Towards Practical Evaluation of Android ICC Resolution Techniques
share
Inter-component communication (ICC) is a key mechanism in mobile apps, which enables the message-based control flow transferring and data passing between components. Effective ICC resolution requires precisely identifying entry points, tracking data values of ICC fields, modeling related framework APIs, etc. Due to the multiple complex characteristics involved, the evaluation of ICC resolution approaches is challenging. Although a set of ICC-related hand-made benchmarks are publicly available, which supports the assessments on parts of the characteristics, the practical evaluations on more complicated scenarios are not available due to the lack of a reliable oracle from real-world apps. In this paper, we carried out the research to answer three key questions: 1) to what extent can the existing benchmarks contribute to the evaluation of ICC resolution; 2) how to construct the practical, representative, and reliable oracle of real-world apps; 3) what are the pros and cons of the state-of-the-art ICC resolution tools. First, we performed pre-evaluations of tools on two sets of benchmarks, including four hand-made ones and a large-scale dataset with 4,000 real-world apps, using metrics adopted in existing works as well as three graph-based ones proposed by us. For a more practical evaluation, we designed a stack-based trace analysis approach to extract reliable ICC links and manually labeled the involved code characteristics for 1,452 links. With the newly constructed oracle, we conducted another evaluation of the existing tools. Based on the evaluation results, we identified the limitations of the existing tools and developed a new ICC resolution tool ICCBot, which achieves better performance on both the hand-made and real-world apps.
READ FULL TEXT
