More Web Proxy on the site http://driver.im/

research-article

Static control-flow analysis of user-driven callbacks in Android applications

Authors:

Shengqian Yang,

Atanas RountevAuthors Info & Claims

ICSE '15: Proceedings of the 37th International Conference on Software Engineering - Volume 1

Pages 89 - 99

Published: 16 May 2015 Publication History

Abstract

Android software presents many challenges for static program analysis. In this work we focus on the fundamental problem of static control-flow analysis. Traditional analyses cannot be directly applied to Android because the applications are framework-based and event-driven. We consider user-event-driven components and the related sequences of callbacks from the Android framework to the application code, both for lifecycle callbacks and for event handler callbacks.

We propose a program representation that captures such callback sequences. This representation is built using context-sensitive static analysis of callback methods. The analysis performs graph reachability by traversing context-compatible interprocedural control-flow paths and identifying statements that may trigger callbacks, as well as paths that avoid such statements. We also develop a client analysis that builds a static model of the application's GUI. Experimental evaluation shows that this context-sensitive approach leads to substantial precision improvements, while having practical cost.

References

[1]

Gartner, Inc., "Worldwide traditional PC, tablet, ultramobile and mobile phone shipments," Mar. 2014, www.gartner.com/newsroom/id/2692318.

[2]

M. Sharir and A. Pnueli, "Two approaches to interprocedural data flow analysis," in Program Flow Analysis: Theory and Applications, S. Muchnick and N. Jones, Eds. Prentice Hall, 1981, pp. 189--234.

[3]

T. Reps, S. Horwitz, and M. Sagiv, "Precise interprocedural dataflow analysis via graph reachability," in POPL, 1995, pp. 49--61.

Digital Library

[4]

A. P. Fuchs, A. Chaudhuri, and J. S. Foster, "SCanDroid: Automated security certification of Android applications," University of Maryland, College Park, Tech. Rep. CS-TR-4991, 2009.

[5]

E. Chin, A. P. Felt, K. Greenwood, and D. Wagner, "Analyzing inter-application communication in Android," in MobiSys, 2011, pp. 239--252.

Digital Library

[6]

M. Grace, Y. Zhou, Z. Wang, and X. Jiang, "Systematic detection of capability leaks in stock Android smartphones," in NDSS, 2012.

[7]

C. Zheng, S. Zhu, S. Dai, G. Gu, X. Gong, X. Han, and W. Zou, "Smart-Droid: An automatic system for revealing UI-based trigger conditions in Android applications," in SPSM, 2012, pp. 93--104.

Digital Library

[8]

D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. le Traon, "Effective inter-component communication mapping in Android with Epicc," in USENIX Security, 2013.

Digital Library

[9]

S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel, "FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps," in PLDI, 2014, pp. 259--269.

Digital Library

[10]

A. Pathak, A. Jindal, Y. C. Hu, and S. P. Midkiff, "What is keeping my phone awake?" in MobiSys, 2012, pp. 267--280.

Digital Library

[11]

"Stopping and restarting an activity," developer.android.com/training/basics/activity-lifecycle/stopping.html.

[12]

P. Dubroy, "Memory management for Android applications," in Google I/O Developers Conference, 2011.

[13]

L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang, "CHEX: Statically vetting Android apps for component hijacking vulnerabilities," in CCS, 2012, pp. 229--240.

Digital Library

[14]

J. Huang, X. Zhang, L. Tan, P. Wang, and B. Liang, "AsDroid: Detecting stealthy behaviors in Android applications by user interface and program behavior contradiction," in ICSE, 2014, pp. 1036--1046.

Digital Library

[15]

Y. Feng, S. Anand, I. Dillig, and A. Aiken, "Apposcopy: Semantics-based detection of Android malware through static analysis," in FSE, 2014, pp. 576--587.

Digital Library

[16]

S. Zhang, H. Lü, and M. D. Ernst, "Finding errors in multithreaded GUI applications," in ISSTA, 2012, pp. 243--253.

Digital Library

[17]

E. Payet and F. Spoto, "Static analysis of Android programs," IST, vol. 54, no. 11, pp. 1192--1201, 2012.

Digital Library

[18]

T. Takala, M. Katara, and J. Harty, "Experiences of system-level model-based GUI testing of an Android application," in ICST, 2011, pp. 377--386.

Digital Library

[19]

C. S. Jensen, M. R. Prasad, and A. Møller, "Automated testing with targeted event sequence generation," in ISSTA, 2013, pp. 67--77.

Digital Library

[20]

D. Yan, S. Yang, and A. Rountev, "Systematic testing for resource leaks in Android applications," in ISSRE, 2013, pp. 411--420.

[21]

S. Yang, D. Yan, and A. Rountev, "Testing for poor responsiveness in Android applications," in MOBS, 2013, pp. 1--6.

[22]

D. Amalfitano, A. R. Fasolino, P. Tramontana, S. De Carmine, and A. M. Memon, "Using GUI ripping for automated testing of Android applications," in ASE, 2012, pp. 258--261.

