GenBenchDroid: Fuzzing Android Taint Analysis Benchmarks
Abstract
The conventional approach of assessing the performance of Android taint analysis tools consists of applying the tool to already existing benchmarks and calculating its performance on the contained benchmark cases. Creating and maintaining a benchmark requires a lot of effort, since it needs to comprise various analysis challenges, and since each benchmark case needs a well documented ground-truth - otherwise one cannot know whether a tool’s analysis is accurate. This effort is further increased by the frequently changing Android API. All these factors lead to the same, usually manually created, benchmarks being reused over and over again. In consequence analysis tools are often over-adapted to these benchmarks. To overcome these issues we propose the concept of benchmark fuzzing , which allows the generation of previously unknown and unique benchmarks, alongside their ground-truths, at evaluation time. We implement this approach in our tool GenBenchDroid and additionally show that we are able to find analysis faults that remain uncovered when solely relying on the conventional benchmarking approach.
- Citation
- BibTeX
Schott, S. & Pauck, F.,
(2023).
GenBenchDroid: Fuzzing Android Taint Analysis Benchmarks.
In:
Engels, G., Hebig, R. & Tichy, M.
(Hrsg.),
Software Engineering 2023.
Bonn:
Gesellschaft für Informatik e.V..
(S. 107-108).
@inproceedings{mci/Schott2023,
author = {Schott, Stefan AND Pauck, Felix},
title = {GenBenchDroid: Fuzzing Android Taint Analysis Benchmarks},
booktitle = {Software Engineering 2023},
year = {2023},
editor = {Engels, Gregor AND Hebig, Regina AND Tichy, Matthias} ,
pages = { 107-108 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Schott, Stefan AND Pauck, Felix},
title = {GenBenchDroid: Fuzzing Android Taint Analysis Benchmarks},
booktitle = {Software Engineering 2023},
year = {2023},
editor = {Engels, Gregor AND Hebig, Regina AND Tichy, Matthias} ,
pages = { 107-108 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Dateien | Groesse | Format | Anzeige | |
---|---|---|---|---|
paper40.pdf | 262.1Kb | View/ |
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
ISBN: 978-3-88579-726-5
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2023
Language: (en)
Content Type: Text/Conference Paper