Towards Practical Evaluation of Android ICC Resolution Techniques

Abstract

Inter-component communication (ICC) is a widely used mechanism in mobile apps, which enables message-based control flow transferring and data passing between components. Effective ICC resolution requires precisely identifying entry points, analyzing data values of ICC fields, modeling related framework APIs, etc. Due to various control-flow and data-value tracking related characteristics involved and the lack of oracles for real-world apps, the practical evaluation of ICC resolution techniques is challenging. To fill this gap, we collect multiple-type benchmark suites with 4,104 apps, covering the characteristic-specific, open-source, and commercial ones. Considering the differences of benchmarks, we adopt various evaluation metrics for them, which are based on the number count, graph structure, and reliable oracle. As the oracle for real-world apps is unavailable, we design a dynamic analysis approach to extract the real ICC links triggered during GUI exploration. Overall, we manually confirm 1,680 ICCs and label 42,000 code characteristic tags to form a reliable oracle set. The evaluation performed on six off-the-shelf ICC resolution tools show that tools behave inconsistently on multiple benchmarks and with different metrics. Using reliable oracles, we find that up to 39\% - 85\% ICCs are missed by the six tools, for their inadequate analysis of specific code characteristics. And with the help of graph metrics, we identify many wrongly reported ICCs caused by conservative analysis or the transitivity of imprecision. Finally, we summarize eight FN/FP patterns in ICC resolution for further improvement.