Android Fragmentation Classification, Causes

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

Android Fragmentation Classification, Causes, Problems and Solutions Muhammad Kamran1, Junaid Rashid2, Muhammad Wasif Nisar3 Department of Computer Science 1,2,3 COMSATS Institute of Information Technology, Wah Cantt, Pakistan [email protected], [email protected],[email protected] Abstract— Android is the open source, a user-friendly operating system that is running on billions of devices globally ranges from phones and tablets to watches, TV, cars etc. Android open source features give raise to the issue known as android fragmentation. In this paper, we discuss Android Fragmentation from all aspects covering causes of android fragmentation, the problem faced by researchers and developers due to fragmentation and solutions to handle android fragmentation. Keywords— Android Fragmentation, Android Fragmentation Classification, Android Fragmentation Causes, Android Fragmentation Problems, Android Fragmentation Solutions.

I. INTRODUCTION operating system (OS) [30] is developed by the AOpen Handset Alliance (OHA) [34] that is Google-led.

The fragmentation in Android has been identified as a critical problem in among developers and has been discussed by engineers and researchers. There is no Clear explanation and benchmark solution has been proposed till now. Google's Open Source & Compatibility Program’s manager, Mr. Dan Morril, said that peoples understand the Android Fragmentation problem in different perspectives [4]. According to Dan Morrill, more than enough versions of Android operating systems, optional APIs that are inconsistent among different platforms and different User Interface skins make this problem more seriously.

NDRIOD

Android OS is open source [1]. Due to this characteristic, a number of manufacturers prefer android as the operating system for their new devices. Because of this number of different devices Android has been cause a fragmentation problem that mobile application behavior varies by devices which are developed by different manufacturers . According to the survey results of Baird Research, 86% of developers concern that Android fragmentation is a serious problem [2]. Android Fragmentation is the problem of "writing a one code for an app and run the code on all the android devices". More generally, it is inability problem to develop an application depending upon any reference operating context [36] and got the same behavior in all other operating context suitable for the application.

II. CLASSIFICATION OF ANDROID FRAGMENTATION Android fragmentation issue can be classified as operating system fragmentation and device fragmentation. Further, device fragmentation is divided into hardware fragmentation or API fragmentation. Classification of android fragmentation can be understood from figure 1

Muhammad Kamran is a regular student of MS (CS) in COMSATS Institute of information Technology, Wah Pakistan. (Phone: +92-343-5079668; Email: [email protected]). Junaid Rashid has received his MS (CS) degree from COMSATS Institute of information Technology, Wah Pakistan in 2016. (Phone: +92-332-5063060; Email: [email protected]). Dr.Muhammad Wasif Nisar is Associate Professor with the COMSATS Institute of information Technology, Wah Pakistan. (Phone: 0300-9113482; Email: [email protected]).

Fig. 1. Classification of Android Fragmentation

992

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

A. Operating System Fragmentation

Distinct Android Devices

There is a number of different operating system in Android started from Froyo to Lollipop. These different operating system for one platform leads to Operating system fragmentation. Figure 2 shows current distribution and it does not contain versions that have less than 0.1% distribution

20,000 18,000 16,000 14,000 12,000 10,000 8,000 6,000 4,000 2,000 0 2012

2013

2014

Distinct Android Devices Fig. 3. Distinct Android Devices Years Vise

C. API FRAGMENTATION Currently, there are 22 API levels and it increasing [10]. API fragmentation occurs due to modification of the underlying Android API according to different strategies of various manufacturers and service providers. III. CAUSES AND PROBLEMS A. Causes of Android Fragmentation Android Fragmentation causes the differences in Operating context. For any android application all factors other than the coding of application that impacts the tasks of application is known as Operation context (OC). The OC of android application may define as the hardware/software on the android device, target user of the application, and various stakeholders [48] like mobile network operator. For example, assume these three OC,s targeted by the android application.

Fig. 2. Distribution of Android OS [6]

B. Hardware Fragmentation There are 38 android device vendors which are officially supported by android Operating system [9]. According to open signal report dated August, 2014 [6] on android fragmentation there 18,796 distinct android based hardware devices which is 35% more than what open signal report in report dated June, 2013 [24] on android fragmentation, which was 11,868 distinct android based hardware devices which is 300% more than what open signal report dated August 2012 [26] i-e 3,997. These growing ratio of a variety of android based devices has different hardware features, most importantly different screen sizes that all causes hardware fragmentation.

