Systematically testing background services of mobile apps

Contrary to popular belief, mobile apps can spend a large fraction of time running "hidden" as background services. And, bugs in services can translate into crashes, energy depletion, device slow-down, etc. Unfortunately, without necessary testing tools, developers can only resort to telemetries from user devices in the wild. To this end, Snowdrop is a testing framework that systematically identifies and automates background services in Android apps. Snowdrop realizes a service-oriented approach that does not assume all inter-component communication messages are explicitly coded in the app bytecode. Furthermore, to improve the completeness of test inputs generated, Snowdrop infers field values by exploiting the similarity in how developers name variables. We evaluate Snowdrop by testing 848 commercially available mobile apps. Empirical results show that Snowdrop can achieve 20.91% more code path coverage than pathwise test input generators, and 64.11% more coverage than random test input generators.

[1]  D.M. Mount,et al.  An Efficient k-Means Clustering Algorithm: Analysis and Implementation , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[2]  John Regehr,et al.  Intent fuzzer: crafting intents of death , 2014, WODA+PERTEA 2014.

[3]  Justin Cappos,et al.  Selectively Taming Background Android Apps to Improve Battery Lifetime , 2015, USENIX Annual Technical Conference.

[4]  Jon Edvardsson,et al.  A Survey on Automatic Test Data Generation , 2002 .

[5]  Guofei Gu,et al.  SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications , 2012, SPSM '12.

[6]  Jie Liu,et al.  DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps , 2014, NSDI.

[7]  Hui Ye,et al.  DroidFuzzer: Fuzzing the Android Apps with Intent-Filter Tag , 2013, MoMM '13.

[8]  Zhuoqing Morley Mao,et al.  AppProfiler: a flexible method of exposing privacy-related behavior in android applications to end users , 2013, CODASPY.

[9]  Ranveer Chandra,et al.  Caiipa: automated large-scale mobile app testing through contextual fuzzing , 2014, MobiCom.

[10]  Samuel P. Midkiff,et al.  What is keeping my phone awake?: characterizing and detecting no-sleep energy bugs in smartphone apps , 2012, MobiSys '12.

[11]  Byung-Gon Chun,et al.  Vision: automated security validation of mobile apps at app markets , 2011, MCS '11.

[12]  A. Jefferson Offutt,et al.  Constraint-Based Automatic Test Data Generation , 1991, IEEE Trans. Software Eng..

[13]  Suman Nath,et al.  PUMA: programmable UI-automation for large-scale dynamic analysis of mobile apps , 2014, MobiSys.

[14]  Kyunghan Lee,et al.  Context-aware application scheduling in mobile systems: what will users do and not do next? , 2016, UbiComp.

[15]  Matthew L. Dering,et al.  Composite Constant Propagation: Application to Android Inter-Component Communication Analysis , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[16]  Todd D. Millstein,et al.  RERAN: Timing- and touch-sensitive record and replay for Android , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[17]  Kun Yang,et al.  IntentFuzzer: detecting capability leaks of android applications , 2014, AsiaCCS.

[18]  Fabio Massacci,et al.  Towards Black Box Testing of Android Apps , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[19]  Jason Flinn,et al.  AMC: verifying user interface properties for vehicular applications , 2013, MobiSys '13.

[20]  Lori A. Clarke,et al.  A System to Generate Test Data and Symbolically Execute Programs , 1976, IEEE Transactions on Software Engineering.

[21]  Jacques Klein,et al.  Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis , 2013 .

[22]  Seokjun Lee,et al.  EnTrack: a system facility for analyzing energy consumption of Android system services , 2015, UbiComp.

[23]  Suman Nath,et al.  Automatic and scalable fault detection for mobile applications , 2014, MobiSys.

[24]  Feng Qian,et al.  Revisiting Network Energy Efficiency of Mobile Apps: Performance in the Wild , 2015, Internet Measurement Conference.

[25]  Wei Zhang,et al.  Towards A Contextual and Scalable Automated-testing Service for Mobile Apps , 2017, HotMobile.

[26]  Xiaomeng Chen Smartphone Energy Drain in the Wild: Measurement, Analysis and Optimizations , 2017 .

[27]  Jacques Klein,et al.  IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[28]  Jeffrey Dean,et al.  Distributed Representations of Words and Phrases and their Compositionality , 2013, NIPS.

[29]  Jan S. Rellermeyer,et al.  An empirical study of the robustness of Inter-component Communication in Android , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[30]  Ning Ding,et al.  Smartphone Background Activities in the Wild: Origin, Energy Drain, and Optimization , 2015, MobiCom.

[31]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[32]  Enhong Chen,et al.  Characterizing Privacy Risks of Mobile Apps with Sensitivity Analysis , 2018, IEEE Transactions on Mobile Computing.