摘要
Android操作系统提供了丰富的应用程序间消息传递机制,其中基于意图的通信是Android应用程序组件间的一种重要通信机制。该机制促进了应用程序间的协作,并通过增加组件重用减轻了开发人员的负担。但是这一消息传递机制可能被滥用,例如应用程序将错误消息发送给目标应用程序,从而导致目标应用程序崩溃。针对这个问题,提出一种基于模糊测试的健壮性检测方法,并实现了意图模糊测试工具ICCDroidFuzzer。该方法通过静态分析获取组件相关信息来构造测试套件,并将其发送给目标组件,同时监测Android系统日志,以发现是否存在运行时崩溃。使用ICCDroidFuzzer检测了420个真实的商业应用程序,通过对实验结果进行分析,发现了19种导致应用程序崩溃的异常。该工具可以自动化地对应用程序的健壮性进行测试,适用于没有人为干预的大量Android应用程序的测试。
The Android operating system provides a rich inter-application messaging mechanism,in which intent-based communication is an important inter-component communication mechanism in Android.This mechanism facilitates the collaboration of applications and reduces the burdens for developers through increasing component reuse.It is possible that this message-passing mechanism will be abused,such as the application send erroneous messages to the target application,which can result in the target crash.Aiming at this problem,a robustness detection method based on the fuzzy test is proposed and an intent fuzzy test tool ICCDroidFuzzer is implemented.The method uses static analysis to obtain component-related information to construct the test suites and send them to the target components.At the same time,the tool monitors the Android system logs to find if there is a run crash.We examined 420 real business applications using ICCDroidFuzzer.The results demonstrate 19 exceptions that cause the application crash.This tool automatically tests the robustness of applications and is suitable for testing a large number of Android applications without human intervention.
作者
赵赛
刘昊
王雨峰
苏航
燕季薇
ZHAO Sai;LIU Hao;WANG Yu-feng;SU Hang;YAN Ji-wei(Department of Informatics,Beijing University of Technology,Beijing 100124,China;Technology Center of Software Engineering,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China;University of Chinese Academy of Sciences,Beijing 100190,China)
出处
《计算机科学》
CSCD
北大核心
2020年第S02期303-309,315,共8页
Computer Science
基金
国家自然科学基金(61672505)。
关键词
组件间通信
意图
模糊测试
健壮性
Inter-component communication
Intent
Fuzzy test
Robustness
