DroidGraph is a modelling framework that generates a comprehensive extended control flow model of an Android application using traditional static analysis and efficient systematic exploratory tests. This repository contains the code and results that evaluate DroidGraph and comapre its exploratory tests with the state of the art in random input generation.
Please note that this repository will be maintained but not regularly.
@inproceedings{doyle2023modelling,
title={Modelling Android applications through static analysis and systematic exploratory testing},
author={Doyle, Jordan and Laurent, Thomas and Ventresque, Anthony},
booktitle={2023 10th International Conference on Dependable Systems and Their Applications (DSA)},
pages={94--104},
year={2023},
organization={IEEE}
}
Simply download the artefact here and apply the following environment configuration:
For simplisity, it is highly recommended that you use the Docker image provided. The code was last used with Docker Desktop v4. For native installs please refer to the dependencies listed in the provided Docker files.
The experiments are split into tasks, and each task can be performed independenlty, however, specific tasks may require output files from another task. Below is the basic format for running all tasks in there intented order:
./test_apps.sh --docker <input-directory> <output-directory>
where input-directory is the path to a directory containing all the subject apk under test and output-directory is the path to a directory where results will be stored.
Each input APK is given its own output sub-directory (APK file name) and each task outputs to the following sub-directories with the following content:
/Droid_Instrument - Instrumented APK file.
/Droid_Traversal - Dynamic analysis traversal results.
/AndroGuard - Androguard output GML file.
/Droid_Graph - DroidGraph model in JSON format.
/Monkey_All - Monkey (all interactions) average results.
/Monkey_Click - Monkey (click interactions) average results.
Results for tasks with multiple iterations are split int sub-directories for each test. Each subdirectory contains all related support files and logs. All results are provided as a PNG line graph, TEX graph and TXT table.