String analysis for Java and Android applications
作者: Ding Li , Yingjun Lyu , Mian Wan , William G. J. Halfond
关键词: Execution time 、 String operations 、 Mobile apps 、 Computer science 、 Java 、 String analysis 、 Android (operating system) 、 Programming language
摘要: String analysis is critical for many verification techniques. However, accurately modeling string variables a challeng- ing problem. Current approaches are generally customized certain problem domains or have limitations in handling loops, providing context-sensitive inter-procedural analysis, and performing efficient on complicated apps. To address these limitations, we propose general framework, Violist, that allows researchers to more flexibly choose how they will each of challenges by separating the representation interpreta- tion operations. In our evaluation, show approach can achieve high accuracy both Java Android apps reasonable amount time. We also com- pared with popular widely used analyzer found has higher precision shorter execution time while maintaining same level recall.
acm.org
usc.edu
sci-hub.se 参考文章(38)
Leonardo de Moura, Nikolaj Bjørner, Z3: an efficient SMT solver tools and algorithms for construction and analysis of systems. pp. 337- 340 ,(2008) , 10.1007/978-3-540-78800-3_24
Tae-Hyoung Choi, Oukseh Lee, Hyunha Kim, Kyung-Goo Doh, A Practical String Analyzer by the Widening Approach Programming Languages and Systems. pp. 374- 388 ,(2006) , 10.1007/11924661_23
Nurit Dor, Michael Rodeh, Mooly Sagiv, Cleanness Checking of String Manipulations in C Programs via Integer Analysis static analysis symposium. pp. 194- 212 ,(2001) , 10.1007/3-540-47764-0_12
Fang Yu, Tevfik Bultan, Marco Cova, Oscar H. Ibarra, Symbolic String Verification: An Automata-Based Approach Model Checking Software. pp. 306- 324 ,(2008) , 10.1007/978-3-540-85114-1_21
Eric A. Brewer, Alexander Aiken, David A. Wagner, Jeffrey S. Foster, A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. network and distributed system security symposium. ,(2000)
Xiang Fu, Chung-Chih Li, A String Constraint Solver for Detecting Web Application Vulnerability. software engineering and knowledge engineering. pp. 535- 542 ,(2010)
Monica S. Lam, Ravi Sethi, Jeffrey D. Ullman, Alfred V. Aho, Compilers: Principles, Techniques, and Tools (2nd Edition) Addison-Wesley Longman Publishing Co., Inc.. ,(2006)
Aske Simon Christensen, Michael I. Schwartzbach, Anders Møller, Precise analysis of string expressions static analysis symposium. pp. 1- 18 ,(2003) , 10.5555/1760267.1760269
Joshua Garcia, Daniel Popescu, Gholamreza Safi, William G. J. Halfond, Nenad Medvidovic, Identifying message flow in distributed event-based systems foundations of software engineering. pp. 367- 377 ,(2013) , 10.1145/2491411.2491462
Ding Li, Angelica Huyen Tran, William G. J. Halfond, Making web applications more energy efficient for OLED smartphones international conference on software engineering. pp. 527- 538 ,(2014) , 10.1145/2568225.2568321