Reflection-aware static analysis of android apps

Li Li; Tegawendé F. Bissyandé; Damien Octeau; Jacques Klein

doi:10.1145/2970276.2970277

Reflection-aware static analysis of android apps

Li Li, Tegawendé F. Bissyandé, Damien Octeau, Jacques Klein

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

11 Citations (Scopus)

Abstract

We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.

Original language	English
Title of host publication	ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering
Publisher	Association for Computing Machinery (ACM)
Pages	756-761
Number of pages	6
ISBN (Electronic)	9781450338455
DOIs	https://doi.org/10.1145/2970276.2970277
Publication status	Published - 25 Aug 2016
Externally published	Yes
Event	Automated Software Engineering Conference 2016 - Singapore Management University (SMU), Singapore, Singapore Duration: 3 Sep 2016 → 7 Sep 2016 Conference number: 31st http://www.ase2016.org/

Conference

Conference	Automated Software Engineering Conference 2016
Abbreviated title	ASE 2016
Country	Singapore
City	Singapore
Period	3/09/16 → 7/09/16
Internet address	http://www.ase2016.org/

Keywords

Android
DroidRA
Reection
Static Analysis

Cite this

Li, L., Bissyandé, T. F., Octeau, D., & Klein, J. (2016). Reflection-aware static analysis of android apps. In ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering (pp. 756-761). Association for Computing Machinery (ACM). https://doi.org/10.1145/2970276.2970277

Li, Li ; Bissyandé, Tegawendé F. ; Octeau, Damien ; Klein, Jacques. / Reflection-aware static analysis of android apps. ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. Association for Computing Machinery (ACM), 2016. pp. 756-761

@inproceedings{29139caf247e4822bb24e20fd8707f83,

title = "Reflection-aware static analysis of android apps",

abstract = "We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.",

keywords = "Android, DroidRA, Reection, Static Analysis",

author = "Li Li and Bissyand{\'e}, {Tegawend{\'e} F.} and Damien Octeau and Jacques Klein",

year = "2016",

month = "8",

day = "25",

doi = "10.1145/2970276.2970277",

language = "English",

pages = "756--761",

booktitle = "ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering",

publisher = "Association for Computing Machinery (ACM)",

address = "United States of America",

}

Li, L, Bissyandé, TF, Octeau, D & Klein, J 2016, Reflection-aware static analysis of android apps. in ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. Association for Computing Machinery (ACM), pp. 756-761, Automated Software Engineering Conference 2016, Singapore, Singapore, 3/09/16. https://doi.org/10.1145/2970276.2970277

Reflection-aware static analysis of android apps. / Li, Li; Bissyandé, Tegawendé F.; Octeau, Damien; Klein, Jacques.

ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. Association for Computing Machinery (ACM), 2016. p. 756-761.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Reflection-aware static analysis of android apps

AU - Li, Li

AU - Bissyandé, Tegawendé F.

AU - Octeau, Damien

AU - Klein, Jacques

PY - 2016/8/25

Y1 - 2016/8/25

N2 - We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.

AB - We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.

KW - Android

KW - DroidRA

KW - Reection

KW - Static Analysis

UR - http://www.scopus.com/inward/record.url?scp=84989170152&partnerID=8YFLogxK

U2 - 10.1145/2970276.2970277

DO - 10.1145/2970276.2970277

M3 - Conference Paper

SP - 756

EP - 761

BT - ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering

PB - Association for Computing Machinery (ACM)

ER -

Li L, Bissyandé TF, Octeau D, Klein J. Reflection-aware static analysis of android apps. In ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. Association for Computing Machinery (ACM). 2016. p. 756-761 https://doi.org/10.1145/2970276.2970277

Access to Document

10.1145/2970276.2970277

Link to publication in Scopus