IoTWhiz: An IoT Android App Characterization Tool
University of Dhaka (In collab. with SPL lab at William & Mary), 2023
In the world of mobile applications, the task of characterizing Android apps, specifically in terms of their association with the Internet of Things (IoT) domain, has proven to be quite challenging. In response, we present a comprehensive framework designed to systematically analyze Android applications based on their specific attributes.
Our approach starts with collecting a diverse dataset consisting of both IoT and non-IoT apps from popular sources for analysis. By examining the collected applications, we extract simple metrics that serve as discriminators between the two categories. These metrics contain diverse aspects, including API usage, permission patterns, dynamic code loading, typical UI layouts, class count and code size measured in LOC, use of reflection, and data storage strategies in the application’s codebase.
The proposed tool automates the process of analyzing Android applications to extract these metrics related to their functionality and codebase. By applying static code analysis techniques, it collects data from a curated dataset of applications representing both IoT and non-IoT domains. The tool’s effectiveness is demonstrated through an empirical analysis of a diverse set of Android applications, wherein it quantifies the differences between IoT and non-IoT apps across various dimensions. These findings shed light on the distinct characteristics that define each category, enabling developers to make informed decisions and researchers to deepen their understanding of IoT application development.
The contributions of this work are twofold:
1) the development of a tool that automates the extraction of metrics from Android applications, 2) the insights gained from the comparative analysis of IoT and non-IoT app characteristics.
There will be visualizations to reflect analysis output, ranging from API usage distribution charts to dynamic code loading frequency pie charts, which will showcase the findings.
In conclusion, our systematic approach serves as a guiding light in a complex terrain. By breaking down the process into discrete steps, we empower researchers with a potent tool capable of automatically testing between IoT and non-IoT Android applications, leading to more informed and efficient decision-making in the dynamic app development landscape.
Figure 1: User Interface of IoTWhiz.
Figure 2: Workflow of IoTWhiz.