OC

Target Android Device

1

Samsung Galaxy S4

Target Users Of Mobile Network Operator Telstra

2

Samsung Galaxy S5

Vodafone

3

Samsung Galaxy S5

China Unicom

TABLE I.

993

OF EXAMPLE

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

For table 1, it is assumed that the code written for android application should be different for OC1, OC2, and OC3, perhaps because it needs to access specific mobile network operator API. So it is not possible for these 3 OC,s for the same physical devices. Classification can be seen in figure 4.

Fig. 4. Operating Context Differences

B. Problems Due to Android Fragmentation Android is an open source operating system. Because of this property, there is a lot of development work and research work in the field of android. There is a huge research done on android security [37, 38, 39,40, 41, 42, ].There are many framework designs for Android security[49, 50, 51, 52, 53, 54]. Fragmentation problem also leads to security concerns in android [32]. Table 2 shows the problems related to Android fragmentation that researcher faced while researching on the different hot topic in android. From this table, we can understand that how android fragmentation is impacting in development and research.

994

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

Reference

Year

Limitation/Domain

Problems

Linares-Vásquez EtAl[10]

2013

Topic modeling techniques to extract hot topics From mobile-development related questions

Hardware fragmentation

Han, Dan, Et Al [11]

2012

Bug reports related to two popular vendors

Constitutes evidence of fragmentation and lack of portability.

Pillay, Ashwin, Et Al [12]

2013

Benefits and risks associated with bringing your own device (BYOD)

BYOD becomes challenging due android fragmentation

Tilson,Et Al[13]

2012

Paradoxes by examining the change in, and competition between apple’s ios and google’s android

Effect on the evolution

Timothy, Et Al [14]

2012

Viability of QR-code-initiated phishing attacks, or qrishing, by conducting experiments

Consistency of android fragmentation is challenge

Sbîrlea, Dragos, Et Al [15]

2013

Development of techniques for statically detecting android application vulnerability to attacks

Permission-protected information is challenging

Choudhary , Et Al[16]

2015

Comparison of the main existing test input generation tools for android

Testing issues

Mcdonnell , Et Al[17]

2013

Case study of the co-evolution behavior of android api and dependent applications using the version history data found on GitHub

Need api updating

Daniel W.K. Tse, Et Al[18]

2014

Security issue

Yajin Zhou, Et Al[19]

2012

Critical Analysis of the nature of threats from the perspectives of Google and mobile carrier, third-party security applications and user behavior Systematizing or characterizing existing android malware

X Zhou, Et Al[20]

2014

Security issue

L Xing, Et Al[21]

2014

Understanding security risks in customization process(changes made to android’s Linux device drivers, e.g., those for camera, GPS, NFC etc)based, on addicted, a tool A systematic study on the android updating mechanism, focusing on its package management service (PMS).

TABLE II.

Android malware, security issue

Security issue

RESEARCH PROBLEMS DUE TO ANDROID FRAGMENTATION FACED BY RESEARCHERS

IV. SOLUTIONS Each Android device manufacturer modifies android operating system according to his need that causes huge fragmentation and raises challenging environment for Android developers with fragmentation [22]. Generally, there are two ways to test The android application for fragmentation and other issues named Manual testing[47] and Automatic Testing[43, 44, 45, 46]. Manual testing is costly, time was taken and tedious [23]. Testing techniques and tools addressing android fragmentation are discussed bellowed.

995

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

A. AppACTS Appacts helps the android developer to enhance android application testing by saving cost, ensuring reliability, efficiency and quality of the application. Testers need to upload android application using internet interface than selecting desired mobile device and after complete testing, one could get testing report[7]. This whole testing process works is shown in figure 5.

Fig. 6. AppACTS Architecture

B. Knowledge base Compatibility Testing This mechanism works at API and code level to find fragmentation [25]. The overall architecture of this mechanism is shown in figure 7

Fig. 5. AppACTS Testing Process

Appacts has scalable architecture having real devices shown in figure 6.

