[en] We demonstrate the benefits of DroidRA, a tool for taming reflection in Android apps. DroidRA first statically extracts reflection-related object values from a given Android app. Then, it leverages the extracted values to boost the app in a way that reflective calls are no longer a challenge for existing static analyzers. This is achieved through a bytecode instrumentation approach, where reflective calls are supplemented with explicit traditional Java method calls which can be followed by state-of-the-art analyzers which do not handle reflection. Instrumented apps can thus be completely analyzed by existing static analyzers, which are no longer required to be modified to support reflection-aware analysis. The video demo of DroidRA can be found at https://youtu.be/-HW0V68aAWc
Centre de recherche :
SnT
Disciplines :
Sciences informatiques
Auteur, co-auteur :
LI, Li ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
KLEIN, Jacques ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
Co-auteurs externes :
yes
Langue du document :
Anglais
Titre :
Reflection-Aware Static Analysis of Android Apps
Date de publication/diffusion :
septembre 2016
Nom de la manifestation :
The 31st IEEE/ACM International Conference on Automated Software Engineering (ASE)
Date de la manifestation :
from 03-09-2016 to 07-09-2016
Manifestation à portée :
International
Titre de l'ouvrage principal :
The 31st IEEE/ACM International Conference on Automated Software (ASE)
