To address the problems of large APK size, high runtime overhead, and expanded attack surface caused by functional bloat in Android applications, this paper proposes a **purely dynamic, APK-modification-free debloating method**. Our approach leverages a non-privileged management app and a customized Android system to generate fine-grained debloating policies at runtime via combined static and dynamic analysis. It achieves method-level, dual-layer (DEX and native) trimming through runtime method-call interception, JIT/AOT compilation bypass, and zero-filling of native method memory regions. Crucially, the solution preserves Android’s signature verification and integrity checks without violating the platform’s security model. Evaluated on 55 real-world apps, our method removes, on average, 187 DEX methods and 30 native methods per app, eliminating over 10,000 ROP gadgets—significantly shrinking the attack surface and reducing resource consumption.

Today's Android developers tend to include numerous features to accommodate diverse user requirements, which inevitably leads to bloated apps. Yet more often than not, only a fraction of these features are frequently utilized by users, thus a bloated app costs dearly in potential vulnerabilities, expanded attack surfaces, and additional resource consumption. Especially in the event of severe security incidents, users have the need to block vulnerable functionalities immediately. Existing works have proposed various code debloating approaches for identifying and removing features of executable components. However, they typically involve static modification of files (and, for Android apps, repackaging of APKs, too), which lacks user convenience let alone undermining the security model of Android due to the compromising of public key verification and code integrity checks. This paper introduces 3DNDroid, a Dynamic Debloating approach targeting both DEX and Native methods in AnDroid apps. Using an unprivileged management app in tandem with a customized Android OS, 3DNDroid dynamically reduces unnecessary code loading during app execution based on a pre-generated debloating schema from static or dynamic analyses. It intercepts invocations of debloated bytecode methods to prevent their interpretation, compilation, and execution, while zero-filling memory spaces of debloated native methods during code loading. Evaluation demonstrates 3DNDroid's ability to debloat 187 DEX methods and 30 native methods across 55 real-world apps, removing over 10K Return-Oriented Programming (ROP) gadgets. Case studies confirm its effectiveness in mitigating vulnerabilities, and performance assessments highlight its resource-saving advantages over non-debloated apps.