Empirical Comparison of Intermediate Representations for Android Applications.
作者: Yauhen Arnatovich , Lwin Khin Shar , Kaiping Liu , Hee Beng Kuan Tan , Sun Ding
DOI:
关键词: Bytecode 、 Computer science 、 Android (operating system) 、 Mobile security 、 Programming language 、 Software security assurance 、 Empirical research 、 Empirical comparison 、 Mobile computing 、 Java source code
摘要: In Android-based mobile computing, since the original Java source code is irretrievable from Dalvik bytecode, intermediate representations (IRs) were developed to represent bytecode in readable form. To date, SMALI, JASMIN, and JIMPLE are all used as Android application IRs by developers, testers researchers. Here, we compare these three via randomized event-based testing (Monkey testing) determine that which most accurately preserves program behaviors terms of number successfully injected events. As such critical security, choice IR crucial during software security testing. our experiment, an comparative scheme, conducted a comprehensive empirical study. Statistical comparison IRs’ shows SMALI behaves closest applications hence suitable for accurate alternative (which usually not publicly available). Keywords-intermediate representation; behaviors; testing; computing; SMALI; JASMIN;
ipage.com 参考文章(19)
W. J. Conover, Practical Nonparametric Statistics ,(1971)
Raja Vallee-Rai, Patrick Lam, Vijay Sundaresan, Laurie Hendren, Phong Co, Etienne M. Gagnon, Soot---a java optimization framework conference of the centre for advanced studies on collaborative research. ,(1999)
Raja Vallee-Rai, Laurie Hendren, Jimple: Simplifying Java Bytecode for Analyses and Transformations ,(1998)
Raja Vallée-Rai, Etienne Gagnon, Laurie Hendren, Patrick Lam, Patrice Pominville, Vijay Sundaresan, Optimizing Java Bytecode Using the Soot Framework: Is It Feasible? compiler construction. pp. 18- 34 ,(2000) , 10.1007/3-540-46423-9_2
Johannes Hoffmann, Martin Ussath, Thorsten Holz, Michael Spreitzenbarth, Slicing droids: program slicing for smali code acm symposium on applied computing. pp. 1844- 1851 ,(2013) , 10.1145/2480362.2480706
Ryan Johnson, Zhaohui Wang, Corey Gagnon, Angelos Stavrou, Analysis of Android Applications' Permissions 2012 IEEE Sixth International Conference on Software Security and Reliability Companion. pp. 45- 46 ,(2012) , 10.1109/SERE-C.2012.44
Leonid Batyuk, Markus Herpich, Seyit Ahmet Camtepe, Karsten Raddatz, Aubrey-Derrick Schmidt, Sahin Albayrak, Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications international conference on malicious and unwanted software. pp. 66- 72 ,(2011) , 10.1109/MALWARE.2011.6112328
David J. Sheskin, Handbook of Parametric and Nonparametric Statistical Procedures ,(2007)
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, Wei Zou, SmartDroid Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '12. pp. 93- 104 ,(2012) , 10.1145/2381934.2381950
Patrick Lam, Eric Bodden, Ondrej Lhoták, Laurie Hendren, Soot: a Java bytecode optimization framework conference of the centre for advanced studies on collaborative research. pp. 214- 224 ,(2010) , 10.1145/1925805.1925818