| As the Android-equipped devices become more common, and the number and kinds of apps in the Android app market more various. It is a great challenge for Android app automated testing to test on the huge amounts of Android apps efficiently. At the same time, malicious apps in the Android app market are more prevailing in recent years, which have caused great losses to people. Dynamic android app analysis techniques have attracted the focus of malware researchers, because it is more precise than static analysis. However, the premise of dynamic android app Analysis is to trigger the behaviors of android app automaticly and effectively with a higher coverage.For common android app automated testing, the goal of automatic tesing is to achieve higher test coverage within a reasonable time.We found that acteve based on concolic execution cannot achieve high code coverage, because it lacks events support and cannot detect some activites,We proposed a method called acteve++ to cover the shortage. We did some experiments with acteve++ and current android automated testing tools such as monkey, dynodroid, GUIRipper and acteve with an open test set. We proved that acteve++ can reach higher average test coverage within a reasonable time compared to other existing tools.For android malware automated testing, we analyzed a famous tool called IntelliDroid. We found that the static analysis part of IntelliDroid cannot analyze intercomponent communication in Android app, which can cause false negatives. We proposed a method called IntelliDroid+ICC to make up for the deficiency. We did some experiments with Droidbench and Android Malware Genome test cases. We proved that IntelliDroid+ICC can analyze intercomponent communication in Android app within a reasonable time compared to IntelliDroid, which can trigger the malicious behavior more precisely. |
PDF Full Text Request