Empirical comparison of intermediate representations for Android applications

Yauhen Leanidavich Arnatovich; Hee Beng Kuan Tan; Sun Ding; Kaping Liu; Lwin Khin Shar

Empirical comparison of intermediate representations for Android applications

Yauhen Leanidavich Arnatovich, Hee Beng Kuan Tan, Sun Ding, Kaping Liu, Lwin Khin Shar

Research output: Contribution to journal › Conference article › peer-review

6 Citations (Scopus)

Abstract

In Android-based mobile computing, since the original Java source code is irretrievable from Dalvik bytecode, intermediate representations (IRs) were developed to represent Dalvik bytecode in readable form. To date, SMALI, JASMIN, and JIMPLE are all used as Android application IRs by mobile developers, testers and researchers. Here, we compare these three IRs via randomized event-based testing (Monkey testing) to determine that which most accurately preserves the original program behaviors in terms of the number of successfully injected events. As such program behaviors are critical to mobile security, the choice of IR is crucial during software security testing. In our experiment, we developed an event-based comparative scheme, and conducted a comprehensive empirical study. Statistical comparison of the three IRs' program behaviors shows that SMALI behaves closest to the original applications and hence is the most suitable for software security testing as the most accurate alternative to the original Java source code (which is usually not publicly available).

Original language	English
Pages (from-to)	205-210
Number of pages	6
Journal	Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
Volume	2014-January
Issue number	January
Publication status	Published - 2014
Externally published	Yes
Event	26th International Conference on Software Engineering and Knowledge Engineering, SEKE 2014 - Vancouver, Canada Duration: 1 Jul 2014 → 3 Jul 2014

Keywords

Android computing
Event-based testing
Intermediate representation
JASMIN
JIMPLE
Program behaviors
SMALI

Cite this

@article{0ae410d1abfb419a9d1f50d39cad169c,

title = "Empirical comparison of intermediate representations for Android applications",

abstract = "In Android-based mobile computing, since the original Java source code is irretrievable from Dalvik bytecode, intermediate representations (IRs) were developed to represent Dalvik bytecode in readable form. To date, SMALI, JASMIN, and JIMPLE are all used as Android application IRs by mobile developers, testers and researchers. Here, we compare these three IRs via randomized event-based testing (Monkey testing) to determine that which most accurately preserves the original program behaviors in terms of the number of successfully injected events. As such program behaviors are critical to mobile security, the choice of IR is crucial during software security testing. In our experiment, we developed an event-based comparative scheme, and conducted a comprehensive empirical study. Statistical comparison of the three IRs' program behaviors shows that SMALI behaves closest to the original applications and hence is the most suitable for software security testing as the most accurate alternative to the original Java source code (which is usually not publicly available).",

keywords = "Android computing, Event-based testing, Intermediate representation, JASMIN, JIMPLE, Program behaviors, SMALI",

author = "Arnatovich, {Yauhen Leanidavich} and Tan, {Hee Beng Kuan} and Sun Ding and Kaping Liu and Shar, {Lwin Khin}",

note = "Publisher Copyright: Copyright {\textcopyright} 2014 by Knowledge Systems Institute Graduate School.; 26th International Conference on Software Engineering and Knowledge Engineering, SEKE 2014 ; Conference date: 01-07-2014 Through 03-07-2014",

year = "2014",

language = "English",

volume = "2014-January",

pages = "205--210",

journal = "Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE",

issn = "2325-9000",

number = "January",

}

Empirical comparison of intermediate representations for Android applications. / Arnatovich, Yauhen Leanidavich; Tan, Hee Beng Kuan; Ding, Sun et al.
In: Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE, Vol. 2014-January, No. January, 2014, p. 205-210.

Research output: Contribution to journal › Conference article › peer-review

TY - JOUR

T1 - Empirical comparison of intermediate representations for Android applications

AU - Arnatovich, Yauhen Leanidavich

AU - Tan, Hee Beng Kuan

AU - Ding, Sun

AU - Liu, Kaping

AU - Shar, Lwin Khin

PY - 2014

Y1 - 2014

N2 - In Android-based mobile computing, since the original Java source code is irretrievable from Dalvik bytecode, intermediate representations (IRs) were developed to represent Dalvik bytecode in readable form. To date, SMALI, JASMIN, and JIMPLE are all used as Android application IRs by mobile developers, testers and researchers. Here, we compare these three IRs via randomized event-based testing (Monkey testing) to determine that which most accurately preserves the original program behaviors in terms of the number of successfully injected events. As such program behaviors are critical to mobile security, the choice of IR is crucial during software security testing. In our experiment, we developed an event-based comparative scheme, and conducted a comprehensive empirical study. Statistical comparison of the three IRs' program behaviors shows that SMALI behaves closest to the original applications and hence is the most suitable for software security testing as the most accurate alternative to the original Java source code (which is usually not publicly available).

AB - In Android-based mobile computing, since the original Java source code is irretrievable from Dalvik bytecode, intermediate representations (IRs) were developed to represent Dalvik bytecode in readable form. To date, SMALI, JASMIN, and JIMPLE are all used as Android application IRs by mobile developers, testers and researchers. Here, we compare these three IRs via randomized event-based testing (Monkey testing) to determine that which most accurately preserves the original program behaviors in terms of the number of successfully injected events. As such program behaviors are critical to mobile security, the choice of IR is crucial during software security testing. In our experiment, we developed an event-based comparative scheme, and conducted a comprehensive empirical study. Statistical comparison of the three IRs' program behaviors shows that SMALI behaves closest to the original applications and hence is the most suitable for software security testing as the most accurate alternative to the original Java source code (which is usually not publicly available).

KW - Android computing

KW - Event-based testing

KW - Intermediate representation

KW - JASMIN

KW - JIMPLE

KW - Program behaviors

KW - SMALI

UR - http://www.scopus.com/inward/record.url?scp=84938305217&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:84938305217

SN - 2325-9000

VL - 2014-January

SP - 205

EP - 210

JO - Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE

JF - Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE

IS - January

T2 - 26th International Conference on Software Engineering and Knowledge Engineering, SEKE 2014

Y2 - 1 July 2014 through 3 July 2014

ER -

Empirical comparison of intermediate representations for Android applications

Abstract

Keywords

Other files and links

Fingerprint

Cite this