Digital Library

[23]

"Gator: Program Analysis Toolkit For Android," web.cse.ohio-state.edu/presto/software/gator.

[24]

"OpenManager: File manager for Android," github.com/nexes/Android-File-Manager.

[25]

D. Grove and C. Chambers, "A framework for call graph construction algorithms," TOPLAS, vol. 23, no. 6, pp. 685--746, 2001.

Digital Library

[26]

A. Milanova, A. Rountev, and B. G. Ryder, "Parameterized object sensitivity for points-to analysis for Java," TOSEM, vol. 14, no. 1, pp. 1--41, 2005.

Digital Library

[27]

Y. Smaragdakis, M. Bravenboer, and O. Lhoták, "Pick your contexts well: Understanding object-sensitivity," in POPL, 2011, pp. 17--30.

Digital Library

[28]

A. Rountev and D. Yan, "Static reference analysis for GUI objects in Android software," in CGO, 2014, pp. 143--153.

Digital Library

[29]

D. Yan, "Program analyses for understanding the behavior and performance of traditional and mobile object-oriented software," Ph.D. dissertation, Ohio State University, Jul. 2014.

[30]

A. Rountev, S. Kagan, and T. Marlowe, "Interprocedural dataflow analysis in the presence of large libraries," in CC, 2006, pp. 2--16.

Digital Library

[31]

"SCanDroid: Security Certifier for anDroid," spruce.cs.ucr.edu/SCanDroid/tutorial.html.

[32]

T. Azim and I. Neamtiu, "Targeted and depth-first exploration for systematic testing of Android apps," in OOPSLA, 2013, pp. 641--660.

Digital Library

[33]

"Intents and intent filters," developer.android.com/guide/components/intents-filters.html.

[34]

M. Sagiv, T. Reps, and S. Horwitz, "Precise interprocedural dataflow analysis with applications to constant propagation," TCS, vol. 167, no. 1--2, pp. 131--170, 1996.

Digital Library

[35]

A. M. Memon, "An event-flow model of GUI-based applications for testing," STVR, vol. 17, no. 3, pp. 137--157, 2007.

Digital Library

[36]

W. Yang, M. Prasad, and T. Xie, "A grey-box approach for automated GUI-model generation of mobile applications," in FASE, 2013, pp. 250--265.

Digital Library

[37]

P. Zhang and S. Elbaum, "Amplifying tests to validate exception handling code," in ICSE, 2012, pp. 595--605.

Digital Library

[38]

M. Prasad, "Personal communication," 2014.

[39]

P. Tramontana, "Android GUI Ripper," wpage.unina.it/ptramont/GUIRipperWiki.htm.

[40]

S. Liang, A. W. Keep, M. Might, S. Lyde, T. Gilray, P. Aldous, and D. Van Horn, "Sound and precise malware analysis for Android via pushdown reachability and entry-point saturation," in SPSM, 2013, pp. 21--32.

Digital Library

[41]

E. Payet and F. Spoto, "An operational semantics for Android activities," in PEPM, 2014, pp. 121--132.

Digital Library

[42]

A. M. Memon, I. Banerjee, and A. Nagarajan, "GUI ripping: Reverse engineering of graphical user interfaces for testing," in WCRE, 2003, pp. 260--269.

Digital Library

[43]

A. M. Memon and Q. Xie, "Studying the fault-detection effectiveness of GUI test cases for rapidly evolving software," TSE, vol. 31, no. 10, pp. 884--896, 2005.

Digital Library

[44]

F. Gross, G. Fraser, and A. Zeller, "Search-based system testing: High coverage, no false alarms," in ISSTA, 2012, pp. 67--77.

Digital Library

[45]

P. Wang, B. Liang, W. You, J. Li, and W. Shi, "Automatic Android GUI traversal with high coverage," in CSNT, 2014, pp. 1161--1166.

Digital Library

Cited By

Lu YPan MPei YLi XRyu SSmaragdakis Y(2022)Detecting resource utilization bugs induced by variant lifecycles in AndroidProceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3533767.3534413(642-653)Online publication date: 18-Jul-2022
https://dl.acm.org/doi/10.1145/3533767.3534413
Liu CXiao XJuristo N(2021)ProMalProceedings of the 43rd International Conference on Software Engineering: Companion Proceedings10.1109/ICSE-Companion52605.2021.00061(144-146)Online publication date: 25-May-2021
https://dl.acm.org/doi/10.1109/ICSE-Companion52605.2021.00061
Zhao YMedvidovic NTilevich E(2019)A microservice architecture for online mobile app optimizationProceedings of the 6th International Conference on Mobile Software Engineering and Systems10.5555/3340730.3340742(45-49)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.5555/3340730.3340742
Show More Cited By

