IMGDroid: A Static Analyzer for Detecting Image Loading Defects in Android Applications

被引:0
|
作者
Song, Wei [1 ]
Han, Mengqi [1 ]
Huang, Jeff [2 ]
机构
[1] Nanjing Univ Sci & Tech, Sch Comp Sci & Engn, Nanjing, Peoples R China
[2] Texas A&M Univ, Parasol Lab, College Stn, TX USA
来源
2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2021) | 2021年
关键词
Android apps; image loading defects; static analysis;
D O I
10.1109/ICSE-Companion52605.2021.00069
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We summarize five anti-patterns of image loading defects in Android apps, including image passing by intent, image decoding without resizing, local image loading without permission, repeated decoding without caching, and image decoding in UI thread. Based on the anti-patterns, we propose a static analyzer, IMGDroid, to automatically and effectively detect such defects. Readers can access our artifacts from GitHub and Zenodo, and can run IMGDroid to detect image loading defects in Android apps; so we are applying for Reusable and Available Badges. We implement IMGDroid in Java, and perform the experiments on a computer with Windows 10, JDK 1.8, and Android 7.1.1. Therefore, reviewers are required to be familiar with Java and proficient in using Eclipse.
引用
收藏
页码:164 / 165
页数:2
相关论文
共 50 条
  • [1] IMGDroid: Detecting Image Loading Defects in Android Applications
    Song, Wei
    Han, Mengqi
    Huang, Jeff
    2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2021), 2021, : 823 - 834
  • [2] DDLDroid: A Static Analyzer for Automatically Detecting Data Loss Issues in Android Applications
    Zhou, Yuhao
    Song, Wei
    PROCEEDINGS OF THE 32ND ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, ISSTA 2023, 2023, : 1471 - 1474
  • [3] Automatically Detecting Exception Handling Defects in Android Applications
    Xie, Linna
    Lu, Lu
    Ding, Shunjie
    Pei, Yu
    Pan, Minxue
    Zhang, Tian
    THE 12TH ASIA-PACIFIC SYMPOSIUM ON INTERNETWARE, INTERNETWARE 2020, 2021, : 61 - 70
  • [4] DroidEnsemble: Detecting Android Malicious Applications With Ensemble of String and Structural Static Features
    Wang, Wei
    Gao, Zhenzhen
    Zhao, Meichen
    Li, Yidong
    Liu, Jiqiang
    Zhang, Xiangliang
    IEEE ACCESS, 2018, 6 : 31798 - 31807
  • [5] Privacy Consistency Analyzer for Android Applications
    Maitra, Sayan
    Suh, Bohyun
    Ghanavati, Sepideh
    2018 IEEE 5TH INTERNATIONAL WORKSHOP ON EVOLVING SECURITY & PRIVACY REQUIREMENTS ENGINEERING (ESPRE 2018), 2018, : 28 - 33
  • [6] Detecting Permission Over-claim of Android Applications with Static and Semantic Analysis Approach
    Tang, Junwei
    Li, Ruixuan
    Han, Hongmu
    Zhang, Heng
    Gu, Xiwu
    2017 16TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS / 11TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING / 14TH IEEE INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS, 2017, : 706 - 713
  • [7] NTApps: A Network Traffic Analyzer of Android Applications
    Rodriguez, Rodney
    Mostafa, Shaikh
    Wang, Xiaoyin
    PROCEEDINGS OF THE 22ND ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES (SACMAT'17), 2017, : 199 - 206
  • [8] Privilege Escalation Detecting in Android Applications
    Zhong, Xingqiu
    Zeng, Fanping
    Cheng, Zhichao
    Xie, Niannian
    Qin, Xiaoxia
    Guo, Shuli
    2017 3RD INTERNATIONAL CONFERENCE ON BIG DATA COMPUTING AND COMMUNICATIONS (BIGCOM), 2017, : 39 - 44
  • [9] Detecting Malware with Similarity to Android applications
    Park, Wonjoo
    Kim, Sun-joong
    Ryu, Won
    2015 INTERNATIONAL CONFERENCE ON ICT CONVERGENCE (ICTC), 2015, : 1249 - 1251
  • [10] A static analyzer for Industrial robotic applications
    Mandal, Avijit
    D'Souza, Meenakshi
    Jetley, Raoul
    Nair, Sreeja
    2017 IEEE 28TH INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW 2017), 2017, : 24 - 27
12345