{"id":"https://openalex.org/W4220710328","doi":"https://doi.org/10.1109/tdsc.2022.3160872","title":"A Systematic Study of Android Non-SDK (Hidden) Service API Security","display_name":"A Systematic Study of Android Non-SDK (Hidden) Service API Security","publication_year":2022,"publication_date":"2022-03-22","ids":{"openalex":"https://openalex.org/W4220710328","doi":"https://doi.org/10.1109/tdsc.2022.3160872"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2022.3160872","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3160872","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2203.09374","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5115053616","display_name":"Yi He","orcid":"https://orcid.org/0000-0002-1807-4185"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yi He","raw_affiliation_strings":["Institute for Network Sciences and Cyberspace and Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute for Network Sciences and Cyberspace and Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101152479","display_name":"Yacong Gu","orcid":"https://orcid.org/0000-0003-2221-5689"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yacong Gu","raw_affiliation_strings":["Institute of Software, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Software, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010291758","display_name":"Purui Su","orcid":"https://orcid.org/0000-0001-6701-0383"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Purui Su","raw_affiliation_strings":["Institute of Software, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-6701-0383","affiliations":[{"raw_affiliation_string":"Institute of Software, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026728546","display_name":"Kun Sun","orcid":"https://orcid.org/0000-0003-4152-2107"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kun Sun","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA"],"raw_orcid":"https://orcid.org/0000-0003-4152-2107","affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088790914","display_name":"Yajin Zhou","orcid":"https://orcid.org/0000-0001-7610-4736"},"institutions":[{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yajin Zhou","raw_affiliation_strings":["Institute of Cyber Security Research, Zhejiang University, Hangzhou, China"],"raw_orcid":"https://orcid.org/0000-0001-7610-4736","affiliations":[{"raw_affiliation_string":"Institute of Cyber Security Research, Zhejiang University, Hangzhou, China","institution_ids":["https://openalex.org/I76130692"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100376392","display_name":"Zhi Wang","orcid":"https://orcid.org/0000-0002-3252-9254"},"institutions":[{"id":"https://openalex.org/I103163165","display_name":"Florida State University","ror":"https://ror.org/05g3dte14","country_code":"US","type":"education","lineage":["https://openalex.org/I103163165"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhi Wang","raw_affiliation_strings":["Department of Computer Science, Florida State University, Tallahassee, FL, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Florida State University, Tallahassee, FL, USA","institution_ids":["https://openalex.org/I103163165"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100350165","display_name":"Qi Li","orcid":"https://orcid.org/0000-0001-8776-8730"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qi Li","raw_affiliation_strings":["Institute for Network Sciences and Cyberspace and Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-8776-8730","affiliations":[{"raw_affiliation_string":"Institute for Network Sciences and Cyberspace and Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5115053616"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":1.6367,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.82613049,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"20","issue":"2","first_page":"1609","last_page":"1623"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9864000082015991,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8613958358764648},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.681860625743866},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6718062162399292},{"id":"https://openalex.org/keywords/blacklist","display_name":"Blacklist","score":0.5026323795318604},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4069443941116333},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.19677406549453735}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8613958358764648},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.681860625743866},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6718062162399292},{"id":"https://openalex.org/C2781345505","wikidata":"https://www.wikidata.org/wiki/Q2535979","display_name":"Blacklist","level":2,"score":0.5026323795318604},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4069443941116333},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.19677406549453735}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tdsc.2022.3160872","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3160872","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:2203.09374","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2203.09374","pdf_url":"https://arxiv.org/pdf/2203.09374","