More Web Proxy on the site http://driver.im/

research-article

Public Access

Aladdin: Automating Release of Deep-Link APIs on Android

Authors:

Xuanzhe LiuAuthors Info & Claims

WWW '18: Proceedings of the 2018 World Wide Web Conference

Pages 1469 - 1478

https://doi.org/10.1145/3178876.3186059

Published: 10 April 2018 Publication History

All formats PDF

Abstract

Compared to the Web where each web page has a global URL for external access, a specific 'page' inside a mobile app cannot be easily accessed unless the user performs several steps from the landing page of this app. Recently, the concept of 'deep link' is expected to be a promising solution and has been advocated by major service providers to enable targeting and opening a specific page of an app externally with an accessible uniform resource identifier. In this paper, we present a large-scale empirical study to investigate how deep links are really adopted, over 25,000 Android apps. To our surprise, we find that deep links have quite low coverage, e.g., more than 70% and 90% of the apps do not have deep links on app stores Wandoujia and Google Play, respectively. One underlying reason is the mandatory and non-trivial manual efforts of app developers to provide APIs for deep links. We then propose the Aladdin approach along with its supporting tool to help developers practically automate the release of deep-link APIs to access locations inside their apps. Aladdin includes a novel cooperative framework by synthesizing the static analysis and the dynamic analysis while minimally engaging developers» inputs and configurations, without requiring any coding efforts or additional deployment efforts. We evaluate Aladdin with 579 popular apps and demonstrate its effectiveness and performance.

References

[1]

Android guide. http://developer.android.com/guide/components/index.html.

[2]

App links in Android 6. https://developer.android.com/training/app-links/index.html.

[3]

Baidu app link. http://applink.baidu.com.

[4]

Bing app linking. https://msdn.microsoft.com/en-us/library/dn614167.

[5]

Deeplinkdispatch. https://github.com/airbnb/DeepLinkDispatch.

[6]

Facebook app links. https://developers.facebook.com/docs/applinks.

[7]

Google app indexing. https://developers.google.com/app-indexing/.

[8]

IFTTT. https://ifttt.com/.

[9]

Mobile deep linking. https://en.wikipedia.org/wiki/Mobile_deep_linking.

[10]

Mobile deep linking. http://mobiledeeplinking.org/.

[11]

Mobile Internet use passes desktop. https://techcrunch.com/2016/11/01/mobile-internet-use-passes-desktop-for-the-first-time-study-finds.

[12]

Monkey. http://developer.android.com/tools/help/monkey.html.

[13]

MonkeyRunner. http://developer.android.com/tools/help/MonkeyRunner.html.

[14]

Ranorex. http://www.ranorex.com/.

[15]

Robotium. https://github.com/RobotiumTech/robotium.

[16]

Universal links in iOS 9. https://developer.apple.com/library/ios/documentation/General/Conceptual/AppSearch/UniversalLinks.html.

[17]

T. Azim and I. Neamtiu. Targeted and depth-first exploration for systematic testing of Android apps. In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages and Applications, OOPSLA 2013, pages 641--660, 2013.

Digital Library

[18]

T. Azim, O. Riva, and S. Nath. uLink: Enabling user-defined deep linking to app content. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016, pages 305--318, 2016.

Digital Library

[19]

P. Barros, R. Just, S. Millstein, P. Vines, W. Dietl, M. dAmorim, and M. D. Ernst. Static analysis of implicit control flow: Resolving Java reflection and Android intents. In Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015, pages 669--679, 2015.

Digital Library

[20]

O. Bastani, S. Anand, and A. Aiken. Interactively verifying absence of explicit information flows in Android apps. In Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2015, pages 299--315, 2015.

Digital Library

[21]

R. Bhoraskar, S. Han, J. Jeon, T. Azim, S. Chen, J. Jung, S. Nath, R. Wang, and D. Wetherall. Brahmastra: Driving apps to test the security of third-party components. In Proceedings of the 23rd USENIX Security Symposium, USENIX Security 2014, pages 1021--1036, 2014.

Digital Library

[22]

N. Boushehrinejadmoradi, V. Ganapathy, S. Nagarakatte, and L. Iftode. Testing cross-platform mobile app development frameworks. In Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015, pages 441--451, 2015.