996

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

Fig. 7. Data Architecture of Knowledge-based test Mechanism

V. CONCLUSION

C. Google Play Services (GPS) Google is tackling the android fragmentation issue in a very smart way by introducing GPS [8]. GPS send notifications to all GPS applications to receive updates which help in reducing fragmentation issues.

In this paper, we discuss Android fragmentation issue, causes of Android fragmentation, Problems due to fragmentation and solutions. We can save a lot of efforts and cost if we found a benchmark for Android application testing. We found that if any application is tested through benchmark testing and then launched through Google play services, there will be a huge chance of overcoming android fragmentation. In future we work on testing benchmarks for android.

D. Manual Testing To get high-quality application compatibility manual testing is the best mechanism [31]. To create an optimized manual testing, Case study [27] has been conducted based on rating reviews on 99 games on Google play store. The aim of the study was to pick out the trend on android devices being used by users. On the base of these study 38 to 132 unique devices has been found for using apps among these 99 apps. This study picked devices having a high impact on the rating of the application. These picked devices have been recommended for manual testing in order to control fragmentation and compatibility issue.

REFERENCES [1]

Higginbotham, Jeff, and Steve Jacobs. "The future of the android operating system for augmentative and alternative communication." SIG 12 Perspectives on Augmentative and Alternative Communication 20.2 (2011): 52-56.

[2]

W. Powers, “Q1'11 - Do you view Android Fragmentation as a Problem?”, Baird Research, (2011). Grøtnes, Endre. "Standardization as open innovation: two cases from the mobile industry." Information Technology & People 22, no. 4 (2009): 367-381. On Android Compatibility, http://androiddevelopers.blogspot.com/2010/05/on-android-compatibility.html Ham, Hyung Kil, and Young Bom Park. "Designing Knowledge Base Mobile Application Compatibility Test System for Android Fragmentation." International Journal of Software Engineering and Its Applications 8.1 (2014): 303-314.

[3]

E. TestDroid Testdroid Cloud is the easiest and fastest way to test your application against various real Android and iOS devices – [29]from different manufacturers, with different HW platforms, OS versions, and screen resolutions. You can also easily pick on what devices to run your tests, just on the devices you are interested in [28].

[4] [5]

[6]

997

Open Signal report 2014, http://goo.gl/1zvg3c

Accessed 3-June-2015].[Online]

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

[7]

[8]

[9] [10]

[11]

[12] [13]

[14]

[15]

[16]

[17]

[18] [19]

[20]

[21]

[22] [23]

[24] [25]

[26] [27]

[28]

