APK-based automatic method for GUI traversal of Android applications

doi:10.11772/j.issn.1001-9081.2016.11.3178

Journal of Computer Applications ›› 2016, Vol. 36 ›› Issue (11): 3178-3182.DOI: 10.11772/j.issn.1001-9081.2016.11.3178

Previous Articles Next Articles

APK-based automatic method for GUI traversal of Android applications

ZHANG Shengqiao, YIN Qing, CHANG Rui, ZHU Xiaodong

State Key Laboratory of Mathematical Engineering and Advanced Computing(Information Engineering University), Zhengzhou Henan 450000, China

Received:2016-04-18 Revised:2016-06-27 Online:2016-11-12 Published:2016-11-10

基于APK的Android应用程序GUI遍历自动化方法

张胜桥, 尹青, 常瑞, 朱晓东

数学工程与先进计算国家重点实验室(信息工程大学), 郑州 450000

通讯作者: 张胜桥
作者简介:张胜桥(1990-),男,山东菏泽人,硕士研究生,主要研究方向:逆向工程、信息安全;尹青(1968-),女,江苏徐州人,教授,博士,主要研究方向:信息安全;常瑞(1981-),女,河南郑州人,副教授,博士研究生,主要研究方向:嵌入式系统安全;朱晓东(1991-),男,山东潍坊人,硕士研究生,主要研究方向:逆向工程。

Abstract

Abstract: In order to improve the coverage and automation level of Graphical User Interface (GUI) by automatic execution technology for Android applications, an Android Package (APK)-based automatic traversal method which meets the requirements of dynamic security analysis and GUI testing was proposed. The GUI of the target application was captured dynamically, and the interaction of user actions was simulated with applications running automatically. Based on the open source project of Appium, a platform-crossed prototype tool of automatic traversal method which can automatically traverse GUIs of lightweight Android applications was implemented. The experimental results show that the proposed method with a high coverage is feasible and effective.

Key words: Graphical User Interface (GUI), GUI traversal, action simulation, high coverage, mobile application, Android

摘要： 为了提高应用程序自动执行技术的图形用户界面（GUI）覆盖率和自动化程度以满足Android应用程序动态安全分析和GUI测试的需求，提出了一种基于应用程序安装包（APK）的Android应用程序GUI遍历自动化方法。该方法通过动态地捕捉目标应用程序GUI并模拟用户行为与之交互，驱动应用程序自动执行。基于开源框架Appium实现了一个能够自动化遍历轻量Android应用程序GUI的跨平台原型工具。实验结果表明，该自动化方法能够获得较高的GUI覆盖率。

关键词: 图形用户界面, 图形用户界面遍历, 行为模拟, 高覆盖率, 移动应用程序, Android

CLC Number:

TP302

ZHANG Shengqiao, YIN Qing, CHANG Rui, ZHU Xiaodong. APK-based automatic method for GUI traversal of Android applications[J]. Journal of Computer Applications, 2016, 36(11): 3178-3182.

张胜桥, 尹青, 常瑞, 朱晓东. 基于APK的Android应用程序GUI遍历自动化方法[J]. 计算机应用, 2016, 36(11): 3178-3182.

References

[1] ZHENG C, ZHU S, DAI S, et al. Smartdroid:an automatic system for revealing UI-based trigger conditions in android applications[C]//Proceedings of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. New York:ACM, 2012:93-104.
[2] YEH C C, HUANG S K, CHANG S Y. A black-box based android GUI testing system[C]//Proceedings of the 11th Annual International Conference on Mobile Systems, Applications, and Services. New York:ACM, 2013:529-530.
[3] JENSEN C S, PRASAD M R, M?LLER A. Automated testing with targeted event sequence generation[C]//Proceedings of the 2013 International Symposium on Software Testing and Analysis. New York:ACM, 2013:67-77.
[4] YANG S, YAN D, ROUNTEV A. Testing for poor responsiveness in Android applications[C]//Proceedings of the 20131st International Workshop on Engineering of Mobile-Enabled Systems. Piscataway, NJ:IEEE, 2013:1-6.
[5] RASTOGI V, CHEN Y, ENCK W. AppsPlayground:automatic security analysis of smartphone applications[C]//Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy. New York:ACM, 2013:209-220.
[6] YANG W, PRASAD M R, XIE T. A grey-box approach for automated GUI-model generation of mobile applications[C]//Proceedings of the 16th International Conference on Fundamental Approaches to Software Engineering. Berlin:Springer, 2013:250-265.
[7] AZIM T, NEAMTIU I. Targeted and depth-first exploration for systematic testing of android apps[J]. ACM SIGPLAN Notices, 2013, 48(10):641-660.
[8] WANG P, LIANG B, YOU W, et al. Automatic Android GUI traversal with high coverage[C]//Proceedinags of the 4th International Conference on Communication Systems and Network Technologies. Piscataway, NJ:IEEE, 2014:1161-1166.
[9] NILSSON N J. Artificial Intelligence:a New Synthesis[M]. San Francisco, CA:Morgan Kaufmann, 1998:141-155.
[10] Appium[EB/OL].[2016-01-20].https://github.com/Appium/Appium.