Index Terms

Static control-flow analysis of user-driven callbacks in Android applications
1. Applied computing
  1. Computers in other domains
    1. Personal computers and PC applications
2. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning
      1. Program analysis
    2. Program semantics

Recommendations

Pushdown control-flow analysis for free
POPL '16

Traditional control-flow analysis (CFA) for higher-order languages introduces spurious connections between callers and callees, and different invocations of a function may pollute each other's return flows. Recently, three distinct approaches have been ...
SVF: interprocedural static value-flow analysis in LLVM
CC '16: Proceedings of the 25th International Conference on Compiler Construction

This paper presents SVF, a tool that enables scalable and precise interprocedural Static Value-Flow analysis for C programs by leveraging recent advances in sparse analysis. SVF, which is fully implemented in LLVM, allows value-flow construction and ...
Asynchrony-aware static analysis of Android applications
MEMOCODE '16: Proceedings of the 14th ACM-IEEE International Conference on Formal Methods and Models for System Design

Software applications developed for the Android platform are very popular. Due to this, static analysis of these applications has received a lot of attention recently. An Android application is essentially an asynchronous, event-driven program. The ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '15: Proceedings of the 37th International Conference on Software Engineering - Volume 1

May 2015

999 pages

ISBN:9781479919345

General Chair:
Antonia Bertolino
ISTI-CNR, Italy
,
Program Chairs:
Gerardo Canfora
University of Sannio, Italy
,
Sebastian Elbaum
University of Nebraska-Lincoln

Sponsors

ACM: Association for Computing Machinery
SIGSOFT: ACM Special Interest Group on Software Engineering
IEEE-CS\DATC: IEEE Computer Society
TCSE: IEEE Computer Society's Tech. Council on Software Engin.

Publisher

IEEE Press

Publication History

Published: 16 May 2015

Check for updates

Qualifiers

Research-article

Conference

ICSE '15

Sponsor:

ACM
SIGSOFT
IEEE-CS\DATC
TCSE

ICSE '15: 37th International Conference on Software Engineering

May 16 - 24, 2015

Florence, Italy

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

48
Total Citations
View Citations
455
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)5

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lu YPan MPei YLi XRyu SSmaragdakis Y(2022)Detecting resource utilization bugs induced by variant lifecycles in AndroidProceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3533767.3534413(642-653)Online publication date: 18-Jul-2022
https://dl.acm.org/doi/10.1145/3533767.3534413
Liu CXiao XJuristo N(2021)ProMalProceedings of the 43rd International Conference on Software Engineering: Companion Proceedings10.1109/ICSE-Companion52605.2021.00061(144-146)Online publication date: 25-May-2021
https://dl.acm.org/doi/10.1109/ICSE-Companion52605.2021.00061
Zhao YMedvidovic NTilevich E(2019)A microservice architecture for online mobile app optimizationProceedings of the 6th International Conference on Mobile Software Engineering and Systems10.5555/3340730.3340742(45-49)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.5555/3340730.3340742
Xiao XWang XCao ZWang HGao PAtlee JBultan TWhittle J(2019)IconIntentProceedings of the 41st International Conference on Software Engineering10.1109/ICSE.2019.00041(257-268)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.1109/ICSE.2019.00041
Zhao YMussbacher GAtlee JBultan T(2019)Mobile-app analysis and instrumentation techniques reimagined with DECREEProceedings of the 41st International Conference on Software Engineering: Companion Proceedings10.1109/ICSE-Companion.2019.00086(218-221)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.1109/ICSE-Companion.2019.00086
Wu TDeng XYan JZhang J(2019)Analyses for specific defects in android applicationsFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-018-7008-113:6(1210-1227)Online publication date: 1-Dec-2019
https://dl.acm.org/doi/10.1007/s11704-018-7008-1
Cao YWu GChen WWei J(2018)CrawlDroidProceedings of the 10th Asia-Pacific Symposium on Internetware10.1145/3275219.3275238(1-6)Online publication date: 16-Sep-2018
https://dl.acm.org/doi/10.1145/3275219.3275238
Liu JWu DXue JHuchard MKästner CFraser G(2018)TDroid: exposing app switching attacks in Android with control flow specializationProceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering10.1145/3238147.3238188(236-247)Online publication date: 3-Sep-2018
https://dl.acm.org/doi/10.1145/3238147.3238188
Zhang HWu HRountev ALeavens GGarcia APăsăreanu C(2018)Detection of energy inefficiencies in Android wear watch facesProceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3236024.3236073(691-702)Online publication date: 26-Oct-2018
https://dl.acm.org/doi/10.1145/3236024.3236073
Natarajan SCsallner CJulien CLewis GSegall I(2018)P2AProceedings of the 5th International Conference on Mobile Software Engineering and Systems10.1145/3197231.3197249(224-235)Online publication date: 27-May-2018
https://dl.acm.org/doi/10.1145/3197231.3197249
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents