Abstract
Systematic exploration of Android apps is an enabler for a variety of app analysis and testing tasks. Performing the exploration while apps run on actual phones is essential for exploring the full range of app capabilities. However, exploring real-world apps on real phones is challenging due to non-determinism, non-standard control flow, scalability and overhead constraints. Relying on end-users to conduct the exploration might not be very effective: we performed a 7-use study on popular Android apps, and found that the combined 7-use coverage was 30.08% of the app screens and 6.46% of the app methods. Prior approaches for automated exploration of Android apps have run apps in an emulator or focused on small apps whose source code was available. To address these problems, we present A3E, an approach and tool that allows substantial Android apps to be explored systematically while running on actual phones, yet without requiring access to the app's source code. The key insight of our approach is to use a static, taint-style, dataflow analysis on the app bytecode in a novel way, to construct a high-level control flow graph that captures legal transitions among activities (app screens). We then use this graph to develop an exploration strategy named Targeted Exploration that permits fast, direct exploration of activities, including activities that would be difficult to reach during normal use. We also developed a strategy named Depth-first Exploration that mimics user actions for exploring activities and their constituents in a slower, but more systematic way. To measure the effectiveness of our techniques, we use two metrics: activity coverage (number of screens explored) and method coverage. Experiments with using our approach on 25 popular Android apps including BBC News, Gas Buddy, Amazon Mobile, YouTube, Shazam Encore, and CNN, show that our exploration techniques achieve 59.39--64.11% activity coverage and 29.53--36.46% method coverage.
- Gartner. Inc. Gartner Says Worldwide PC Shipment Growth Was Flat in Second Quarter of 2012. July, 2012. URL http://www.gartner.com/it/page.jsp?id=2079015.Google Scholar
- Gartner. Inc. Gartner Highlights Key Predictions for IT Organizations and Users in 2010 and Beyond. January, 2010. URL http://www.gartner.com/it/page.jsp?id=1278413.Google Scholar
- IDC. Android and iOS Surge to New Smartphone OS Record in Second Quarter, According to IDC. August, 2012. URL http://www.idc.com/getdoc.jsp?containerId=prUS23638712.Google Scholar
- CNET. Android reclaims 61 percent of all U.S. smartphone sales. May, 2012. URL http://news.cnet.com/8301-1023_3-57429192-93/android-reclaims-61-percent-of-all-u.s-smartphone-sales/.Google Scholar
- Casper S Jensen, M. R. Prasad, and A. Møller. Automated testing with targeted event sequence generation. In Proceedings of the 2013 International Symposium on Software Testing and Analysis, pages 67--77. Google Scholar
Digital Library
- C. Hu and I. Neamtiu. Automating GUI testing for Android applications. In AST '11, pages 77--83. Google Scholar
Digital Library
- L. Gomez, I. Neamtiu, T.Azim, and T. Millstein. RERAN: Timing- and Touch-Sensitive Record and Replay for Android. In ICSE '13. Google Scholar
Digital Library
- Jessica Guyn. Facebook users give iPhone app thumbs down. In Los Angeles Times. July, 2011. URL http://latimesblogs.latimes.com/technology/2011/07/facebook-users-give-iphone-app-thumbs-down.html, July 21.Google Scholar
- Domenico Amalfitano, Anna Rita Fasolino and Salvatore De. Using GUI Ripping for Automated Testing of Android Applications. In ASE'2012, pages 258--261. Google Scholar
Digital Library
- Vaibhav Rastogi, Yan Chen and William Enck. AppsPlay- ground: automatic security analysis of smartphone applications. In CODASPY'2013, pages 209--220. Google Scholar
Digital Library
- Wei Yang, Mukul Prasad and Tao Xie. A Grey-box Approach for Automated GUI-Model Generation of Mobile Applications. In FASE'13, pages 250--265. Google Scholar
Digital Library
- Xun Yuan and Atif M. Memon. Generating Event Sequence- Based Test Cases Using GUI Run-Time State Feedback. In IEEE Transactions on Software Engineering, 2010, pages 81--95. Google Scholar
Digital Library
- Xun Yuan and Atif M. Memon. Using GUI Run-Time State as Feedback to Generate Test Cases. In ICSE '07, pages 396--405. Google Scholar
Digital Library
- Atif M. Memon. An event-flow model of GUI-based applications for testing. In Software Testing, Verification and Reliability, 2007, pages 137--157. Google Scholar
Digital Library
- Android Developers. UI/Application Exerciser Monkey. August, 2012. URL http://developer.android.com/tools/help/monkey.html.Google Scholar
- Atif Memon. GUITAR. August, 2012. URL guitar.sourceforge.net.Google Scholar
- Atif Memon. Android GUITAR. August, 2012. URL http://sourceforge.net/apps/mediawiki/guitar/index.php?title=Android_GUITAR.Google Scholar