Huang, Jun-fei. "AppACTS: Mobile App Automated Compatibility Testing Service." Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2014 2nd IEEE International Conference on. IEEE, 2014.0 Pon, Bryan, Timo Seppälä, and Martin Kenney. "Android and the demise of operating system-based power: Firm strategy and platform control in the post-PC world." Telecommunications Policy 38.11 (2014): 979-991. Android Vendors, Accessed 3-June-2015].[Online] http://goo.gl/H3t73M Linares-Vásquez, Mario, Bogdan Dit, and Denys Poshyvanyk. "An exploratory analysis of mobile development issues using stack overflow." Proceedings of the 10th Working Conference on Mining Software Repositories. IEEE Press, 2013. Han, Dan, et al. "Understanding android fragmentation with topic analysis of vendor-specific bugs." Reverse Engineering (WCRE), 2012 19th Working Conference on. IEEE, 2012. Pillay, Ashwin, et al. "Does BYOD increase risks or drive benefits?." (2013). Tilson, David, Carsten Sorensen, and Kalle Lyytinen. "Change and control paradoxes in mobile infrastructure innovation: the Android and iOS mobile operating systems cases." System Science (HICSS), 2012 45th Hawaii International Conference on. IEEE, 2012. Vidas, Timothy, et al. "QRishing: The susceptibility of smartphone users to QR code phishing attacks." Financial Cryptography and Data Security. Springer Berlin Heidelberg, 2013. 52-69. Zhou, Wu, et al. "Detecting repackaged smartphone applications in third-party android marketplaces." Proceedings of the second ACM conference on Data and Application Security and Privacy. ACM, 2012. Choudhary, Shauvik Roy, Alessandra Gorla, and Alessandro Orso. "Automated Test Input Generation for Android: Are We There Yet?." arXiv preprint arXiv:1503.07217 (2015). McDonnell, Tyler, Baishakhi Ray, and Miryung Kim. "An empirical study of API stability and adoption in the Android ecosystem." Software Maintenance (ICSM), 2013 29th IEEE International Conference on. IEEE, 2013. Tse, Daniel WK, et al. "CROSS-SECTIONAL EXAMINATION ON ANDROID SECURITY." (2014). Zhou, Yajin, and Xuxian Jiang. "Dissecting android malware: Characterization and evolution." Security and Privacy (SP), 2012 IEEE Symposium on. IEEE, 2012. Zhou, Xiaoyong, et al. "The peril of fragmentation: Security hazards in android device driver customizations." Security and Privacy (SP), 2014 IEEE Symposium on. IEEE, 2014. Xing, Luyi, et al. "Upgrading your android, elevating my malware: Privilege escalation through mobile os updating." Security and Privacy (SP), 2014 IEEE Symposium on. IEEE, 2014. crowdsourced testing, Accessed 6-June-2015].[Online] https://goo.gl/3Uci6I Azim, Tanzirul, and Iulian Neamtiu. "Targeted and depth-first exploration for systematic testing of android apps." ACM SIGPLAN Notices 48.10 (2013): 641-660. Open Signal report 2013, Accessed 3-June-2015].[Online] http://goo.gl/enK2bb Ham, Hyung Kil, and Young Bom Park. "Designing Knowledge Base Mobile Application Compatibility Test System for Android Fragmentation." International Journal of Software Engineering and Its Applications 8.1 (2014): 303-314. Open Signal report 2012, Accessed 3-June-2015].[Online] http://goo.gl/DERgdD Khalid, Hammad, et al. "Prioritizing the devices to test your app on A case study of Android game apps." Proceedings of the 22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering. ACM. 2014. Kaasila, Jouko, et al. "Testdroid: automated remote UI testing on Android."Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia. ACM, 2012.

[29] Testdroid, Accessed 6-June-2015].[Online http://testdroid.com/ [30] Developers, Android. "What is Android." (2011). [31] Azim, Tanzirul, and Iulian Neamtiu. "Targeted and depth-first exploration for systematic testing of android apps." ACM SIGPLAN Notices 48.10 (2013): 641-660. [32] Wu, Lei, et al. "The impact of vendor customizations on android security."Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013. [33] Ahmad, Mohd Shahdi, et al. "Comparison between android and iOS Operating System in terms of security." Information Technology in Asia (CITA), 2013 8th International Conference on. IEEE, 2013. [34] Alliance, Open Handset. "Android (operating system)." Marketing 4 (2013): 5. [35] Damith C. Rajapakse Accessed 6-May-2015].[Online] https://goo.gl/kLXyue [36] Magableh, Basel, and Stephen Barrett. "Context-oriented Software Development." Journal of Emerging Technologies in Web Intelligence 4.2 (2012): 172-180. [37] Davi, Lucas, et al. "Privilege escalation attacks on android." Information Security. Springer Berlin Heidelberg, 2011. 346-360. [38] Orthacker, Clemens, et al. "Android security permissions–can we trust them?."Security and Privacy in Mobile Information and Communication Systems. Springer Berlin Heidelberg, 2012. 40-51. [39] Bauer, Andreas, Jan-Christoph Küster, and Gil Vegliach. "Runtime verification meets Android security." NASA Formal Methods. Springer Berlin Heidelberg, 2012. 174-180. [40] Tesfay, Welderufael Berhane, Todd Booth, and Karl Andersson. "Reputation-based security model for android applications." Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on. IEEE, 2012. [41] Armando, Alessandro, Gabriele Costa, and Alessio Merlo. "Formal modeling and reasoning about the android security framework." Trustworthy Global Computing. Springer Berlin Heidelberg, 2013. 64-81. [42] Russello, Giovanni, et al. "Yaase: Yet another android security extension."Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third International Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on. IEEE, 2011. [43] Galindo, José A., et al. "Testing variability-intensive systems using automated analysis: an application to Android." Software Quality Journal (2014): 1-41. [44] Mahmood, Riyadh, et al. "A white box approach for automated security testing of Android applications on the cloud." Automation of Software Test (AST), 2012 7th International Workshop on. IEEE, 2012. [45] Hu, Cuixiong, and Iulian Neamtiu. "Automating GUI testing for Android applications." Proceedings of the 6th International Workshop on Automation of Software Test. ACM, 2011. [46] Wu, Jin, Hui Zhao, and Wei Ding. "Android automated crossapplication testing device and method." U.S. Patent Application 14/325,101. [47] Takala, Tommi, Mika Katara, and Julian Harty. "Experiences of system-level model-based GUI testing of an Android application." Software Testing, Verification and Validation (ICST), 2011 IEEE Fourth International Conference on. IEEE, 2011. [48] Rahman, Aedah Abd. "Requirements Engineering Process Improvement Approach for Embedded Software Systems in Android-Based Mobile Devices."International Journal of Engineering and Industries 4.4 (2013): 20. [49] Heuser, Stephan, Adwait Nadkarni, William Enck, and AhmadReza Sadeghi. "Asm: A programmable interface for extending android security." In Proc. 23rd USENIX Security Symposium (SEC’14). 2014.

