Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Don't Trust Me, Test Me: 100% Code Coverage for a 3rd-party Android App
PILGUN, Aleksandr
2020In PILGUN, Aleksandr (Ed.) 2020 27th Asia-Pacific Software Engineering Conference (APSEC)
Peer reviewed
 

Files


Full Text
APSEC20_preprint.pdf
Author preprint (322.52 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Android; Debloating; Software Testing; Shrinking; Code Coverage; Instrumentation
Abstract :
[en] The incompleteness of 3rd-party app testing is an accepted fact in Software Engineering. This issue makes it impossible to verify the app functionality and to confirm its safety to the end-user. To solve this problem, enterprises developed strict policies. A company, willing to use modern apps, may perform an expensive security analysis, rely on trust or forbid the app. These strategies may lead companies to high direct and indirect spending with no guarantee of safety. In this work, we present a novel approach, called Dynamic Binary Shrinking, that allows a user to review app functionality and leave only tested code. The shrunk app produces 100% instruction coverage on observed behaviors and in this way guarantees the absence of unexplored, and therefore, potentially malicious code. On our running examples, we demonstrate that apps use less than 20% of the codebase. We developed an approach and the ACVCut tool to shrink Android apps towards the executed code. Repository — http://github.com/pilgun/acvcut.
Disciplines :
Computer science
Author, co-author :
PILGUN, Aleksandr ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Mauw
External co-authors :
no
Language :
English
Title :
Don't Trust Me, Test Me: 100% Code Coverage for a 3rd-party Android App
Publication date :
2020
Event name :
2020 27th Asia-Pacific Software Engineering Conference (APSEC)
Event place :
Singapore, Singapore
Event date :
01-12-2020 to 04-12-2020
Audience :
International
Main work title :
2020 27th Asia-Pacific Software Engineering Conference (APSEC)
Author, co-author :
Pages :
375-384
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR11289380 - Systematically Exploring Semantic App Models For Android, 2016 (15/11/2016-14/11/2020) - Aleksandr Pilgun
Name of the research project :
FNR11289380 > Aleksandr Pilgun > > Systematically Exploring Semantic App Models for Android > 15/11/2016 > 14/11/2020 > 2016
Available on ORBilu :
since 18 October 2020

Statistics


Number of views
235 (26 by Unilu)
Number of downloads
320 (6 by Unilu)

Scopus citations®
 
3
Scopus citations®
without self-citations
3
OpenAlex citations
 
3

Bibliography


Similar publications



Contact ORBilu