{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T04:10:56Z","timestamp":1773375056849,"version":"3.50.1"},"reference-count":75,"publisher":"Association for Computing Machinery (ACM)","issue":"1","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2026,1,31]]},"abstract":"<jats:p>\n                    The Android ecosystem has experienced rapid growth, resulting in a diverse range of platforms and devices. This expansion has also brought about compatibility issues that negatively impact user experiences and hinder app development productivity. Existing relevant studies are focused on and limited to the \u201cstatic\u201d sense of those issues (in terms of potentialities and proneness), while only addressing compatibility issues that possibly occur during app executions. In this article, we present an extensive and longitudinal study on app compatibility issues that are disparate from yet complementary to prior studies, characterizing the incompatibilities based on\n                    <jats:italic toggle=\"yes\">actual<\/jats:italic>\n                    ,\n                    <jats:italic toggle=\"yes\">exercised observations<\/jats:italic>\n                    and\n                    <jats:italic toggle=\"yes\">evidence<\/jats:italic>\n                    at both installation and run-time. With a dataset of 74,545 benign apps and 56,919 malicious apps over a span of 12\u2009years (2010 through 2021) and 10 Android versions, we extensively examine the prevalence and symptoms\/effects and causes of, as well as the contributing factors to, installation-time and run-time compatibility issues.\n                  <\/jats:p>\n                  <jats:p>Our study reveals 12 major novel findings regarding Android app incompatibilities. First (Findings 1, 2), installation-time incompatibilities persisted significantly over the 12\u2009years, even more so in malware than benign apps. Second (Findings 7, 8), run-time compatibility issues were also seen persistently over time but only on specific Android platforms (such as API 26,27, etc.) and much less by malware than benign apps. Third (Findings 5, 6, 11, 12), there is a significant (moderate\/stronger) correlation between an app\u2019s specified minSdkVersion and its incompatibilities (over all symptoms and\/or with respect to one of its dominating symptom), with stronger correlations seen in malware than in benign apps, for both installation-time and run-time incompatibilities. Similar observations hold (although with much stronger correlation in absolute terms) when considering, instead of the minSdkVersion itself, the gap between the app\u2019s minSdkVersion and the SDK API level of the platform the app is installed to or runs on. Last (Findings 3, 4, 9, 10), installation-time incompatibilities are primarily caused by the utilization of architecture-incompatible native libraries within apps, while run-time incompatibilities are mainly attributed to API changes during the evolution of the Android SDK; the symptoms of run-time failures seen by malware are much more diverse than by benign apps. In addition to these insights, we provide practical recommendations for both app developers and end users on how to effectively address compatibility issues in Android apps, as well as how to devise effective defenses against malware from the compatibility perspectives.<\/jats:p>","DOI":"10.1145\/3725810","type":"journal-article","created":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T15:30:54Z","timestamp":1742916654000},"page":"1-44","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Characterizing Installation- and Run-time Compatibility Issues in Android Benign Apps and Malware"],"prefix":"10.1145","volume":"35","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-9134-9307","authenticated-orcid":false,"given":"Jiawei","family":"Guo","sequence":"first","affiliation":[{"name":"University at Buffalo, SUNY, Buffalo, New York, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8769-5404","authenticated-orcid":false,"given":"Xiaoqin","family":"Fu","sequence":"additional","affiliation":[{"name":"Washington State University, Pullman, Washington, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2990-1614","authenticated-orcid":false,"given":"Li","family":"Li","sequence":"additional","affiliation":[{"name":"Monash University, Clayton, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6272-4069","authenticated-orcid":false,"given":"Tao","family":"Zhang","sequence":"additional","affiliation":[{"name":"Macau University of Science and Technology, Taipa, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1412-1546","authenticated-orcid":false,"given":"Mattia","family":"Fazzini","sequence":"additional","affiliation":[{"name":"University of