CISPA
Browse

AndroLog: Android Instrumentation and Code Coverage Analysis

Download (1.23 MB)
conference contribution
posted on 2024-07-17, 11:26 authored by Jordan Samhi, Andreas ZellerAndreas Zeller
Dynamic analysis has emerged as a pivotal technique for testing Android apps, enabling the detection of bugs, malicious code, and vulnerabilities. A key metric in evaluating the efficacy of tools employed by both research and practitioner communities for this purpose is code coverage. Obtaining code coverage typically requires planting probes within apps to gather coverage data during runtime. Due to the general unavailability of source code to analysts, there is a necessity for instrumenting apps to insert these probes in black-box environments. However, the tools available for such instrumentation are limited in their reliability and require intrusive changes interfering with apps' functionalities. This paper introduces AndroLog a novel tool developed on top of the Soot framework, designed to provide fine-grained coverage information at multiple levels, including class, methods, statements, and Android components. In contrast to existing tools, AndroLog leaves the responsibility to test apps to analysts, and its motto is simplicity. As demonstrated in this paper, AndroLog can instrument up to 98% of recent Android apps compared to existing tools with 79% and 48% respectively for COSMO and ACVTool. AndroLog also stands out for its potential for future enhancements to increase granularity on demand. We make AndroLog available to the community and provide a video demonstration of AndroLog (see section 8).

History

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE)

Publisher

Association for Computing Machinery

Open Access Type

  • Unknown

BibTeX

@conference{Samhi:Zeller:2024, title = "AndroLog: Android Instrumentation and Code Coverage Analysis", author = "Samhi, Jordan" AND "Zeller, Andreas", year = 2024, month = 7, publisher = "Association for Computing Machinery", doi = "10.1145/3663529.3663806" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC