License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/LIPIcs.ECOOP.2022.21
URN: urn:nbn:de:0030-drops-162498
Go to the corresponding LIPIcs Volume Portal

Li, Hehao ; Wang, Yizhuo ; Zhang, Yiwei ; Li, Juanru ; Gu, Dawu

PEDroid: Automatically Extracting Patches from Android App Updates

LIPIcs-ECOOP-2022-21.pdf (1 MB)


Identifying and analyzing code patches is a common practice to not only understand existing bugs but also help find and fix similar bugs in new projects. Most patch analysis techniques aim at open-source projects, in which the differentials of source code are easily identified, and some extra information such as code commit logs could be leveraged to help find and locate patches. The task, however, becomes challenging when source code as well as development logs are lacking. A typical scenario is to discover patches in an updated Android app, which requires bytecode-level analysis. In this paper, we propose an approach to automatically identify and extract patches from updated Android apps by comparing the updated versions and their predecessors. Given two Android apps (original and updated versions), our approach first identifies identical and modified methods by similarity comparison through code features and app structures. Then, it compares these modified methods with their original implementations in the original app, and detects whether a patch is applied to the modified method by analyzing the difference in internal semantics. We implemented PEDroid, a prototype patch extraction tool against Android apps, and evaluated it with a set of popular open-source apps and a set of real-world apps from different Android vendors. PEDroid identifies 28 of the 36 known patches in the former, and successfully analyzes 568 real-world app updates in the latter, among which 94.37% of updates could be completed within 20 minutes.

BibTeX - Entry

  author =	{Li, Hehao and Wang, Yizhuo and Zhang, Yiwei and Li, Juanru and Gu, Dawu},
  title =	{{PEDroid: Automatically Extracting Patches from Android App Updates}},
  booktitle =	{36th European Conference on Object-Oriented Programming (ECOOP 2022)},
  pages =	{21:1--21:31},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-225-9},
  ISSN =	{1868-8969},
  year =	{2022},
  volume =	{222},
  editor =	{Ali, Karim and Vitek, Jan},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{},
  URN =		{urn:nbn:de:0030-drops-162498},
  doi =		{10.4230/LIPIcs.ECOOP.2022.21},
  annote =	{Keywords: Diffing, Patch Identification, Android App Analysis, App Evolution}

Keywords: Diffing, Patch Identification, Android App Analysis, App Evolution
Collection: 36th European Conference on Object-Oriented Programming (ECOOP 2022)
Issue Date: 2022
Date of publication: 23.06.2022
Supplementary Material: Software (ECOOP 2022 Artifact Evaluation approved artifact):

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI