標題: CRAXDroid: Automatic Android System Testing by Selective Symbolic Execution
作者: Yeh, Chao-Chun
Lu, Han-Lin
Chen, Chun-Yen
Khor, Kee-Kiat
Huang, Shih-Kun
資訊工程學系
資訊技術服務中心
Department of Computer Science
Information Technology Services Center
關鍵字: symbolic execution;concolic execution;market App software;software testing;software quality assurance
公開日期: 1-Jan-2014
摘要: Mobile devices such as smart phones and tablet PCs are becoming common personal devices. The business model of a central software market is also thriving and turning into a major distribution source of software packages on those devices. However, these devices often contain personal private information and can be used to conduct operations involving data leakage and payment events like sending SMS. As a result, the quality of software on mobile devices becomes a critical issue. We aim at checking whether software off the shelf contains defective behavior or potential vulnerabilities, and aiding the official APP or third party markets to ensure their software without privacy issues. We have built a platform for android APP testing, by revising our software quality assurance and exploit generation platform, called CRAX, to apply in the Android platform. It is called the CRAXDroid that allows any inputs to be the testing sources to the APP without source code. These approaches are based on the symbolic execution technique and android emulator. By automatically exploring execution paths, we can find potential software defects. We perform several experiments on Android applications to prove the feasibility of our method.
URI: http://dx.doi.org/10.1109/SERE-C.2014.32
http://hdl.handle.net/11536/128605
ISBN: 978-1-4799-5843-6
ISSN: 
DOI: 10.1109/SERE-C.2014.32
期刊: 2014 IEEE EIGHTH INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND RELIABILITY - COMPANION (SERE-C 2014)
起始頁: 140
結束頁: 148
Appears in Collections:Conferences Paper