CATE: Concolic Android Testing Using Java PathFinder for Android Applications

Like all software, Android applications are not immune to bugs, security vulnerabilities, and a wide range of other issues. Concolic analysis, a hybrid software verification technique which performs symbolic execution along with a concrete execution path, has been used for a variety of purposes including software testing, code clone detection, and security-related activities. We created a new publicly available concolic analysis tool for analyzing Android applications: Concolic Android TEster (CATE). Building on Java Path Finder (JPF-SPF), this tool performs concolic analysis on a raw Android application file (or source code) and provides output in a useful and easy to understand format.

[1]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[2]  Koushik Sen,et al.  CUTE: a concolic unit testing engine for C , 2005, ESEC/FSE-13.

[3]  Emad Shihab,et al.  Examining the effectiveness of using concolic analysis to detect code clones , 2015, SAC.

[4]  Bing Chen,et al.  Crashmaker: an improved binary concolic testing tool for vulnerability detection , 2014, SAC.

[5]  Emad Shihab,et al.  CCCD: Concolic code clone detection , 2013, 2013 20th Working Conference on Reverse Engineering (WCRE).