Boosting static analysis of Android apps through code instrumentation

Li Li

Research output: Chapter in Book/Report/Conference proceedingConference PaperOther

9 Citations (Scopus)

Abstract

Static analysis has been applied to dissect Android apps for many years. The main advantage of using static analysis is its efficiency and entire code coverage characteristics. However, the community has not yet produced complete tools to perform in-depth static analysis, putting users at risk to malicious apps. Because of the diverse challenges caused by Android apps, it is hard for a single tool to efficiently address all of them. Thus, in this work, we propose to boost static analysis of Android apps through code instrumentation, in which the knotty code can be reduced or simplified into an equivalent but analyzable code. Consequently, existing static analyzers, without any modification, can be leveraged to perform extensive analysis, although originally they cannot. Previously, we have successfully applied instrumentation for two challenges of static analysis of Android apps: Inter-Component Communication (ICC) and Reflection. However, these two case studies are implemented separately and the implementation is not reusable, letting some functionality, that could be reused from one to another, be reinvented and thus lots of resources are wasted. To this end, in this work, we aim at providing a generic and non-invasive approach for existing static analyzers, enabling them to perform more broad analysis.

Original languageEnglish
Title of host publicationProceedings - 2016 IEEE/ACM 38th IEEE International Conference on Software Engineering Companion, ICSE 2016
EditorsWillem Visser, Laurie Williams
Place of PublicationNew York NY USA
PublisherAssociation for Computing Machinery (ACM)
Pages819-822
Number of pages4
ISBN (Electronic)9781450341615, 9781450342056
DOIs
Publication statusPublished - 2016
Externally publishedYes
EventDoctoral Symposium of International Conference on Software Engineering 2016 - Austin, United States of America
Duration: 18 May 201618 May 2016

Conference

ConferenceDoctoral Symposium of International Conference on Software Engineering 2016
Country/TerritoryUnited States of America
CityAustin
Period18/05/1618/05/16

Cite this