Jicer: Simplifying Cooperative Android App Analysis Tasks

Abstract

Slicing is an established technique for program inspection employed in use cases such as debugging, analysis, understanding and restructuring. Slicing techniques compute program parts which affect (or are affected by) certain slicing criteria. Slicing tools are most often specialized to a language and an application use case.In this paper, we present the tool Jicer, the only functional and available static slicer for Android apps. Jicer is a multi-purpose app slicer, configurable to different use cases by its ability to generate debuggable as well as analyzable and executable output. In its core, Jicer is a slicer for Java bytecode, tailored towards Android app specifics like the lack of a main method, extensive use of callbacks and inter-component communication.Jicer in particular supports security (data leak) analysis of Android apps through an interface allowing Jicer to work as one tool in a cooperative analysis. The role of Jicer in cooperative analyses is twofold: Jicer acts as an aid for other tools (via the reduction of the app size) and Jicer benefits from other tools (via the usage of analysis information in Jicer’s app dependence graph). The evaluation shows that Jicer is able to slice real-world apps thereby reducing app size about most ~55 to And importantly in a cooperative ~96%. analysis Jicer can increase the overall precision by significantly reducing the large number of false positives.