millions of downloads. These apps abuse system properties of customized ROMs to obtain user-unresettable identifiers without requiring any permissions, posing significant privacy risks. Finally, we investigated the origins of device-specific behaviors, highlighting the significant challenges developers encounter in implementing them comprehensively. Our research aims to inform and equip industry practitioners with knowledge to enhance user experience and user privacy, marking a critical step toward addressing the less touched yet vital aspect of device-specific behaviors in the Android ecosystem. |
| Author | Zhao, Yanjie Wang, Chao Xu, Guoai Wang, Haoyu Xu, Guosheng Dong, Zikan Zhang, Lin Liu, Tianming |
| Author_xml | – sequence: 1 givenname: Zikan surname: Dong fullname: Dong, Zikan organization: Beijing University of Posts and Telecommunications,Beijing,China – sequence: 2 givenname: Yanjie surname: Zhao fullname: Zhao, Yanjie organization: Huazhong University of Science and Technology,Wuhan,China – sequence: 3 givenname: Tianming surname: Liu fullname: Liu, Tianming organization: Monash University,Melbourne,Australia – sequence: 4 givenname: Chao surname: Wang fullname: Wang, Chao organization: Huazhong University of Science and Technology,Wuhan,China – sequence: 5 givenname: Guosheng surname: Xu fullname: Xu, Guosheng organization: Beijing University of Posts and Telecommunications,Beijing,China – sequence: 6 givenname: Guoai surname: Xu fullname: Xu, Guoai email: xga@hit.edu.cn organization: Harbin Institute of Technology, Shenzhen,Shenzhen,China – sequence: 7 givenname: Lin surname: Zhang fullname: Zhang, Lin email: zhanglin@cert.org.cn organization: The National Computer Emergency Response Team/Coordination Center of China (CNCERT/CC),Beijing,China – sequence: 8 givenname: Haoyu surname: Wang fullname: Wang, Haoyu organization: Huazhong University of Science and Technology,Wuhan,China |
| BookMark | eNpFjr1OwzAYRQ0CiVIyszD4AUjx59-YLbT8SZUYSufKiT-DJepEThWJt28QSEznDkdH95KcpS4hIdfAFgBS3QltQXO2mKi44SeksMZWkjEDXFbmlMy4lqIEZfgFKYYhNmyaSgPoGdls3B5p3fe3dBVDwIzpQB_w042xy8M93aa2GzHH9EFXOMYWy6HHNobY_ls0Jlonn7vof0rDFTkP7mvA4o9zsn16fF--lOu359dlvS7d9OtQWu3AWwBe-Qpk07TMCq2k4By11-A0Q9NOTtUE70CBRwG6MaCCCcFIJ-bk5rcbEXHX57h3-XsHzGhprRJHLbVRdg |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1145/3691620.3695272 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798400712487 |
| EISSN | 2643-1572 |
| EndPage | 2109 |
| ExternalDocumentID | 10764995 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Research and Development funderid: 10.13039/100006190 |
| GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN 6J9 AAJGR AAWTH ABLEC ACREN ADYOE ADZIZ AFYQB ALMA_UNASSIGNED_HOLDINGS AMTXH BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL |
| ID | FETCH-LOGICAL-a248t-96a1d91128d814bbc093654322e6d61a60e7c6a18bfda151de316b715f7ff74a3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 1 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001353105400171&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Jan 15 06:20:43 EST 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a248t-96a1d91128d814bbc093654322e6d61a60e7c6a18bfda151de316b715f7ff74a3 |
| PageCount | 11 |
| ParticipantIDs | ieee_primary_10764995 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-Oct.-27 |
| PublicationDateYYYYMMDD | 2024-10-27 |
| PublicationDate_xml | – month: 10 year: 2024 text: 2024-Oct.-27 day: 27 |
| PublicationDecade | 2020 |
| PublicationTitle | IEEE/ACM International Conference on Automated Software Engineering : [proceedings] |
| PublicationTitleAbbrev | ASE |
| PublicationYear | 2024 |
| Publisher | ACM |
| Publisher_xml | – name: ACM |
| SSID | ssib057256116 ssj0051577 |
| Score | 2.2791817 |
| Snippet | The Android ecosystem is significantly challenged by fragmentation, arising from diverse system versions, device specifications, and manufacturer... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 2099 |
| SubjectTerms | Ecosystems Industries Performance evaluation Privacy Security Software engineering Software reliability Stakeholders Static analysis User experience |
| Title | Same App, Different Behaviors: Uncovering Device-specific Behaviors in Android Apps |
| URI | https://ieeexplore.ieee.org/document/10764995 |
| WOSCitedRecordID | wos001353105400171&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV27TsMwFLVoxcBUHkW85YERQ-zYvg4rpWKqKpVK3So_bqQOpKhN-X7sNKUsDGyRZVmWH_ecJPfcQ8i9h8LaIAvmpXNMeovM2QKYUsJw6_Ogs7Ixm4DRyMxmxbgVqzdaGERsks_wMT02__LD0m_Sp7J4w0FHhq46pAOgt2Kt3eFREMGbJ66zDcMRpwHaWj5cqqdcRyIk4juqLpRI9YB_mak0WDLs_XMWx6S_V-XR8Q_enJADrE5Jb2fLQNtbekYmE_uBNNLLBzpo7U9q2tZBXK2f6bTyKW8zjkEHmAIFS3LLlDK070UXFU25jstFSCOt-2Q6fH1_eWOtdwKzQpqaFdryEAOZMMHwuA0-K_IkIxUCddDc6gzBxz7GlcFG1A-Yc-2AqxLKEqTNz0m3WlZ4QWgurAtOo1Yik2hL4zITvDOlSylSAS5JPy3S_HNbHmO-W5-rP9qvyZGIzCABgIAb0q1XG7wlh_6rXqxXd82mfgOZrKKt |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3JTsMwFLSgIMGpLEXs-MARQ-zEG1egKqJUldpKvVVeXqQeSFGb8v3YaUq5cOAWWZZleXkzSd68QejWSW2MzzRxmbUkcwaINVoSzpmixqVeJHllNiF7PTUe634tVq-0MABQJZ_BfXys_uX7mVvGT2XhhksRGDrfRjvROquWa62PD5cBvmlkO6tAHJBayrqaD834QyoCFWLhLVVozmJF4F92KhWatJv_nMcBam10ebj_gziHaAuKI9RcGzPg-p4eo8HAfAAOBPMOP9cGKCWuKyHOF494VLiYuRnGwM8QQwWJgsuYNLTphacFjtmOs6mPIy1aaNR-GT51SO2eQAzLVEm0MNSHUMaUVzRshEt0GoWkjIHwghqRgHShj7K5NwH3PaRUWEl5LvNcZiY9QY1iVsApwikz1lsBgrMkA5MrmyjvrMptTJLy8gy14iJNPlcFMibr9Tn_o_0G7XWG791J97X3doH2WeAJEQ6YvESNcr6EK7TrvsrpYn5dbfA3RG-l9g |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=IEEE%2FACM+International+Conference+on+Automated+Software+Engineering+%3A+%5Bproceedings%5D&rft.atitle=Same+App%2C+Different+Behaviors%3A+Uncovering+Device-specific+Behaviors+in+Android+Apps&rft.au=Dong%2C+Zikan&rft.au=Zhao%2C+Yanjie&rft.au=Liu%2C+Tianming&rft.au=Wang%2C+Chao&rft.date=2024-10-27&rft.pub=ACM&rft.eissn=2643-1572&rft.spage=2099&rft.epage=2109&rft_id=info:doi/10.1145%2F3691620.3695272&rft.externalDocID=10764995 |