998

https://sites.google.com/site/ijcsis/ ISSN 1947-5500

International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 9, September 2016

[50] Russello, Giovanni, Bruno Crispo, Earlence Fernandes, and Yury Zhauniarovich. "Yaase: Yet another android security extension." In Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third International Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on, pp. 1033-1040. IEEE, 2011. [51] Arena, Valerio, Vincenzo Catania, Giuseppe La Torre, Salvatore Monteleone, and Fabio Ricciato. "SecureDroid: An Android security framework extension for context-aware policy enforcement." In Privacy and Security in Mobile Systems (PRISMS), 2013 International Conference on, pp. 1-8. IEEE, 2013. [52] Hsiao, Shuen Wen, Shih Hao Hung, Roger Chien, and Chih Wei Yeh. "PasDroid: Real-Time Security Enhancement for Android." In Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2014 Eighth International Conference on, pp. 229-235. IEEE, 2014. [53] Khan, Hassan, Aaron Atwater, and Urs Hengartner. "Itus: an implicit authentication framework for android." In Proceedings of the 20th annual international conference on Mobile computing and networking, pp. 507-518. ACM, 2014. [54] Bugiel, Sven, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, and Ahmad-Reza Sadeghi. "Xmandroid: A new android evolution to mitigate privilege escalation attacks." Technische Universität Darmstadt, Technical Report TR-2011-04 (2011).

Authors’ Profiles: Muhammad Kamran is doing his Master of Science in Computer Science MS(CS) degree from Department of Computer Science, COMSATS Institute of Information Technology, Wah, Pakistan. He received his MCS degree in 2013 from University of Wah, Pakistan. He has been interested in research domains like Software Quality Assurance, Non Functional Testing for Android, Android fragmentation, Android testing, SEO and Regression testing etc. Email:[email protected] Contact#:+92-332-5063060 Junaid Rashid has received his Master of Science in Computer Science MS(CS) degree from Department of Computer Science, COMSATS Institute of Information Technology, Wah, Pakistan in 2016. He received his BS (CS) degree in 2014 from COMSATS Institute of Information Technology, Wah, Pakistan. He has been interested in research domains like Semantic Web, Semantic Search engine, Software Quality Assurance, Software Configuration management, Model versioning, Model Diff, Model Merge, Android fragmentation and Model Driven Engineering etc. Email:[email protected] Contact#:+92-343-5079668 Muhammad Wasif Nisar received Ph.D. degree in Engineering Computer Science and Technology from Institute of Software, GUCAS China in 2009. He received his BSc degree in 1998 and MSc degree in Computer Science in 2000 from University of Peshawar, Pakistan. His research interest includes software estimation, software process improvement, distributed systems, data mining, CMMI-based project management and algorithmic. Email:[email protected]

999

https://sites.google.com/site/ijcsis/ ISSN 1947-5500