Implementation of automated testing system for android applications based on dynamic taint propagation

Zhu Kelong,Song Yubo,Chen Fei
DOI: https://doi.org/10.1049/cp.2014.0736
2014-01-01
Abstract:As the increasing downloads of applications via Android Platform, more and more malicious codes were injected in those applications. And some problems are caused by that malicious code such as economic loss and privacy issues. Android has the highest market share of smartphone operating system, the security of Android platform is extremely important. Therefore, the security testing and evaluation of applications is imperative. Dynamic taint propagation is the most common method to do the test, but there are two problems: a) If the custom ROM runs in the smartphone, the running speed of ROM will be limited to the smartphone's battery life and computing power. b) If the program was running in emulator in PC, the efficiency will be very poor because of the manual operation for the triggering action during the running time. The paper presents an automated testing method which was accomplished in emulator. In addition, the system will record the tree structure of Activity and control distribution of each Activity. The test results showed that the system can trigger all the controls and compared with manual test, this method was proven to be more effective and completely.
What problem does this paper attempt to address?