| With the mobile internet gradually infiltrating into the areas of education, payment, traffic and healthcare, mobile applications become increasingly important in the roles of people’s lives, learning and working. Android application is one of mobile applications with the largest number of all due to many factors such as the popularity of Android devices and system openness. To ensure security and robustness of Android application, researches for security analysis and testing methods in Android application have been rapidly developed in both academia and industry. Because Android applications generally belongs to GUI (Graphical User Interface) program, thus analysis and test methods for Android application GUI become the research hot spot, which of most dynamic analysis and testing methods for GUI traverses the Android application GUI, for instance, the GUI testing method discovering defects by dynamically probing application GUI, the dynamic security analysis method detecting privacy leaks, malicious and sensitive behaviors by iterating through application GUI, and the traversal test method testing equipment and screen compatibility by iterating through application GUI.Automation technology and higher interfacial coverage can improve efficiency and effectiveness of these GUI based dynamic testing and safety analysis methods mentioned above. However, existing methods and technologies can not fully meet the requirements of automation and coverage and the problems include that the need of writing script so that the degree of automation is not high, the need of first building Activity conversion chart by static analysis technology so that the process is complex and requires program sources and traversal model based on Activity components is difficult to reach fully traversal. To solve these problems, we propose an automatic method to traverse Android application GUI without the need of the program source.The main idea of this method is to achieve the goal of automatically traversing Android application GUI by simulating the interaction between users and applications. The method mainly includes:parsing Android application configuration file for Activity component information contained in the application, extracting control information on the application target window and generating corresponding user actions according to these controls, simulating user behaviors, designing a GUI traversal algorithm and building a traversal model. Using this method to do the GUI traversal can get an execution path recorded by screenshots.In order to validate the feasibility and effectiveness of this method, we implement a prototype tool and use the tool to experiment on nine popular Android applications. Results show that the tool can install, launch and traverse the under test applications automatically without the source code, moreover, the tool can obtain a better traversal effect, the nine under test applications achieve42.05%-61.29%activity coverage, which indicates that this method is feasible and effective in improving the automation and interface coverage of GUI traversal of Android applications. |
PDF Full Text Request