Driving Android apps to trigger target API invocations based on activity and GUI filtering

Yue, Hongzhou; Zhang, Yuqing; Wang, Wenjie; Liu, Qixu

doi:10.1007/s11432-015-0825-3

Driving Android apps to trigger target API invocations based on activity and GUI filtering

基于组件和控件过滤的 Andrid 应用目标 API 调用定向触发方法

Highlight
Published: 09 November 2016

Volume 60, article number 078102, (2017)
Cite this article

Science China Information Sciences Aims and scope Submit manuscript

Hongzhou Yue¹,
Yuqing Zhang^1,2,
Wenjie Wang^2,3 &
…
Qixu Liu^2,3

152 Accesses
Explore all metrics

摘要

创新点

对于 Android 应用的动态测试来说, 常常需要借助于 GUI 遍历工具进行 GUI 事件的自动化输入, 模拟用户的行为。然而现有的大多数 GUI 遍历工具仅仅追求高代码覆盖率, 而不追求以最快捷有效的方式触发 Android 应用的特定行为, 那么如果测试者只关心 Android 应用的特定行为是否被触发的话, 这势必导致时间和资源的浪费。因此, 本文以定向触发 Android 应用的特定行为为目标, 提出了基于组件过滤和控件过滤的 Android 应用定向行为触发方法。以目标 API 调用近似代表目标程序行为, 通过静态分析的方法找到抵达目标 API 调用所需要遍历的有效的 Android 组件和控件, 并在动态遍历的过程中, 只对有效的组件和控件进行遍历, 而不对无效的组件和控件进行遍历, 这样便极大的节省了 GUI 遍历的时间, 更加高效的触发 Android 应用的特定行为。

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

Amalfitano D, Fasolino A R, Tramontana P, et al. Using GUI ripping for automated testing of Android applications. In: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering, Essen, 2012. 258–261
Google Scholar
Machiry A, Tahiliani R, Naik M. Dynodroid: an input generation system for android apps. In: Proceedings of the 9th Joint Meeting on Foundations of Software Engineering, Saint Petersburg, 2013. 224–234
Google Scholar
Bhoraskar R, Han S, Jeon J, et al. Brahmastra: Driving apps to test the security of third-party components. In: Proceedings of the 23rd USENIX Conference on Security, San Diego, 2014. 1021–1036
Google Scholar
Zheng C, Zhu S, Dai S, et al. Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications. In: Proceedings of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Raleigh, 2012. 93–104
Chapter Google Scholar
Wong M Y, Lie D. IntelliDroid: a targeted input generator for the dynamic analysis of Android malware. In: Proceedings of the 23rd Network and Distributed System Security Symposium, San Diego, 2016
Google Scholar
Azim T, Neamtiu I. Targeted and depth-first exploration for systematic testing of android apps. ACM SIGPLAN Notices, 2013, 48: 641–660
Article Google Scholar

Download references

Author information

Authors and Affiliations

State Key Laboratory of Integrated Services Networks, Xidian University, Xi’an, 710071, China
Hongzhou Yue & Yuqing Zhang
National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing, 101408, China
Yuqing Zhang, Wenjie Wang & Qixu Liu
State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China
Wenjie Wang & Qixu Liu

Authors

Hongzhou Yue
View author publications
You can also search for this author in PubMed Google Scholar
Yuqing Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Wenjie Wang
View author publications
You can also search for this author in PubMed Google Scholar
Qixu Liu
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yuqing Zhang.

Additional information

The authors declare that they have no conflict of interest.

Electronic supplementary material