Composite Constant Propagation and its Application to Android Program Analysis

Damien Octeau, Daniel Luchaup, Somesh Jha, Patrick McDaniel

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

Many program analyses require statically inferring the possible values of composite types. However, current approaches either do not account for correlations between object fields or do so in an ad hoc manner. In this paper, we introduce the problem of composite constant propagation. We develop the first generic solver that infers all possible values of complex objects in an interprocedural, flow and context-sensitive manner, taking field correlations into account. Composite constant propagation problems are specified using COAL, a declarative language. We apply our COAL solver to the problem of inferring Android Inter-Component Communication (ICC) values, which is required to understand how the components of Android applications interact. Using COAL, we model ICC objects in Android more thoroughly than the state-of-the-art. We compute ICC values for 489 applications from the Google Play store. The ICC values we infer are substantially more precise than previous work. The analysis is efficient, taking two minutes per application on average. While this work can be used as the basis for many whole-program analyses of Android applications, the COAL solver can also be used to infer the values of composite objects in many other contexts.

Original languageEnglish (US)
Article number7447806
Pages (from-to)999-1014
Number of pages16
JournalIEEE Transactions on Software Engineering
Volume42
Issue number11
DOIs
StatePublished - Nov 1 2016

Fingerprint

Communication
Composite materials

All Science Journal Classification (ASJC) codes

  • Software

Cite this

Octeau, Damien ; Luchaup, Daniel ; Jha, Somesh ; McDaniel, Patrick. / Composite Constant Propagation and its Application to Android Program Analysis. In: IEEE Transactions on Software Engineering. 2016 ; Vol. 42, No. 11. pp. 999-1014.
@article{4d2159b0f37d4b42ac2aea6f1a9d32e0,
title = "Composite Constant Propagation and its Application to Android Program Analysis",
abstract = "Many program analyses require statically inferring the possible values of composite types. However, current approaches either do not account for correlations between object fields or do so in an ad hoc manner. In this paper, we introduce the problem of composite constant propagation. We develop the first generic solver that infers all possible values of complex objects in an interprocedural, flow and context-sensitive manner, taking field correlations into account. Composite constant propagation problems are specified using COAL, a declarative language. We apply our COAL solver to the problem of inferring Android Inter-Component Communication (ICC) values, which is required to understand how the components of Android applications interact. Using COAL, we model ICC objects in Android more thoroughly than the state-of-the-art. We compute ICC values for 489 applications from the Google Play store. The ICC values we infer are substantially more precise than previous work. The analysis is efficient, taking two minutes per application on average. While this work can be used as the basis for many whole-program analyses of Android applications, the COAL solver can also be used to infer the values of composite objects in many other contexts.",
author = "Damien Octeau and Daniel Luchaup and Somesh Jha and Patrick McDaniel",
year = "2016",
month = "11",
day = "1",
doi = "10.1109/TSE.2016.2550446",
language = "English (US)",
volume = "42",
pages = "999--1014",
journal = "IEEE Transactions on Software Engineering",
issn = "0098-5589",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "11",

}

Composite Constant Propagation and its Application to Android Program Analysis. / Octeau, Damien; Luchaup, Daniel; Jha, Somesh; McDaniel, Patrick.

In: IEEE Transactions on Software Engineering, Vol. 42, No. 11, 7447806, 01.11.2016, p. 999-1014.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Composite Constant Propagation and its Application to Android Program Analysis

AU - Octeau, Damien

AU - Luchaup, Daniel

AU - Jha, Somesh

AU - McDaniel, Patrick

PY - 2016/11/1

Y1 - 2016/11/1

N2 - Many program analyses require statically inferring the possible values of composite types. However, current approaches either do not account for correlations between object fields or do so in an ad hoc manner. In this paper, we introduce the problem of composite constant propagation. We develop the first generic solver that infers all possible values of complex objects in an interprocedural, flow and context-sensitive manner, taking field correlations into account. Composite constant propagation problems are specified using COAL, a declarative language. We apply our COAL solver to the problem of inferring Android Inter-Component Communication (ICC) values, which is required to understand how the components of Android applications interact. Using COAL, we model ICC objects in Android more thoroughly than the state-of-the-art. We compute ICC values for 489 applications from the Google Play store. The ICC values we infer are substantially more precise than previous work. The analysis is efficient, taking two minutes per application on average. While this work can be used as the basis for many whole-program analyses of Android applications, the COAL solver can also be used to infer the values of composite objects in many other contexts.

AB - Many program analyses require statically inferring the possible values of composite types. However, current approaches either do not account for correlations between object fields or do so in an ad hoc manner. In this paper, we introduce the problem of composite constant propagation. We develop the first generic solver that infers all possible values of complex objects in an interprocedural, flow and context-sensitive manner, taking field correlations into account. Composite constant propagation problems are specified using COAL, a declarative language. We apply our COAL solver to the problem of inferring Android Inter-Component Communication (ICC) values, which is required to understand how the components of Android applications interact. Using COAL, we model ICC objects in Android more thoroughly than the state-of-the-art. We compute ICC values for 489 applications from the Google Play store. The ICC values we infer are substantially more precise than previous work. The analysis is efficient, taking two minutes per application on average. While this work can be used as the basis for many whole-program analyses of Android applications, the COAL solver can also be used to infer the values of composite objects in many other contexts.

UR - http://www.scopus.com/inward/record.url?scp=84997542798&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84997542798&partnerID=8YFLogxK

U2 - 10.1109/TSE.2016.2550446

DO - 10.1109/TSE.2016.2550446

M3 - Article

AN - SCOPUS:84997542798

VL - 42

SP - 999

EP - 1014

JO - IEEE Transactions on Software Engineering

JF - IEEE Transactions on Software Engineering

SN - 0098-5589

IS - 11

M1 - 7447806

ER -