Minnesota, Minneapolis, Minnesota, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5224-9970","authenticated-orcid":false,"given":"Haipeng","family":"Cai","sequence":"additional","affiliation":[{"name":"University at Buffalo, SUNY, Buffalo, New York, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,12,11]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"Android. n.d. Android 14 | Customizable Accessible and Protective |. Retrieved from https:\/\/www.android.com\/android-14\/"},{"key":"e_1_3_3_3_2","unstructured":"n.d. Behavior Changes: All Apps | Android Developers. Retrieved from https:\/\/developer.android.com\/about\/versions\/14\/behavior-changes-all"},{"key":"e_1_3_3_4_2","unstructured":"2024. VirtusTotal. Retrieved from https:\/\/www.virustotal.com\/"},{"key":"e_1_3_3_5_2","unstructured":"2024. What\u2019s New in Android 15 plus More Updates. Retrieved from https:\/\/blog.google\/products\/android\/android-15\/"},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.tjem.2018.08.001"},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.1145\/2901739.2903508"},{"key":"e_1_3_3_8_2","unstructured":"Haipeng Cai. 2018. A preliminary study on the sustainability of android malware detection. arXiv:1807.08221. Retrieved from https:\/\/arxiv.org\/abs\/1807.08221"},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1145\/3371924"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1145\/3387905.3388612"},{"key":"e_1_3_3_11_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2020.106291"},{"key":"e_1_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196433"},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.1145\/3183440.3195004"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2879302"},{"key":"e_1_3_3_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.36"},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.35"},{"key":"e_1_3_3_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.31"},{"issue":"12","key":"e_1_3_3_18_2","first-page":"2934","article-title":"A longitudinal study of application structure and behaviors in android","volume":"47","author":"Cai Haipeng","year":"2020","unstructured":"Haipeng Cai and Barbara Ryder. 2020. A longitudinal study of application structure and behaviors in android. IEEE Transactions on Software Engineering 47, 12 (2020), 2934\u20132955.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330564"},{"key":"e_1_3_3_20_2","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380436"},{"key":"e_1_3_3_21_2","doi-asserted-by":"publisher","DOI":"10.1145\/3197231.3197255"},{"key":"e_1_3_3_22_2","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1109\/MSP.2009.26","article-title":"Understanding android security","volume":"1","author":"Enck William","year":"2009","unstructured":"William Enck, Machigar Ongtang, and Patrick McDaniel. 2009. Understanding android security. IEEE Security and Privacy 1 (2009), 50\u201357.","journal-title":"IEEE Security and Privacy"},{"key":"e_1_3_3_23_2","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180222"},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2017.8115644"},{"key":"e_1_3_3_25_2","first-page":"272","volume-title":"Companion Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering","author":"Fu Xiaoqin","year":"2019","unstructured":"Xiaoqin Fu and Haipeng Cai. 2019. On the deterioration of learning-based malware detectors for android. In Companion Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering, 272\u2013273."},{"key":"e_1_3_3_26_2","unstructured":"Google. 2019. Android Compatibility. Retrieved May 20 2019 from https:\/\/developer.android.com\/guide\/practices\/compatibility.html"},{"key":"e_1_3_3_27_2","unstructured":"Google. 2019. Android Debug Bridge. Retrieved May 20 2019 from https:\/\/developer.android.com\/studio\/command-line\/adb.html"},{"key":"e_1_3_3_28_2","unstructured":"Google. 2019. Android Developer Dashboard. Retrieved May 20 2019 from http:\/\/developer.android.com\/about\/dashboards\/index.html"},{"key":"e_1_3_3_29_2","unstructured":"Google. 2019. Android Developer Guide. Retrieved May 20 2019 from https:\/\/developer.android.com\/guide"},{"key":"e_1_3_3_30_2","unstructured":"Google. 2019. Android Emulator. Retrieved May 20 2019 from http:\/\/developer.android.com\/tools\/help\/emulator.html"},{"key":"e_1_3_3_31_2","unstructured":"Google. 2019. Android Logcat. Retrieved May 20 2019 from http:\/\/developer.android.com\/tools\/help\/logcat.html"},{"key":"e_1_3_3_32_2","unstructured":"Google. 2019. Android Monkey. Retrieved May 20 2019 from http:\/\/developer.android.com\/tools\/help\/monkey.html"},{"key":"e_1_3_3_33_2","unstructured":"Google. 2019. Android Version History. Retrieved May 20 2019 from https:\/\/en.wikipedia.org\/wiki\/Android_version_history"},{"key":"e_1_3_3_34_2","unstructured":"Google. 2019. Backwards Compatibility. Retrieved May 20 2019 from https:\/\/developer.android.com\/design\/patterns\/compatibility.html"},{"key":"e_1_3_3_35_2","unstructured":"Google. 2019. Google Play Store. Retrieved May 20 2019 from https:\/\/play.google.com\/store"},{"key":"e_1_3_3_36_2","unstructured":"Google. 2019. uses-sdk Elements. Retrieved May 20 2019 from https:\/\/developer.android.com\/guide\/topics\/manifest\/uses-sdk-element"},{"key":"e_1_3_3_37_2","unstructured":"Google. 2019. Verify Error. Retrieved May 20 2019 from https:\/\/developer.android.com\/reference\/java\/lang\/VerifyError"},{"key":"e_1_3_3_38_2","unstructured":"Google. 2020. Android Stopped Releasing the Distribution of Devices Running Different Versions of Android. Retrieved July 13 2023 from https:\/\/www.gizmochina.com\/2020\/04\/11\/google-takes-the-android-distribution-chart-off-the-web-but-heres-the-latest-data\/"},{"key":"e_1_3_3_39_2","unstructured":"Google. 2023. Android Developer Reference. Retrieved July 13 2023 from https:\/\/developer.android.com\/reference"},{"key":"e_1_3_3_40_2","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2012.18"},{"key":"e_1_3_3_41_2","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3238185"},{"key":"e_1_3_3_42_2","unstructured":"Simon Hill. 2016. Android Fragmentation Issue. Retrieved September 20 2016 from http:\/\/www.digitaltrends.com\/mobile\/what-is-android-fragmentation-and-can-google-ever-fix-it\/"},{"key":"e_1_3_3_43_2","unstructured":"howtogeek. 2019. The Ultimate Guide to Installing Incompatible Android Apps from Google Play. Retrieved May 20 2019 from https:\/\/www.howtogeek.com\/138500\/the-ultimate-guide-to-installing-incompatible-android-apps-from-google-play\/"},{"key":"e_1_3_3_44_2","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3238181"},{"key":"e_1_3_3_45_2","first-page":"86","volume-title":"Proceedings of the 2021 IEEE\/ACM 43rd International Conference on Software Engineering (ICSE)","author":"Jia Zhouyang","year":"2021","unstructured":"Zhouyang Jia, Shanshan Li, Tingting Yu, Chen Zeng, Erci Xu, Xiaodong Liu, Ji Wang, and Xiangke Liao. 2021. DepOwl: Detecting dependency bugs to prevent compatibility failures. In Proceedings of the 2021 IEEE\/ACM 43rd International Conference on Software Engineering (ICSE), 86\u201398."},{"key":"e_1_3_3_46_2","first-page":"246","volume-title":"Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE)","author":"Ki Taeyeon","year":"2019","unstructured":"Taeyeon Ki, Chang Min Park, Karthik Dantu, Steven Y. Ko, and Lukasz Ziarek. 2019. Mimic: UI compatibility testing system for android apps. In Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE), 246\u2013256."},{"key":"e_1_3_3_47_2","first-page":"1","volume-title":"Proceedings of the Cetus Users and Compiler Infrastructure Workshop","author":"Lam Patrick","year":"2011","unstructured":"Patrick Lam, Eric Bodden, Ondrej Lhot\u00e1k, and Laurie Hendren. 2011. Soot\u2014A java bytecode optimization framework. In Proceedings of the Cetus Users and Compiler Infrastructure Workshop, 1\u201311."},{"key":"e_1_3_3_48_2","doi-asserted-by":"publisher","DOI":"10.1145\/3213846.3213857"},{"key":"e_1_3_3_49_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11390-017-1786-z"},{"key":"e_1_3_3_50_2","doi-asserted-by":"publisher","DOI":"10.1145\/2491411.2491428"},{"key":"e_1_3_3_51_2","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534407"},{"issue":"1","key":"e_1_3_3_52_2","first-page":"1","article-title":"Automatically detecting incompatible android apis","volume":"33","author":"Liu Pei","year":"2023","unstructured":"Pei Liu, Yanjie Zhao, Mattia Fazzini, Haipeng Cai, John Grundy, and Li Li. 2023. Automatically detecting incompatible android apis. ACM Transactions on Software Engineering and Methodology 33, 1 (2023), 1\u201333.","journal-title":"ACM Transactions on Software Engineering and Methodology"},{"key":"e_1_3_3_53_2","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884828"},{"key":"e_1_3_3_54_2","first-page":"480","volume-title":"Proceedings of the 2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","author":"Mahmud Tarek","year":"2021","unstructured":"Tarek Mahmud, Meiru Che, and Guowei Yang. 2021. Android compatibility issue detection using API differences. In Proceedings of the 2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). IEEE, 480\u2013490."},{"key":"e_1_3_3_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.2013.18"},{"key":"e_1_3_3_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/3324884.3415290"},{"key":"e_1_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2016.34"},{"key":"e_1_3_3_58_2","doi-asserted-by":"publisher","DOI":"10.1002\/0471667196.ess5050"},{"key":"e_1_3_3_59_2","unstructured":"Stack Overflow. 2019. Android Device Compatibility Issues. Retrieved May 20 2019 from https:\/\/stackoverflow.com\/questions\/31009186\/android-device-compatibility-issues"},{"key":"e_1_3_3_60_2","unstructured":"International Data Corporation (IDC) Research. 