IMGDroid: A Static Analyzer for Detecting Image Loading Defects in Android Applications

被引:0
|
作者
Song, Wei [1 ]
Han, Mengqi [1 ]
Huang, Jeff [2 ]
机构
[1] Nanjing Univ Sci & Tech, Sch Comp Sci & Engn, Nanjing, Peoples R China
[2] Texas A&M Univ, Parasol Lab, College Stn, TX USA
来源
2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2021) | 2021年
关键词
Android apps; image loading defects; static analysis;
D O I
10.1109/ICSE-Companion52605.2021.00069
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We summarize five anti-patterns of image loading defects in Android apps, including image passing by intent, image decoding without resizing, local image loading without permission, repeated decoding without caching, and image decoding in UI thread. Based on the anti-patterns, we propose a static analyzer, IMGDroid, to automatically and effectively detect such defects. Readers can access our artifacts from GitHub and Zenodo, and can run IMGDroid to detect image loading defects in Android apps; so we are applying for Reusable and Available Badges. We implement IMGDroid in Java, and perform the experiments on a computer with Windows 10, JDK 1.8, and Android 7.1.1. Therefore, reviewers are required to be familiar with Java and proficient in using Eclipse.
引用
收藏
页码:164 / 165
页数:2
相关论文
共 50 条
  • [21] Detecting Stubborn Permission Requests in Android Applications
    Huang, Jianmeng
    Huang, Wenchao
    Miao, Fuyou
    Xiong, Yan
    2018 4TH INTERNATIONAL CONFERENCE ON BIG DATA COMPUTING AND COMMUNICATIONS (BIGCOM 2018), 2018, : 84 - 89
  • [22] CapaDroid: Detecting Capability Leak for Android Applications
    Wu, Tianjun
    Yang, Yuexiang
    SECURITY, PRIVACY AND ANONYMITY IN COMPUTATION, COMMUNICATION AND STORAGE, (SPACCS 2016), 2016, 0067 : 95 - 104
  • [23] Detecting possibly unimplemented methods in android applications
    Nagura M.
    Usui H.
    Takada S.
    Computer Software, 2021, 38 (02) : 71 - 89
  • [24] Static Dalvik Bytecode Optimization for Android Applications
    Kim, Jeehong
    Kim, Inhyeok
    Min, Changwoo
    Jun, Hyung Kook
    Lee, Soo Hyung
    Kim, Won-Tae
    Eom, Young Ik
    ETRI JOURNAL, 2015, 37 (05) : 1001 - 1011
  • [25] Static Analysis of Memory Leak in Android Applications
    Zhou, Di
    Fu, Zhengyu
    PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING 2015 (ICMMCCE 2015), 2015, 39 : 1023 - 1027
  • [26] Static Analysis of Context Leaks in Android Applications
    Toffalini, Flavio
    Sun, Jun
    Ochoa, Martin
    2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING - SOFTWARE ENGINEERING IN PRACTICE TRACK (ICSE-SEIP 2018), 2018, : 215 - 224
  • [27] Detecting Energy Bugs in Android Apps Using Static Analysis
    Jiang, Hao
    Yang, Hongli
    Qin, Shengchao
    Su, Zhendong
    Zhang, Jian
    Yan, Jun
    FORMAL METHODS AND SOFTWARE ENGINEERING, ICFEM 2017, 2017, 10610 : 192 - 208
  • [28] A static technique for detecting input validation vulnerabilities in Android apps
    Fang, Zhejun
    Liu, Qixu
    Zhang, Yuqing
    Wang, Kai
    Wang, Zhiqiang
    Wu, Qianru
    SCIENCE CHINA-INFORMATION SCIENCES, 2017, 60 (05)
  • [29] A static technique for detecting input validation vulnerabilities in Android apps
    Zhejun FANG
    Qixu LIU
    Yuqing ZHANG
    Kai WANG
    Zhiqiang WANG
    Qianru WU
    Science China(Information Sciences), 2017, 60 (05) : 210 - 225
  • [30] Virtual Static Security Analyzer for Web Applications
    Brinza, Mihail
    Correia, Miguel
    Pereira, Joao
    2021 IEEE 20TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2021), 2021, : 840 - 848
12345