[1]	Baoshan YANG, Zhi YANG, Xingyuan CHEN, Bing HAN, Xuehui DU. Analysis of consistency between sensitive behavior and privacy policy of Android applications [J]. Journal of Computer Applications, 2024, 44(3): 788-796.
[2]	Qun MAO, Weiwei WANG, Feng YOU, Ruilian ZHAO, Zheng LI. Pattern mining and reuse method for user behaviors of Android applications [J]. Journal of Computer Applications, 2022, 42(7): 2155-2161.
[3]	Mo LI, Tianliang LU, Ziheng XIE. Android malware family classification method based on code image integration [J]. Journal of Computer Applications, 2022, 42(5): 1490-1499.
[4]	REN Haipei, LI Teng. FaceYoLo algorithm for face detection on mobile platform [J]. Journal of Computer Applications, 2020, 40(4): 1002-1008.
[5]	SHEN Liang, WANG Xin, CHEN Shuhui. Structural signature extraction method for mobile application recognition [J]. Journal of Computer Applications, 2020, 40(4): 1109-1114.
[6]	WEI Shanshan, HU Shengbo, YAN Tingting, MO Jinrong. Radio wave propagation characteristics and analysis software in troposphere based on split step wavelet method [J]. Journal of Computer Applications, 2019, 39(6): 1792-1798.
[7]	CAO Zhenhuan, CAI Xiaohai, GU Menghe, GU Xiaozhuo, LI Xiaowei. Android permission management and control scheme based on access control list mechanism [J]. Journal of Computer Applications, 2019, 39(11): 3316-3322.
[8]	BU Tongtong, CAO Tianjie. Risk assessment method of Android application based on permission [J]. Journal of Computer Applications, 2019, 39(1): 131-135.
[9]	CHENG Jing, GE Luqi, ZHANG Tao, LIU Ying, ZHANG Yifei. Research on factors affecting quality of mobile application crowdsourced testing [J]. Journal of Computer Applications, 2018, 38(9): 2626-2630.
[10]	LU Zicong, XU Kaiyong, GUO Song, XIAO Jingxu. Dynamic measurement of Android kernel based on ARM virtualization extension [J]. Journal of Computer Applications, 2018, 38(9): 2644-2649.
[11]	LUO Wenshuang, CAO Tianjie. Malware detection approach based on non-user operating sequence [J]. Journal of Computer Applications, 2018, 38(1): 56-60.
[12]	LIU Qiyuan, JIAO Jian, CAO Hongsheng. Ontology model for detecting Android implicit information flow [J]. Journal of Computer Applications, 2018, 38(1): 61-66.
[13]	SU Zhida, ZHU Yuefei, LIU Long. Android malware application detection using deep learning [J]. Journal of Computer Applications, 2017, 37(6): 1650-1656.
[14]	LIU Jierui, WU Xueqing, YAN Jun, YANG Hongli. Benchmarks construction and evaluation for resource leak in Android apps [J]. Journal of Computer Applications, 2017, 37(4): 1129-1134.
[15]	LIU Ying, ZHANG Tao, LI Kun, LI Nan. Evaluation model of mobile application crowdsourcing testers [J]. Journal of Computer Applications, 2017, 37(12): 3569-3573.

APK-based automatic method for GUI traversal of Android applications

基于APK的Android应用程序GUI遍历自动化方法

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics