A measurement study of google play

Measurement and Modeling of Computer Systems Pub Date : 2014-06-16 DOI:10.1145/2591971.2592003

N. Viennot, Edward Garcia, Jason Nieh

{"title":"A measurement study of google play","authors":"N. Viennot, Edward Garcia, Jason Nieh","doi":"10.1145/2591971.2592003","DOIUrl":null,"url":null,"abstract":"Although millions of users download and use third-party Android applications from the Google Play store, little information is known on an aggregated level about these applications. We have built PlayDrone, the first scalable Google Play store crawler, and used it to index and analyze over 1,100,000 applications in the Google Play store on a daily basis, the largest such index of Android applications. PlayDrone leverages various hacking techniques to circumvent Google's roadblocks for indexing Google Play store content, and makes proprietary application sources available, including source code for over 880,000 free applications. We demonstrate the usefulness of PlayDrone in decompiling and analyzing application content by exploring four previously unaddressed issues: the characterization of Google Play application content at large scale and its evolution over time, library usage in applications and its impact on application portability, duplicative application content in Google Play, and the ineffectiveness of OAuth and related service authentication mechanisms resulting in malicious users being able to easily gain unauthorized access to user data and resources on Amazon Web Services and Facebook.","PeriodicalId":306456,"journal":{"name":"Measurement and Modeling of Computer Systems","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"353","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Measurement and Modeling of Computer Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2591971.2592003","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 353

Abstract

Although millions of users download and use third-party Android applications from the Google Play store, little information is known on an aggregated level about these applications. We have built PlayDrone, the first scalable Google Play store crawler, and used it to index and analyze over 1,100,000 applications in the Google Play store on a daily basis, the largest such index of Android applications. PlayDrone leverages various hacking techniques to circumvent Google's roadblocks for indexing Google Play store content, and makes proprietary application sources available, including source code for over 880,000 free applications. We demonstrate the usefulness of PlayDrone in decompiling and analyzing application content by exploring four previously unaddressed issues: the characterization of Google Play application content at large scale and its evolution over time, library usage in applications and its impact on application portability, duplicative application content in Google Play, and the ineffectiveness of OAuth and related service authentication mechanisms resulting in malicious users being able to easily gain unauthorized access to user data and resources on Amazon Web Services and Facebook.

查看原文本刊更多论文

对google play的测量研究

尽管数以百万计的用户从b谷歌Play商店下载和使用第三方Android应用程序，但我们对这些应用程序的总体信息知之甚少。我们已经创建了PlayDrone，这是第一个可扩展的谷歌Play商店爬虫，并使用它来索引和分析谷歌Play商店中每天超过110万个应用程序，这是Android应用程序中最大的索引。PlayDrone利用各种黑客技术绕过谷歌的路障，索引谷歌Play商店内容，并提供专有应用程序源代码，包括超过88万个免费应用程序的源代码。我们通过探索四个以前未解决的问题来展示PlayDrone在反编译和分析应用程序内容方面的有用性:谷歌Play应用程序内容的大规模特征及其随时间的演变，应用程序中的库使用及其对应用程序可移植性的影响，谷歌Play中重复的应用程序内容，以及OAuth和相关服务认证机制的无效，导致恶意用户能够轻松获得未经授权访问亚马逊Web服务和Facebook上的用户数据和资源。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Measurement and Modeling of Computer Systems

自引率

0.00%

发文量