Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
119 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

AndroLog: Android Instrumentation and Code Coverage Analysis (2404.11223v1)

Published 17 Apr 2024 in cs.SE

Abstract: Dynamic analysis has emerged as a pivotal technique for testing Android apps, enabling the detection of bugs, malicious code, and vulnerabilities. A key metric in evaluating the efficacy of tools employed by both research and practitioner communities for this purpose is code coverage. Obtaining code coverage typically requires planting probes within apps to gather coverage data during runtime. Due to the general unavailability of source code to analysts, there is a necessity for instrumenting apps to insert these probes in black-box environments. However, the tools available for such instrumentation are limited in their reliability and require intrusive changes interfering with apps' functionalities. This paper introduces AndroLog a novel tool developed on top of the Soot framework, designed to provide fine-grained coverage information at multiple levels, including class, methods, statements, and Android components. In contrast to existing tools, AndroLog leaves the responsibility to test apps to analysts, and its motto is simplicity. As demonstrated in this paper, AndroLog can instrument up to 98% of recent Android apps compared to existing tools with 79% and 48% respectively for COSMO and ACVTool. AndroLog also stands out for its potential for future enhancements to increase granularity on demand. We make AndroLog available to the community and provide a video demonstration of AndroLog (see section 8).

Definition Search Book Streamline Icon: https://streamlinehq.com
References (29)
  1. GroddDroid: a gorilla for triggering malicious behaviors. In 2015 10th International Conference on Malicious and Unwanted Software (MALWARE). 119–127. https://doi.org/10.1109/MALWARE.2015.7413692
  2. AndroZoo: Collecting Millions of Android Apps for the Research Community. In Proceedings of the 13th International Conference on Mining Software Repositories (Austin, Texas) (MSR ’16). ACM, New York, NY, USA, 468–471. https://doi.org/10.1145/2901739.2903508
  3. DroidMate-2: a platform for Android test generation. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering (Montpellier, France) (ASE ’18). Association for Computing Machinery, New York, NY, USA, 916–919. https://doi.org/10.1145/3238147.3240479
  4. DroidHook: a novel API-hook based Android malware dynamic analysis sandbox. Automated Software Engineering 30, 1 (24 Feb 2023), 10. https://doi.org/10.1007/s10515-023-00378-w
  5. DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection Based on Image Representation of Bytecode. In Deployable Machine Learning for Security Defense, Gang Wang, Arridhana Ciptadi, and Ali Ahmadzadeh (Eds.). Springer International Publishing, Cham, 81–106.
  6. Emma. 2024. Emma: a free Java code coverage tool.http://emma.sourceforge.net. Accessed January 2024.
  7. ANASTASIA: ANdroid mAlware detection using STatic analySIs of Applications. In 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS). 1–5. https://doi.org/10.1109/NTMS.2016.7792435
  8. Google. 2023. Google Play Protectionhttps://developers.google.com/android/play-protect/cloud-based-protections. Accessed November 2023.
  9. PUMA: Programmable UI-Automation for Large-Scale Dynamic Analysis of Mobile Apps. In Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services (Bretton Woods, New Hampshire, USA) (MobiSys ’14). Association for Computing Machinery, New York, NY, USA, 204–217. https://doi.org/10.1145/2594368.2594390
  10. Code Coverage Measurement for Android Dynamic Analysis Tools. In 2015 IEEE International Conference on Mobile Services. 209–216. https://doi.org/10.1109/MobServ.2015.38
  11. JaCoCO. 2024. JaCoCo repositoryhttps://www.eclemma.org/jacoco/. Accessed January 2024.
  12. Detecting and Classifying Android Malware Using Static Analysis along with Creator Information. International Journal of Distributed Sensor Networks 11, 6 (2015), 479174. https://doi.org/10.1155/2015/479174 arXiv:https://doi.org/10.1155/2015/479174
  13. InsDal: A safe and extensible instrumentation tool on Dalvik byte-code for Android applications. In 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER). 502–506. https://doi.org/10.1109/SANER.2017.7884662
  14. Dynodroid: An Input Generation System for Android Apps. In Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (Saint Petersburg, Russia) (ESEC/FSE 2013). Association for Computing Machinery, New York, NY, USA, 224–234. https://doi.org/10.1145/2491411.2491450
  15. N. Peiravian and X. Zhu. 2013. Machine Learning for Android Malware Detection Using Permission and API Calls. In 2013 IEEE 25th International Conference on Tools with Artificial Intelligence. 300–305. https://doi.org/10.1109/ICTAI.2013.53
  16. Rage against the Virtual Machine: Hindering Dynamic Analysis of Android Malware. In Proceedings of the Seventh European Workshop on System Security (Amsterdam, The Netherlands) (EuroSec ’14). Association for Computing Machinery, New York, NY, USA, Article 5, 6 pages. https://doi.org/10.1145/2592791.2592796
  17. Fine-Grained Code Coverage Measurement in Automated Black-Box Android Testing. ACM Trans. Softw. Eng. Methodol. 29, 4, Article 23 (jul 2020), 35 pages. https://doi.org/10.1145/3395042
  18. COSMO: Code Coverage Made Easier for Android. In 2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST). 417–423. https://doi.org/10.1109/ICST49551.2021.00053
  19. J. Sahs and L. Khan. 2012. A Machine Learning Approach to Android Malware Detection. In 2012 European Intelligence and Security Informatics Conference. 141–147. https://doi.org/10.1109/EISIC.2012.34
  20. JuCify: A Step Towards Android Code Unification for Enhanced Static Analysis. In 2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE). IEEE Computer Society, Los Alamitos, CA, USA, 1232–1244. https://doi.org/10.1145/3510003.3512766
  21. Demystifying Hidden Sensitive Operations in Android apps. In ACM Transactions on Software Engineering and Methodology.
  22. Mustafa M Tikir and Jeffrey K Hollingsworth. 2002. Efficient instrumentation for code coverage testing. ACM SIGSOFT Software Engineering Notes 27, 4 (2002), 86–96.
  23. Soot - a Java Bytecode Optimization Framework. In Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research (Mississauga, Ontario, Canada) (CASCON ’99). IBM Press, 13.
  24. Raja Vallee-Rai and Laurie J Hendren. 1998. Jimple: Simplifying Java bytecode for analyses and transformations. no (1998).
  25. Dynamic analysis of android malware. Internet & Web Technology Master thesis, VU University Amsterdam (2013).
  26. Testing Apps With Real-World Inputs. In Proceedings of the IEEE/ACM 1st International Conference on Automation of Software Test (Seoul, Republic of Korea) (AST ’20). Association for Computing Machinery, New York, NY, USA, 1–10. https://doi.org/10.1145/3387903.3389310
  27. A grey-box approach for automated GUI-model generation of mobile applications. In International Conference on Fundamental Approaches to Software Engineering. Springer, 250–265.
  28. Chao-Chun Yeh and Shih-Kun Huang. 2015. CovDroid: A Black-Box Testing Coverage System for Android. In 2015 IEEE 39th Annual Computer Software and Applications Conference, Vol. 3. 447–452. https://doi.org/10.1109/COMPSAC.2015.125
  29. Towards Black Box Testing of Android Apps. In 2015 10th International Conference on Availability, Reliability and Security. 501–510. https://doi.org/10.1109/ARES.2015.70
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (2)
  1. Jordan Samhi (17 papers)
  2. Andreas Zeller (29 papers)
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now