Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang...
-
Upload
harriet-byrd -
Category
Documents
-
view
218 -
download
0
Transcript of Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang...
![Page 1: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/1.jpg)
Dynodroid: An Input Generation System for
Android AppsFSE’13
Presented by Haocheng Huang
![Page 2: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/2.jpg)
Introduction
Static analyses are hindered by features commonly used by mobile apps such as code obfuscation, native libraries, and a complex SDK framework
Key challenge of dynamic analyses is obtaining program inputs that adequately exercise the program's functionality
![Page 3: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/3.jpg)
Contribution
Propose an effective system for generating inputs to mobile apps
Show how to observe, select, and execute system events for Android in a mobile device emulator without modifying the app
Present extensive empirical evaluation of the system
![Page 4: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/4.jpg)
System Architecture
observe-select-execute cycle
![Page 5: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/5.jpg)
Executor
Combine the benefits of automated and manual input generation
![Page 6: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/6.jpg)
Observer
The goal of the observer is to efficiently compute as small a set of relevant events as possible without missing any
Observer computes relevant UI events and relevant system events
![Page 7: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/7.jpg)
ObserverUI Events
Supports two input mechanisms: touchscreen and navigation buttons
First, it deems clicking each navigation button as a relevant UI event
Second, it inspects the view hierarchy
![Page 8: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/8.jpg)
ObserverUI Events
![Page 9: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/9.jpg)
ObserverSystem Events
Broadcast Receiver Events
Choose 25 intents to be considered
The executor serializes the appropriate intent along with a Bundle object that has a key named “pdus” mapped to a byte array denoting an array of SmsMessage objects
![Page 10: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/10.jpg)
ObserverSystem Events
System Service Events
Can be divided into internally and externally
We considered externally
If the selector selects this event, then the executor triggers it by sending telnet command
![Page 11: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/11.jpg)
Selector
The selector selects an event for the executor to execute from the set of relevant events E computed by the observer
Implemented three different selection strategies in the selector
Frequency, UniformRandom, and BiasedRandom
The Frequency strategy selects an event from E that has been selected least frequently by it so far
The UniformRandom strategy selects an event from E uniformly at random(like monkey)
![Page 12: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/12.jpg)
Selector
The final and default selection strategy BiasedRandom
![Page 13: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/13.jpg)
Evaluation
Experiment environment
64-bit Linux machines with 128GB memory and dual-socket 16-core AMD Opteron 3.0GHz processors
Emulator configuration
![Page 14: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/14.jpg)
EvaluationApp Source Code Coverage
Evaluate 5 approaches on 50 apps
![Page 15: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/15.jpg)
EvaluationApp Source Code Coverage
Dynodroid & Human4-91%(51%)
Dynodroid can be used to automate to a significant degree the tedious testing done by humans
Dynodroid & Monkey4-81%(47%)
Dynodroid and Monkey get comparable coverage
![Page 16: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/16.jpg)
EvaluationApp Source Code Coverage
Monkey requires 20X more events than BiasedRandom on average
Of the three selection strategies in Dynodroid, BiasedRandom performs the best, with each of the other two strategies requiring 2X more events than it on average
![Page 17: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/17.jpg)
EvaluationBugs Found in Apps
Bugs found by Dynodroid in the 50 open-source apps from F-Droid and the 1,000 top free apps from Google Play
![Page 18: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/18.jpg)
Limitation
5X slower than Monkey due to heavy use of reflection
Use DUMPQ can make ViewServer run 20X-40X faster
Dynodroid currently supports only the Gingerbread version of Android
![Page 19: Dynodroid: An Input Generation System for Android Apps FSE’13 Presented by Haocheng Huang huanghc@emnets.org.](https://reader036.fdocuments.in/reader036/viewer/2022062407/56649e265503460f94b15401/html5/thumbnails/19.jpg)
Conclusion
Presented a practical system Dynodroid for generating relevant inputs to mobile apps on the dominant Android platform
Dynodroid can generate both UI inputs and system inputs, and it allows combining inputs from human and machine