Optimizing Java Bytecode Using the Soot Framework: Is It Feasible?
CC '00 Proceedings of the 9th International Conference on Compiler Construction
Refinement-based context-sensitive points-to analysis for Java
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Language-based security on Android
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Dimensions of precision in reference analysis of object-oriented programming languages
CC'03 Proceedings of the 12th international conference on Compiler construction
Scaling Java points-to analysis using SPARK
CC'03 Proceedings of the 12th international conference on Compiler construction
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Pick your contexts well: understanding object-sensitivity
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Analyzing inter-application communication in Android
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
Where is the energy spent inside my app?: fine grained energy accounting on smartphones with Eprof
Proceedings of the 7th ACM european conference on Computer Systems
Dexpler: converting Android Dalvik bytecode to Jimple for static analysis with Soot
Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program analysis
Proceedings of the 10th international conference on Mobile systems, applications, and services
Finding errors in multithreaded GUI applications
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Amplifying tests to validate exception handling code
Proceedings of the 34th International Conference on Software Engineering
Static analysis of Android programs
Information and Software Technology
ProfileDroid: multi-layer profiling of android applications
Proceedings of the 18th annual international conference on Mobile computing and networking
Using GUI ripping for automated testing of Android applications
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Retargeting Android applications to Java bytecode
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
A grey-box approach for automated GUI-model generation of mobile applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
Automated testing with targeted event sequence generation
Proceedings of the 2013 International Symposium on Software Testing and Analysis
Targeted and depth-first exploration for systematic testing of android apps
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
SEC'13 Proceedings of the 22nd USENIX conference on Security
| Hi-index | 0.00 |
The popularity of Android software has grown dramatically in the last few years. It is essential for researchers in programming languages and compilers to contribute new techniques in this increasingly important area. Such techniques require a foundation of program analyses for Android. The target of our work is static object reference analysis, which models the flow of object references. Existing reference analyses cannot be applied directly to Android because the software is component-based and event-driven. An Android application is driven by a graphical user interface (GUI), with GUI objects responding to user actions. These objects and the event handlers associated with them ultimately determine the possible flow of control and data. We propose the first static analysis to model GUI-related Android objects, their flow through the application, and their interactions with each other via the abstractions defined by the Android platform. A formal semantics for the relevant Android constructs is developed to provide a solid foundation for this and other analyses. Next, we propose a constraint-based reference analysis based on the semantics. The analysis employs a constraint graph to model the flow of GUI objects, the hierarchical structure of these objects, and the effects of relevant Android operations. Experimental evaluation on real-world Android applications strongly suggests that the analysis achieves high precision with low cost. The analysis enables static modeling of control/data flow that is foundational for compiler analyses, instrumentation for event/interaction profiling, static error checking, security analysis, test generation, and automated debugging. It provides a key component to be used by compile-time analysis researchers in the growing area of Android software.