Digital Library

[23]

W. Choi, G. Necula, and K. Sen. Guided GUI testing of Android apps with minimal restart and approximate learning. In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages and Applications, OOPSLA 2013, pages 623--640, 2013.

Digital Library

[24]

S. R. Choudhary, A. Gorla, and A. Orso. Automated test input generation for Android: Are we there yet? In Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015, pages 429--440, 2015.

Digital Library

[25]

J. Flinn and Z. M. Mao. Can deterministic replay be an enabling tool for mobile computing? In Proceedings of the 12th Workshop on Mobile Computing Systems and Applications, HotMobile 2011, pages 84--89, 2011.

Digital Library

[26]

L. Gomez, I. Neamtiu, T. Azim, and T. D. Millstein. RERAN: timing- and touch-sensitive record and replay for Android. In Proceedings of the 35th International Conference on Software Engineering, ICSE 2013, pages 72--81, 2013.

Digital Library

[27]

S. Hao, B. Liu, S. Nath, W. G. J. Halfond, and R. Govindan. PUMA: programmable ui-automation for large-scale dynamic analysis of mobile apps. In Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2014, pages 204--217, 2014.

Digital Library

[28]

C. Hu and I. Neamtiu. A GUI bug finding framework for Android applications. In Proceedings of the 2011 ACM Symposium on Applied Computing, SAC 2011, pages 1490--1491, 2011.

Digital Library

[29]

Y. Hu, T. Azim, and I. Neamtiu. Versatile yet lightweight record-and-replay for Android. In Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2015, pages 349--366, 2015.

Digital Library

[30]

W. Lam, Z. Wu, D. Li, W. Wang, H. Zheng, H. Luo, P. Yan, Y. Deng, and T. Xie. Record and replay for Android: are we there yet in industrial cases? In Proceedings of the 11th Joint Meeting on the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2017, pages 854--859, 2017.

Digital Library

[31]

H. Li, X. Lu, X. Liu, T. Xie, K. Bian, F. X. Lin, Q. Mei, and F. Feng. Characterizing smartphone usage patterns from millions of Android users. In Proceedings of the ACM SIGCOMM Conference on Internet Measurement, IMC 2015, pages 459--472, 2015.

Digital Library

[32]

L. Li, A. Bartel, T. F. Bissyandé, J. Klein, Y. L. Traon, S. Arzt, S. Rasthofer, E. Bodden, D. Octeau, and P. McDaniel. IccTA: Detecting inter-component privacy leaks in Android apps. In Proceedings of the 37th International Conference on Software Engineering, ICSE 2015, pages 280--291, 2015.

Digital Library

[33]

F. Liu, C. Wang, A. Pico, D. Yao, and G. Wang. Measuring the insecurity of mobile deep links of Android. In Proceedings of the 26th USENIX Security Symposium, USENIX Security 2017, pages 953--969, 2017.

[34]

X. Lu, X. Liu, H. Li, T. Xie, Q. Mei, G. Huang, and F. Feng. PRADA: Prioritizing Android devices for apps by mining large-scale usage data. In Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, pages 3--13, 2016.

Digital Library

[35]

Y. Ma, X. Liu, M. Yu, Y. Liu, Q. Mei, and F. Feng. Mash Droid: An approach to mobile-oriented dynamic services discovery and composition by in-app search. In Proceedings of 2015 IEEE International Conference on Web Services, ICWS 2015, pages 725--730, 2015.

Digital Library

[36]

A. Machiry, R. Tahiliani, and M. Naik. Dynodroid: An input generation system for Android apps. In Proceedings of the 9th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2013, pages 224--234, 2013.

Digital Library

[37]

D. Octeau, S. Jha, M. Dering, P. McDaniel, A. Bartel, L. Li, J. Klein, and Y. Le Traon. Combining static analysis with probabilistic models to enable market-scale Android inter-component analysis. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, pages 469--484, 2016.

Digital Library

[38]

D. Octeau, D. Luchaup, M. Dering, S. Jha, and P. McDaniel. Composite constant propagation: Application to Android inter-component communication analysis. In Proceedings of the 37th IEEE/ACM International Conference on Software Engineering, ICSE 2015, pages 77--88, 2015.

