AutoDebloater: Automated android app debloating

Author

Jiakun LIU, Singapore Management UniversityFollow
Xing HU
Thung Ferdian, Singapore Management UniversityFollow
Shahar MAOZ
Eran TOCH
Debin GAO, Singapore Management UniversityFollow
David LO, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

9-2023

Abstract

Android applications are getting bigger with an increasing number of features. However, not all the features are needed by a specific user. The unnecessary features can increase the attack surface and cost additional resources (e.g., storage and memory). Therefore, it is important to remove unnecessary features from Android applications. However, it is difficult for the end users to fully explore the apps to identify the unnecessary features, and there is no off-the-shelf tool available to assist users to debloat the apps by themselves. In this work, we propose AutoDebloater to debloat Android applications automatically for end users. AutoDebloater is a web application that can be accessed by end-users through a web browser. In particular, AutoDebloater can automatically explore an app and identify the transitions between activities. Then, AutoDebloater will present the Activity Transition Graph to users and ask them to select the activities they do not want to keep. Finally, AutoDebloater will remove the activities that are selected by users from the app. We conducted a user study on five Android apps downloaded from three categories (i.e., Finance, Tools, and Navigation) in Google Play and F-Droid. The results show that users are satisfied with AutoDebloater in terms of the stability of the debloated apps and the ability of AutoDebloater to identify features that are never noticed before. The tool is available at http://autodebloater.club. The code is available at https://github.com/jiakun-liu/autodebloater/ and the demonstration video can be found at https://youtu.be/Gmz0-p2n9D4

Keywords

Android (operating system), Software debloating, HTTP

Discipline

Information Security

Research Areas

Intelligent Systems and Optimization

Publication

2023 38th IEEE/ACM International Conference on Automated Software Engineering, Kirchberg, Luxembourg, September 11-15: Proceedings

First Page

2090

Last Page

2093

ISBN

9798350329964

Identifier

10.1109/ASE56229.2023.00017

Publisher

IEEE

City or Country

Piscataway, NJ

Citation

LIU, Jiakun; HU, Xing; Ferdian, Thung; MAOZ, Shahar; TOCH, Eran; GAO, Debin; and LO, David. AutoDebloater: Automated android app debloating. (2023). 2023 38th IEEE/ACM International Conference on Automated Software Engineering, Kirchberg, Luxembourg, September 11-15: Proceedings. 2090-2093.
Available at: https://ink.library.smu.edu.sg/sis_research/8385

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/ASE56229.2023.00017