Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Tue 12 Nov 2019 14:00 - 14:20 at Hillcrest - Mobile 2 Chair(s): Myra Cohen

This paper proposes a solution for automated goal-driven exploration of Android applications – a scenario in which a user, e.g., security auditor, needs to dynamically trigger the functionality of interest in an application, e.g., to check whether user-sensitive info is only sent to recognized third-party servers. As the auditor might need to check hundreds or even thousands of apps, manually exploring each app to trigger the desired behavior is too time-consuming to be feasible. Existing automated application exploration and testing techniques are of limited help in this scenario as well, as their goal is mostly to identify faults by systematically exploring different app paths, rather than swiftly navigating to the target functionality.

The goal-driven application exploration approach proposed in this paper, called GoalExplorer, automatically generates an executable test script that directly triggers the functionality of interest. The core idea behind GoalExplorer is to first statically model the application UI screens and transitions between these screens, producing a Screen Transition Graph (STG). Then, GoalExplorer uses the STG to guide the dynamic exploration of the application to the particular target of interest: an Android activity, API call, or a program statement. The results of our empirical evaluation on 93 benchmark applications and 95 the most popular GooglePlay applications show that the STG is substantially more accurate than other Android app UI models and that \tool is able to trigger a target functionality much faster than existing application exploration and testing techniques.

Tue 12 Nov

13:40 - 15:20: Papers - Mobile 2 at Hillcrest
Chair(s): Myra CohenIowa State University
ase-2019-papers13:40 - 14:00
A Qualitative Analysis of Android Taint-Analysis Results
Linghui LuoPaderborn University, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM, Johannes SpäthFraunhofer IEM
ase-2019-papers14:00 - 14:20
Goal-Driven Exploration for Android Applications
Duling LaiUniversity of British Columbia, Julia RubinUniversity of British Columbia
ase-2019-papers14:20 - 14:40
RANDR: Record and Replay for Android Applications via Targeted Runtime Instrumentation
Onur SahinBoston University, Assel AliyevaBoston University, Hariharan MathavanBoston University, Ayse CoskunBoston University, Manuel EgeleBoston University, USA
ase-2019-Journal-First-Presentations14:40 - 15:00
Specifying Callback Control Flow of Mobile Apps Using Finite Automata
Danilo Dominguez PerezIowa State University, Wei LeIowa State University
Link to publication
ase-2019-papers15:00 - 15:20
MalScan: Fast Market-Wide Mobile Malware Scanning by Social-Network Centrality Analysis
Yueming WuHuazhong University of Science and Technology, Xiaodi LiUniversity of Texas at Dallas, Deqing ZouHuazhong University of Science and Technology, Wei YangUniversity of Texas at Dallas, Xin ZhangHuazhong University of Science and Technology, Hai JinHuazhong University of Science and Technology