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2203.09374","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2203.09374","pdf_url":"https://arxiv.org/pdf/2203.09374","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"score":0.6100000143051147,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W1491178396","https://openalex.org/W1578479379","https://openalex.org/W1582716752","https://openalex.org/W1680232729","https://openalex.org/W1912565424","https://openalex.org/W1971497680","https://openalex.org/W1985752637","https://openalex.org/W1988036170","https://openalex.org/W1994588724","https://openalex.org/W2003276999","https://openalex.org/W2041276426","https://openalex.org/W2060882673","https://openalex.org/W2064853889","https://openalex.org/W2078197322","https://openalex.org/W2087804676","https://openalex.org/W2088983597","https://openalex.org/W2090465075","https://openalex.org/W2107816859","https://openalex.org/W2140095007","https://openalex.org/W2153497135","https://openalex.org/W2153542583","https://openalex.org/W2171240827","https://openalex.org/W2273325114","https://openalex.org/W2294170611","https://openalex.org/W2343262485","https://openalex.org/W2398354233","https://openalex.org/W2399034518","https://openalex.org/W2509304370","https://openalex.org/W2573570214","https://openalex.org/W2573729132","https://openalex.org/W2626290556","https://openalex.org/W2751955863","https://openalex.org/W2765339069","https://openalex.org/W2766073406","https://openalex.org/W2784849271","https://openalex.org/W2789555918","https://openalex.org/W2890471546","https://openalex.org/W2971244706","https://openalex.org/W2994661026","https://openalex.org/W3027167064","https://openalex.org/W3213188189","https://openalex.org/W4252403066","https://openalex.org/W4389153480","https://openalex.org/W6637412253","https://openalex.org/W6640059210","https://openalex.org/W6682754051","https://openalex.org/W6697491314","https://openalex.org/W6712318706","https://openalex.org/W6712520696","https://openalex.org/W6748014466"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W3172840274","https://openalex.org/W2245533262","https://openalex.org/W50122730","https://openalex.org/W3129811130","https://openalex.org/W2265547225","https://openalex.org/W4379616178","https://openalex.org/W3185731761","https://openalex.org/W2890815241"],"abstract_inverted_index":{"Android":[0,163,197,208,219,247,255],"allows":[1],"apps":[2,16],"to":[3,35,86,100,120,134,148,175,196,242],"communicate":[4],"with":[5,210,230],"its":[6],"system":[7,10,24,28],"services":[8,29],"via":[9,52],"service":[11,33,47,183,189],"helpers":[12,34,48],"so":[13],"that":[14,157],"these":[15,117],"can":[17,109,158,240],"use":[18],"various":[19,84],"functions":[20],"provided":[21],"by":[22],"the":[23,27,42,46,55,60,93,103,107,122,131,135,141,178,187,237],"services.":[25],"Meanwhile,":[26],"rely":[30],"on":[31,254],"their":[32],"enforce":[36],"security":[37,43,65,180,244],"checks":[38,44],"for":[39],"protection.":[40],"Unfortunately,":[41],"in":[45,161,207,218,246],"may":[49],"be":[50,159],"bypassed":[51],"directly":[53],"exploiting":[54,116],"non-SDK":[56,104],"(hidden)":[57],"APIs,":[58],"degrading":[59],"stability":[61],"and":[62,78,139,186,221,249],"posing":[63],"severe":[64,243],"threats":[66],"such":[67],"as":[68],"privilege":[69],"escalation,":[70],"automatic":[71],"function":[72],"execution":[73],"without":[74],"users\u2019":[75],"interactions,":[76],"crashes,":[77],"DoS":[79],"attacks.":[80],"Google":[81],"has":[82],"proposed":[83],"approaches":[85],"address":[87],"this":[88,126],"problem,":[89],"e.g.,":[90],"case-by-case":[91],"fixing":[92],"bugs":[94],"or":[95],"even":[96],"proposing":[97],"a":[98,167,211],"blacklist":[99],"block":[101],"all":[102],"APIs.":[105,190],"However,":[106],"developers":[108],"still":[110,153],"figure":[111],"out":[112],"new":[113],"ways":[114],"of":[115,143,236,251],"hidden":[118,136,155,188,228],"APIs":[119,156,229,239],"evade":[121],"non-SDKs":[123],"restrictions.":[124],"In":[125],"article,":[127],"we":[128,223],"systematically":[129],"study":[130],"vulnerabilities":[132,206],"due":[133],"API":[137],"exploitation":[138],"analyze":[140],"effectiveness":[142],"Google\u2019s":[144],"countermeasures.":[145],"We":[146,165,191],"aim":[147],"answer":[149],"if":[150],"there":[151],"are":[152],"vulnerable":[154,238],"exploited":[160],"newest":[162],"12.":[164,201,256],"develop":[166],"static":[168],"analysis":[169],"tool":[170,203],"called":[171],"<inline-formula><tex-math":[172,193,199],"notation=\"LaTeX\">${{\\sf":[173,194],"ServiceAudit}}$</tex-math></inline-formula>":[174,195],"automatically":[176],"mine":[177],"inconsistent":[179,231],"enforcement":[181],"between":[182],"helper":[184],"classes":[185],"apply":[192],"6":[198,209],"notation=\"LaTeX\">$\\sim$</tex-math></inline-formula>":[200],"Our":[202],"discovers":[204],"112":[205],"higher":[212],"precision":[213],"than":[214,226],"existing":[215],"approaches.":[216],"Moreover,":[217],"11":[220],"12,":[222],"identify":[224],"more":[225],"25":[227],"protections;":[232],"however,":[233],"only":[234],"one":[235],"lead":[241],"problem":[245],"11,":[248],"none":[250],"them":[252],"work":[253]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":1}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}