Detecting Event-Based Races in Mobile Applications

Download files
Access & Terms of Use
open access
Copyright: Wu, Diyu
CC BY-NC-ND 3.0
Altmetric
Abstract
Modern mobile platforms have formed their distinct hybrid concurrency system containing both traditional multi-threading and asynchronous event dispatching to support a diverse range of applications. However, this system introduces prevalent concurrency bugs, causing misbehaviour of mobile apps. It is challenging to detect concurrency bugs in mobile apps. Static analysis is prone to a high false positive rate due to the complexity of the hybrid concurrency system, while dynamic analysis suffers from the code coverage problem and the existence of conditional statements in programs creates obstacles to dynamically reaching the target statements. This thesis presents two new techniques for detecting event-based races in Android apps, where Android is the dominant mobile platform and has been plagued by event-based races. First, a novel static analysis tool, called Sard is introduced for detecting event-based races causing use-after-free violations in Android apps. This tool systematically models Android’s concurrency mechanism and applies a novel flow- and context-sensitive static happens-before analysis to reason the interleavings relations between different events and threads. Compared to the prior state-of-the-art tool, Sard achieves better precision (by reporting less false positives and false negatives) and better efficiency. Second, we propose Sieve, which combines both static and dynamic analysis to detect event-based races in Android apps. Sieve first applies static analysis to find all suspicious races, and then attempts to expose these races dynamically by leveraging a new selective branch instrumentation. For the conditionals potentially affecting a suspicious race, Sieve fixes the true/false outcomes of some of these conditionals based on a systematic branch analysis. By instrumenting certain branches selectively this way, Sieve can not only expose event-based races more effectively than the prior state-of-the-art techniques, but also substantially reduce the negative ramifications of instrumentation. This thesis presents the methodologies and implementations of both proposed tools and evaluates them using real-world Android apps. The experimental results demonstrate that both Sard and Sieve have met their design goals and bring inspiration on how to perform program analysis on detecting event-based races in event-driven mobile platforms.
Persistent link to this record
http://hdl.handle.net/1959.4/70649
DOI
https://doi.org/10.26190/unsworks/22354
Link to Publisher Version
Link to Open Access Version
Additional Link
Author(s)
Wu, Diyu
Supervisor(s)
Xue, Jingling
Sui, Yulei
Creator(s)
Editor(s)
Translator(s)
Curator(s)
Designer(s)
Arranger(s)
Composer(s)
Recordist(s)
Conference Proceedings Editor(s)
Other Contributor(s)
Corporate/Industry Contributor(s)
Publication Year
2021
Resource Type
Thesis
Degree Type
PhD Doctorate
UNSW Faculty
Files
download public version.pdf 2.16 MB Adobe Portable Document Format
Related dataset(s)
View full record Show statistics