{"title":"加速Android应用程序的符号分析","authors":"Mingyue Yang, D. Lie, Nicolas Papernot","doi":"10.1109/ASEW52652.2021.00021","DOIUrl":null,"url":null,"abstract":"While tools based on symbolic execution are commonly used to analyze mobile applications, these tools can suffer from path explosion when real-world applications have more paths than available computing resources can handle. However, many of the paths are unsatisfiable, that is, no input exists that can satisfy all the path constraints and cause the path to execute. Unfortunately, analysis tools cannot determine this without constraint collection and constraint solving, which are expensive to perform. As a result, analysis tools waste valuable computational resources on unsatisfiable paths. In this work, we demonstrate that machine learning classifiers can predict unsatisfiable paths, resulting in a savings of computational resources. Our classifiers take path-level statistical features as input, and model inference can run immediately after a path is found. This saves analysis time spent on both constraint collection and constraint solving for unsatisfiable paths. We enhance the TIRO Android application analysis tool to avoid paths that are predicted to be unsatisfiable and show that a Random Forest model can achieve 95 % balanced predication accuracy in Android applications. We also show that modified TIRO is able to avoid analyzing 51 % of paths as they are unsatisfiable, resulting in a savings of 14 % of the analysis time.","PeriodicalId":349977,"journal":{"name":"2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW)","volume":"17 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Accelerating Symbolic Analysis for Android Apps\",\"authors\":\"Mingyue Yang, D. Lie, Nicolas Papernot\",\"doi\":\"10.1109/ASEW52652.2021.00021\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"While tools based on symbolic execution are commonly used to analyze mobile applications, these tools can suffer from path explosion when real-world applications have more paths than available computing resources can handle. However, many of the paths are unsatisfiable, that is, no input exists that can satisfy all the path constraints and cause the path to execute. Unfortunately, analysis tools cannot determine this without constraint collection and constraint solving, which are expensive to perform. As a result, analysis tools waste valuable computational resources on unsatisfiable paths. In this work, we demonstrate that machine learning classifiers can predict unsatisfiable paths, resulting in a savings of computational resources. Our classifiers take path-level statistical features as input, and model inference can run immediately after a path is found. This saves analysis time spent on both constraint collection and constraint solving for unsatisfiable paths. We enhance the TIRO Android application analysis tool to avoid paths that are predicted to be unsatisfiable and show that a Random Forest model can achieve 95 % balanced predication accuracy in Android applications. We also show that modified TIRO is able to avoid analyzing 51 % of paths as they are unsatisfiable, resulting in a savings of 14 % of the analysis time.\",\"PeriodicalId\":349977,\"journal\":{\"name\":\"2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW)\",\"volume\":\"17 4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ASEW52652.2021.00021\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASEW52652.2021.00021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
While tools based on symbolic execution are commonly used to analyze mobile applications, these tools can suffer from path explosion when real-world applications have more paths than available computing resources can handle. However, many of the paths are unsatisfiable, that is, no input exists that can satisfy all the path constraints and cause the path to execute. Unfortunately, analysis tools cannot determine this without constraint collection and constraint solving, which are expensive to perform. As a result, analysis tools waste valuable computational resources on unsatisfiable paths. In this work, we demonstrate that machine learning classifiers can predict unsatisfiable paths, resulting in a savings of computational resources. Our classifiers take path-level statistical features as input, and model inference can run immediately after a path is found. This saves analysis time spent on both constraint collection and constraint solving for unsatisfiable paths. We enhance the TIRO Android application analysis tool to avoid paths that are predicted to be unsatisfiable and show that a Random Forest model can achieve 95 % balanced predication accuracy in Android applications. We also show that modified TIRO is able to avoid analyzing 51 % of paths as they are unsatisfiable, resulting in a savings of 14 % of the analysis time.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
