Developer mistakes in writing android manifests: An empirical study of configuration errors

Ajay Kumar Jha, Sunghee Lee, Woo Jin Lee

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

30 Scopus citations

Abstract

Each Android app must have an Android manifest file. It is one of the most important configuration files manually written by developers. In addition to various configuration parameters required to run an app, it also contains configuration parameters which are used to implement security, compatibility, and accessibility of an app. Any mistakes in writing the manifest file can cause serious implications in terms of security, reliability, and availability of an app. In this paper, we study and report different types of mistakes committed by developers in writing Android manifest files. The study was performed on 13,483 real-world Android apps. We also present an open source rule-based static analysis tool which detects developer mistakes in the manifest file. The tool generates a warning message if it detects any misconfigurations in the manifest file. We used the tool to perform the empirical study and it generated total 59,547 configuration errors in 11,110 apps. Only 2,373 apps, among studied apps, do not have any configuration errors.

Original languageEnglish
Title of host publicationProceedings - 2017 IEEE/ACM 14th International Conference on Mining Software Repositories, MSR 2017
PublisherIEEE Computer Society
Pages25-36
Number of pages12
ISBN (Electronic)9781538615447
DOIs
StatePublished - 29 Jun 2017
Event14th IEEE/ACM International Conference on Mining Software Repositories, MSR 2017 - Buenos Aires, Argentina
Duration: 20 May 201721 May 2017

Publication series

NameIEEE International Working Conference on Mining Software Repositories
ISSN (Print)2160-1852
ISSN (Electronic)2160-1860

Conference

Conference14th IEEE/ACM International Conference on Mining Software Repositories, MSR 2017
Country/TerritoryArgentina
CityBuenos Aires
Period20/05/1721/05/17

Keywords

  • Android Apps
  • Android Manifest
  • Configuration Errors
  • Rule-Based Error Detection

Fingerprint

Dive into the research topics of 'Developer mistakes in writing android manifests: An empirical study of configuration errors'. Together they form a unique fingerprint.

Cite this