Static Asynchronous Component Misuse Detection for Android Applications
Facing the limited resource of smartphones, asynchronous programming significantly improves the performance of Android applications. Android provides several packaged components to ease the development of asynchronous programming. Among them, the AsyncTask component is widely used by developers since it is easy to implement. However, the abuse of AsyncTask component can decrease responsiveness and even lead to crashes. By investigating the Android Developer Documentation and technical forums, we summarize five misuse patterns about AsyncTask. To detect them, we propose a flow, context, object and field-sensitive inter-procedural static analysis approach. Specifically, the static analysis includes typestate analysis, reference analysis and loop analysis. Based on the AsyncTask-related information obtained during static analysis, we check the misuse according to predefined detection rules. The proposed approach is implemented into a tool called AsyncChecker.
We evaluate AsyncChecker on a self-designed benchmark suite called AsyncBench and 1,759 real-world apps. AsyncChecker finds 17,946 misused AsyncTask instances in 1,417 real-world apps (80.6%). The precision, recall and F-measure of AsyncChecker on real-world applications are 97.2%, 89.8% and 0.93, respectively. Compared with existing tools, AsyncChecker can detect more asynchronous problems. We report the misuse problems to developers via GitHub. Several developers have confirmed and fixed the problems found by AsyncChecker. The result implies that our approach is effective and developers do take the misuse of AsyncTask as a serious problem.
Fri 13 NovDisplayed time zone: (UTC) Coordinated Universal Time change
08:00 - 08:30
|All Your App Links Are Belong to Us: Understanding the Threats of Instant Apps Based Attacks|
Yutian Tang ShanghaiTech University, Yulei Sui University of Technology Sydney, Haoyu Wang Beijing University of Posts and Telecommunications, Xiapu Luo Hong Kong Polytechnic University, China, Hao Zhou Hong Kong Polytechnic University, China, Zhou Xu Chongqing University, ChinaDOI
|Borrowing Your Enemy’s Arrows: The Case of Code Reuse in Android via Direct Inter-app Code Invocation|
Jun Gao University of Luxembourg, Luxembourg, Li Li Monash University, Australia, Pingfan Kong University of Luxembourg, Luxembourg, Tegawendé F. Bissyandé University of Luxembourg, Luxembourg, Jacques Klein University of Luxembourg, LuxembourgDOI Pre-print Media Attached
|Impact of Programming Languages on Energy Consumption for Mobile Devices|
Student Research Competition
Zamira Kholmatova Innopolis University, RussiaDOI
|Rebooting Research on Detecting Repackaged Android Apps: Literature Review and Benchmark|
|Static Asynchronous Component Misuse Detection for Android Applications|
Linjie Pan Institute of Software at Chinese Academy of Sciences, China, Baoquan Cui Institute of Software at Chinese Academy of Sciences, China, Hao Liu Beijing University of Technology, China, Jiwei Yan Institute of Software at Chinese Academy of Sciences, China, Siqi Wang Beijing University of Technology, China, Jun Yan Institute of Software at Chinese Academy of Sciences, China, Jian Zhang Institute of Software at Chinese Academy of Sciences, ChinaDOI
|Conversations on Mobile 2|