Digital Library

[39]

D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. L. Traon. Effective inter-component communication mapping in Android: An essential step towards holistic security analysis. In Proceedings of the 22th USENIX Security Symposium, USENIX Security 2013, pages 543--558, 2013.

Digital Library

[40]

R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie. WHYPER: Towards automating risk assessment of mobile applications. In Proceedings of the 22th USENIX Security Symposium, USENIX Security 2013, pages 527--542, 2013.

Digital Library

[41]

H. Wang, Z. Liu, Y. Guo, X. Chen, M. Zhang, G. Xu, and J. Hong. An explorative study of the mobile app ecosystem from app developers' perspective. In Proceedings of the 26th International Conference on World Wide Web, WWW 2017, pages 163--172, 2017.

Digital Library

[42]

M. Xu, Y. Ma, X. Liu, F. X. Lin, and Y. Liu. AppHolmes: Detecting and characterizing app collusion among third-party Android markets. In Proceedings of the 26th International Conference on World Wide Web, WWW 2017, pages 143--152, 2017.

Digital Library

[43]

W. Yang, M. R. Prasad, and T. Xie. A grey-box approach for automated GUI-model generation of mobile applications. In Proceedings of the 16th International Conference on Fundamental Approaches to Software Engineering, FASE 2013, pages 250--265, 2013.

Digital Library

[44]

X. Zeng, D. Li, W. Zheng, F. Xia, Y. Deng, W. Lam, W. Yang, and T. Xie. Automated test input generation for Android: Are we really there yet in an industrial case? In Proceedings of the 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2016, pages 987--992, 2016.

Digital Library

[45]

B. Zhang, E. Hill, and J. Clause. Automatically generating test templates from test names. In Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015, pages 506--511, 2015.

Digital Library

[46]

H. Zheng, D. Li, B. Liang, X. Zeng, W. Zheng, Y. Deng, W. Lam, W. Yang, and T. Xie. Automated test input generation for Android: Towards getting there in an industrial case. In Proceedings of the 39th International Conference on Software Engineering: Software Engineering in Practice Track, ICSE-SEIP 2017, pages 253--262, 2017.

Digital Library

Cited By

Hu HWang HDong RChen XChen C(2024)Enhancing GUI Exploration Coverage of Android Apps with Deep Link-Integrated MonkeyACM Transactions on Software Engineering and Methodology10.1145/366481033:6(1-31)Online publication date: 27-Jun-2024
https://dl.acm.org/doi/10.1145/3664810
Sif-Eddine MMazri T(2024)Mobile Applications Security: A Survey About Security Level and Awareness of Moroccan UsersInnovations in Smart Cities Applications Volume 710.1007/978-3-031-53824-7_54(608-622)Online publication date: 20-Feb-2024
https://doi.org/10.1007/978-3-031-53824-7_54
Liu YMa YXiao XXie TLiu X(2023)LegoDroid: flexible Android app decomposition and instant installationScience China Information Sciences10.1007/s11432-021-3528-766:4Online publication date: 27-Mar-2023
https://doi.org/10.1007/s11432-021-3528-7
Show More Cited By

Index Terms

Aladdin: Automating Release of Deep-Link APIs on Android
1. Human-centered computing
  1. Ubiquitous and mobile computing
    1. Ubiquitous and mobile computing systems and tools

Recommendations

All your app links are belong to us: understanding the threats of instant apps based attacks
ESEC/FSE 2020: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Android deep link is a URL that takes users to a specific page of a mobile app, enabling seamless user experience from a webpage to an app. Android app link, a new type of deep link introduced in Android 6.0, is claimed to offer more benefits, such as ...
Aladdin: automating release of Android deep links to in-app content
ICSE-C '17: Proceedings of the 39th International Conference on Software Engineering Companion

Unlike the Web where each web page has a global URL to reach, a specific "content page" inside a mobile app cannot be opened unless the user explores the app with several operations from the landing page. Recently, deep links have been advocated by ...
Characterizing Smartphone Usage Patterns from Millions of Android Users
IMC '15: Proceedings of the 2015 Internet Measurement Conference

he prevalence of smart devices has promoted the popular- ity of mobile applications (a.k.a. apps) in recent years. A number of interesting and important questions remain unan- swered, such as why a user likes/dislikes an app, how an app becomes popular ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

