Research on Third-Party Libraries in Android Apps: A Taxonomy and Comprehensive Survey

Xian Zhan, Tianming Liu, Lingling Fan, li li, Sen Chen, Xiapu Luo, Yang Liu

Research output: Journal article publicationJournal articleAcademic researchpeer-review

Abstract

Third-party libraries (TPLs) have been widely used in mobile apps, which play an essential part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one hand, it can ease the development of mobile apps. On the other hand, it also brings security risks such as privacy leaks or increased attack surfaces (e.g., by introducing over-privileged permissions) to mobile apps. Although there are already many studies for characterizing third-party libraries, including automated detection, security and privacy analysis of TPLs, TPL attributes analysis, etc., what strikes us odd is that there is no systematic study to summarize those studies' endeavors. To this end, we conduct the first systematic literature review on Android TPL-related research. Following a well-defined systematic literature review protocol, we collected 74 primary research papers closely related to Android third-party library from 2012 to 2020. After carefully examining these studies, we designed a taxonomy of TPL-related research studies and conducted a systematic study to summarize current solutions, limitations, challenges and possible implications of new research directions related to third-party library analysis. We hope that these contributions can give readers a clear overview of existing TPL-related studies and inspire them to go beyond the current status quo by advancing the discipline with innovative approaches.
Original languageEnglish
Pages (from-to)1-32
JournalIEEE Transactions on Software Engineering
DOIs
Publication statusPublished - 21 Sep 2021

Fingerprint

Dive into the research topics of 'Research on Third-Party Libraries in Android Apps: A Taxonomy and Comprehensive Survey'. Together they form a unique fingerprint.

Cite this