2019. Android Dominating Mobile Market. Retrieved May 20 2019 from https:\/\/www.idc.com\/promo\/smartphone-market-share\/os"},{"key":"e_1_3_3_61_2","doi-asserted-by":"crossref","first-page":"288","DOI":"10.1109\/MSR.2019.00055","volume-title":"Proceedings of the 2019 IEEE\/ACM 16th International Conference on Mining Software Repositories (MSR)","author":"Scalabrino Simone","year":"2019","unstructured":"Simone Scalabrino, Gabriele Bavota, Mario Linares-V\u00e1squez, Michele Lanza, and Rocco Oliveto. 2019. Data-driven solutions to detect api compatibility issues in android: An empirical study. In Proceedings of the 2019 IEEE\/ACM 16th International Conference on Mining Software Repositories (MSR). IEEE, 288\u2013298."},{"key":"e_1_3_3_62_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-020-09877-w"},{"key":"e_1_3_3_63_2","unstructured":"stackoverflow.com. 2019. Android Native Crash. Retrieved May 20 2019 from https:\/\/stackoverflow.com\/questions\/47063114\/android-native-crash"},{"key":"e_1_3_3_64_2","unstructured":"stackoverflow.com. 2019. Causes of Getting a java.lang.VerifyError. Retrieved May 20 2019 from https:\/\/stackoverflow.com\/questions\/100107\/causes-of-getting-a-java-lang-verifyerror"},{"key":"e_1_3_3_65_2","doi-asserted-by":"publisher","DOI":"10.1145\/3017427"},{"key":"e_1_3_3_66_2","unstructured":"TechRepublic. 2019. How Fragmentation Affects the Android Ecosystem. Retrieved May 20 2019 from https:\/\/www.hardwaresavvy.com\/p\/android-fragmentation-explained-impact-on-users"},{"key":"e_1_3_3_67_2","first-page":"602","volume-title":"Proceedings of the 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)","author":"Thung Ferdian","year":"2020","unstructured":"Ferdian Thung, Stefanus A. Haryono, Lucas Serrano, Gilles Muller, Julia Lawall, David Lo, and Lingxiao Jiang. 2020. Automated deprecated-API usage update for android apps: How far are we? In Proceedings of the 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER), 602\u2013611."},{"key":"e_1_3_3_68_2","unstructured":"VirusShare.com. 2019. VirusShare. Retrieved May 20 2019 from https:\/\/virusshare.com\/"},{"key":"e_1_3_3_69_2","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970312"},{"key":"e_1_3_3_70_2","first-page":"878","volume-title":"Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE)","author":"Wei Lili","year":"2019","unstructured":"Lili Wei, Yepang Liu, and Shing-Chi Cheung. 2019. Pivot: Learning api-device correlations to facilitate android compatibility issue detection. In Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE), 878\u2013888."},{"key":"e_1_3_3_71_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2876439"},{"key":"e_1_3_3_72_2","unstructured":"Ryszard Wisniewski and Connor Tumbleson. 2019. A Tool for Reverse Engineering Android apk Files. Retrieved May 20 2019 from https:\/\/code.google.com\/p\/android-apktool\/"},{"key":"e_1_3_3_73_2","first-page":"886","volume-title":"Proceedings of the 2020 IEEE\/ACM 42nd International Conference on Software Engineering (ICSE)","author":"Xia Hao","year":"2020","unstructured":"Hao Xia, Yuan Zhang, Yingtian Zhou, Xiaoting Chen, Yang Wang, Xiangyu Zhang, Shuaishuai Cui, Geng Hong, Xiaohan Zhang, Min Yang, et al. 2020. How android developers handle evolution-induced API compatibility issues: A large-scale study. In Proceedings of the 2020 IEEE\/ACM 42nd International Conference on Software Engineering (ICSE), 886\u2013898."},{"key":"e_1_3_3_74_2","doi-asserted-by":"publisher","DOI":"10.1109\/SOSE.2015.35"},{"key":"e_1_3_3_75_2","first-page":"40","volume-title":"Proceedings of the 2019 IEEE\/ACM 6th International Conference on Mobile Software Engineering and Systems (MOBILESoft)","author":"Zhang Ziyi","year":"2019","unstructured":"Ziyi Zhang and Haipeng Cai. 2019. A look into developer intentions for app compatibility in android. In Proceedings of the 2019 IEEE\/ACM 6th International Conference on Mobile Software Engineering and Systems (MOBILESoft), 40\u201344."},{"key":"e_1_3_3_76_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3725810","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,12]],"date-time":"2025-12-12T02:50:25Z","timestamp":1765507825000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3725810"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,11]]},"references-count":75,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2026,1,31]]}},"alternative-id":["10.1145\/3725810"],"URL":"https:\/\/doi.org\/10.1145\/3725810","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"value":"1049-331X","type":"print"},{"value":"1557-7392","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,11]]},"assertion":[{"value":"2023-07-22","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-03-12","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-12-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}