- Google Code. Robotium. August, 2012. URL http://code.google.com/p/robotium/.Google Scholar
- SONY. APK Analyzer. January, 2013. URL http://developer.sonymobile.com/knowledge-base/tool-guides/analyse-your-apks-with-apkanalyser/.Google Scholar
- Jinseong Jeon and Jeffrey S. Foster. Troyd. January, 2013. URL https://github.com/plum-umd/troyd.Google Scholar
- Google Code. Androguard. January, 2013. URL http://code.google.com/p/androguard/.Google Scholar
- Google Code. Droidbox. January, 2013. URL http://code.google.com/p/droidbox/.Google Scholar
- Google Code. Android Assault. January, 2013. URL http://code.google.com/p/android-assault/.Google Scholar
- Android Developers. MonkeyRunner. August, 2012. URL http://developer.android.com/guide/developing/tools/monkeyrunner_concepts.html.Google Scholar
- Various Authors. SCanDroid. January, 2013. URL https://github.com/scandroid/scandroid.Google Scholar
- Bitbar. Automated Testing Tool for Android - Testdroid. January, 2013. URL http://testdroid.com/.Google Scholar
- Ranonex. Android Test Automation - Automate your App Testing. January, 2013. URL http://www.ranorex.com/mobile-automation-testing/android-test-automation.html.Google Scholar
- W. River. Wind River Framework for Automated Software Testing. January, 2013. URL http://www.windriver.com/announces/fast/.Google Scholar
- TestPlant. eggPlant for mobile testing.. January, 2013. URL http://www.testplant.com/products/eggplant/mobile/.Google Scholar
- Pamela Bhattacharya, Liudmila Ulanova, Iulian Neamtiu and Sai Charan Koduru. An Empirical Analysis of the Bug-fixing Process in Open Source Android Apps. In CSMR'13.Google Scholar
- W. Enck, P. Gilbert, B. G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, 2010, pages 393--407. Google Scholar
Digital Library
- Android Developers. Android Emulator Limitations. March, 2013. URL http://developer.android.com/tools/devices/emulator.html#limitations.Google Scholar
- Android Developers. Android Intents. March, 2013. URL http://developer.android.com/reference/android/content/Intent.html.Google Scholar
- S. Anand, M. Naik, M. J. Harrold, and H. Yang. Automated concolic testing of smartphone apps. In FSE '12, pages 1--11. Google Scholar
Digital Library
- M. Böhmer, B. Hecht, J. Schöning, A. Krüger, and G. Bauer. Falling asleep with Angry Birds, Facebook and Kindle: a large scale study on mobile application usage. In MobileHCI '11, pages 47--56. Google Scholar
Digital Library
- B. Cornelissen, A. Zaidman, A. van Deursen, L. Moonen, and R. Koschke. A Systematic Survey of Program Comprehension through Dynamic Analysis. In Software Engineering, IEEE Transactions on, 2009, pages 684--702. Google Scholar
Digital Library
- Michael D. Ernst. Static and dynamic analysis: Synergy and duality. In WODA 2003: Workshop on Dynamic Analysis, May 9, pages 24--27.Google Scholar
- S. Hao, D. Li, W. Halfond, and R. Govindan. Estimating Android applications' CPU energy usage via bytecode profiling. In Green and Sustainable Software (GREENS), 2012 First International Workshop on, 2012, pages 1--7.Google Scholar
Cross Ref
- M. Dong and L. Zhong. Self-constructive high-rate system energy modeling for battery-powered mobile systems. In MobiSys '11, pages 335--348. Google Scholar
Digital Library
- X. Wei, L. Gomez, I. Neamtiu, and M. Faloutsos. Profile- Droid: multi-layer profiling of android applications. In Mobicom'12, pages 137--148. Google Scholar
Digital Library
- T. Takala, M. Katara, and J. Harty. Experiences of system-level model-based GUI testing of an Android application. In ICST '11, pages 377--386. Google Scholar
Digital Library
Index Terms
Targeted and depth-first exploration for systematic testing of android apps
Recommendations
Targeted and depth-first exploration for systematic testing of android apps
OOPSLA '13: Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applicationsSystematic exploration of Android apps is an enabler for a variety of app analysis and testing tasks. Performing the exploration while apps run on actual phones is essential for exploring the full range of app capabilities. However, exploring real-world ...
Guided, stochastic model-based GUI testing of Android apps
ESEC/FSE 2017: Proceedings of the 2017 11th Joint Meeting on Foundations of Software EngineeringMobile apps are ubiquitous, operate in complex environments and are developed under the time-to-market pressure. Ensuring their correctness and reliability thus becomes an important challenge. This paper introduces Stoat, a novel guided approach to ...
Dynodroid: an input generation system for Android apps
ESEC/FSE 2013: Proceedings of the 2013 9th Joint Meeting on Foundations of Software EngineeringWe present a system Dynodroid for generating relevant inputs to unmodified Android apps. Dynodroid views an app as an event-driven program that interacts with its environment by means of a sequence of events through the Android framework. By ...







Comments