Reflection-aware static analysis of Android apps

Li Li; Tegawendé F. Bissyandé; Damien Octeau; Jacques Klein

doi:10.1145/2970276.2970277

Reflection-aware static analysis of Android apps

Li Li, Tegawendé F. Bissyandé, Damien Octeau, Jacques Klein

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

22 Citations (Scopus)

Abstract

We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.

Original language	English
Title of host publication	Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering
Editors	David Lo, Sven Apel, Sarfraz Khurshid
Place of Publication	New York NY USA
Publisher	Association for Computing Machinery (ACM)
Pages	756-761
Number of pages	6
ISBN (Electronic)	9781450338455
DOIs	https://doi.org/10.1145/2970276.2970277
Publication status	Published - 2016
Externally published	Yes
Event	Automated Software Engineering Conference 2016 - Singapore Management University (SMU), Singapore, Singapore Duration: 3 Sep 2016 → 7 Sep 2016 Conference number: 31st http://www.ase2016.org/ (Conference website) https://dl.acm.org/doi/proceedings/10.1145/2970276 (Proceedings)

Conference

Conference	Automated Software Engineering Conference 2016
Abbreviated title	ASE 2016
Country	Singapore
City	Singapore
Period	3/09/16 → 7/09/16
Internet address	http://www.ase2016.org/ (Conference website) https://dl.acm.org/doi/proceedings/10.1145/2970276 (Proceedings)

Keywords

Android
DroidRA
Reection
Static Analysis

Access to Document

10.1145/2970276.2970277

Link to publication in Scopus

Cite this

@inproceedings{29139caf247e4822bb24e20fd8707f83,

title = "Reflection-aware static analysis of Android apps",

abstract = "We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.",

keywords = "Android, DroidRA, Reection, Static Analysis",

author = "Li Li and Bissyand{\'e}, {Tegawend{\'e} F.} and Damien Octeau and Jacques Klein",

year = "2016",

doi = "10.1145/2970276.2970277",

language = "English",

pages = "756--761",

editor = "Lo, {David } and Apel, {Sven } and Khurshid, {Sarfraz }",

booktitle = "Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering",

publisher = "Association for Computing Machinery (ACM)",

address = "United States of America",

note = "Automated Software Engineering Conference 2016, ASE 2016 ; Conference date: 03-09-2016 Through 07-09-2016",

url = "http://www.ase2016.org/, https://dl.acm.org/doi/proceedings/10.1145/2970276",

}

Li, L, Bissyandé, TF, Octeau, D & Klein, J 2016, Reflection-aware static analysis of Android apps. in D Lo, S Apel & S Khurshid (eds), Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. Association for Computing Machinery (ACM), New York NY USA , pp. 756-761, Automated Software Engineering Conference 2016, Singapore, Singapore, 3/09/16. https://doi.org/10.1145/2970276.2970277

Reflection-aware static analysis of Android apps. / Li, Li; Bissyandé, Tegawendé F.; Octeau, Damien; Klein, Jacques.

Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. ed. / David Lo; Sven Apel; Sarfraz Khurshid. New York NY USA : Association for Computing Machinery (ACM), 2016. p. 756-761.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Reflection-aware static analysis of Android apps

AU - Li, Li

AU - Bissyandé, Tegawendé F.

AU - Octeau, Damien

AU - Klein, Jacques

N1 - Conference code: 31st

PY - 2016

Y1 - 2016

N2 - We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.

AB - We demonstrate the benefits of DroidRA, a tool for taming reection in Android apps. DroidRA first statically extracts reection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc.

KW - Android

KW - DroidRA

KW - Reection

KW - Static Analysis

UR - http://www.scopus.com/inward/record.url?scp=84989170152&partnerID=8YFLogxK

U2 - 10.1145/2970276.2970277

DO - 10.1145/2970276.2970277

M3 - Conference Paper

AN - SCOPUS:84989170152

SP - 756

EP - 761

BT - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering

A2 - Lo, David

A2 - Apel, Sven

A2 - Khurshid, Sarfraz

PB - Association for Computing Machinery (ACM)

CY - New York NY USA

T2 - Automated Software Engineering Conference 2016

Y2 - 3 September 2016 through 7 September 2016

ER -