WWW '18: Proceedings of the 2018 World Wide Web Conference

April 2018

2000 pages

ISBN:9781450356398

General Chairs:
Pierre-Antoine Champin
Universitè Claude Bernard Lyon 1, France
,
Fabien Gandon
Inria, Université Côte d'Azur, CNRS, I3S, France
,
Lionel Médini
Université Claude Bernard Lyon 1, France
,
Program Chairs:
Mounia Lalmas
Spotify, UK
,
Panagiotis G. Ipeirotis
New York University, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

IW3C2: International World Wide Web Conference Committee

In-Cooperation

SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web

Publisher

International World Wide Web Conferences Steering Committee

Republic and Canton of Geneva, Switzerland

Publication History

Published: 10 April 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Natural Science Foundation of China
National Science Foundation
National Key Research and Development Program

Conference

WWW '18

Sponsor:

IW3C2

WWW '18: The Web Conference 2018

April 23 - 27, 2018

Lyon, France

Acceptance Rates

WWW '18 Paper Acceptance Rate 170 of 1,155 submissions, 15%;

Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
1,182
Total Downloads

Downloads (Last 12 months)253
Downloads (Last 6 weeks)35

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hu HWang HDong RChen XChen C(2024)Enhancing GUI Exploration Coverage of Android Apps with Deep Link-Integrated MonkeyACM Transactions on Software Engineering and Methodology10.1145/366481033:6(1-31)Online publication date: 27-Jun-2024
https://dl.acm.org/doi/10.1145/3664810
Sif-Eddine MMazri T(2024)Mobile Applications Security: A Survey About Security Level and Awareness of Moroccan UsersInnovations in Smart Cities Applications Volume 710.1007/978-3-031-53824-7_54(608-622)Online publication date: 20-Feb-2024
https://doi.org/10.1007/978-3-031-53824-7_54
Liu YMa YXiao XXie TLiu X(2023)LegoDroid: flexible Android app decomposition and instant installationScience China Information Sciences10.1007/s11432-021-3528-766:4Online publication date: 27-Mar-2023
https://doi.org/10.1007/s11432-021-3528-7
Mei HHuang GLiu XZhang Y(2022)Research on internetware: Review and prospectChinese Science Bulletin10.1360/TB-2022-058567:32(3782-3792)Online publication date: 21-Jul-2022
https://doi.org/10.1360/TB-2022-0585
Zhang XZhang Y(2022)Achieving resource-centric access control for web-app interactions on androidHigh-Confidence Computing10.1016/j.hcc.2022.1000732:3(100073)Online publication date: Sep-2022
https://doi.org/10.1016/j.hcc.2022.100073
Arsan DZaidi ASagar AKumar R(2021)App-Based Task Shortcuts for Virtual AssistantsThe 34th Annual ACM Symposium on User Interface Software and Technology10.1145/3472749.3474808(1089-1099)Online publication date: 10-Oct-2021
https://dl.acm.org/doi/10.1145/3472749.3474808
Zhang XZhang Y(2021)ReACt: A Resource-centric Access Control System for Web-app Interactions on AndroidProceedings of the Web Conference 202110.1145/3442381.3449960(1459-1470)Online publication date: 19-Apr-2021
https://doi.org/10.1145/3442381.3449960
Liu XWang SMa YZhang YMei QLiu YHuang G(2021)Operating Systems for Resource-adaptive Intelligent Software: Challenges and OpportunitiesACM Transactions on Internet Technology10.1145/342586621:2(1-19)Online publication date: 15-Mar-2021
https://dl.acm.org/doi/10.1145/3425866
He FShen LPeng X(2021)Resource Choreography in Cyber-Physical-Social Systems: Representation, Modeling and ExecutionIEEE Transactions on Services Computing10.1109/TSC.2021.3138637(1-1)Online publication date: 2021
https://doi.org/10.1109/TSC.2021.3138637
Ma YHu ZGu DZhou LMei QHuang GLiu X(2020)Roaming Through the Castle TunnelsACM Transactions on the Web10.1145/339505014:3(1-24)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3395050
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten