Study On Android Dynamic Testing Method Based On Static Analysis

Android applications have event-driven features, interacting with users by GUI (graphical user interface). The applications shoud be analyzed and test efficiently to ensure it's reliability and security. And the essential factor is traversal of the GUIs.Currently, the methods of analysis and detection Android applications include static and dynamic methods. Static methods are difficult to achieve real environment, the accuracy of results is not awlays satisfactory and exists certain false positive. On the other hand, the disadvantage of dynamic is bad coverage rate, and results may not perform as expected.In this paper, we propose a dynamic testing method for Android applications based on static analysis. We construct application activity transition graph and function call graph after static analysis of application data stream. Then traverse both graphs by simulating user events. The main work and characteristics in our paper are as follows:(1) Put forward a program test method combining with dynamic testing and static analysis. Decompiling Android installation package file staticly, extracting the registration information of Activity in manifest file, decompile program code to build activity translation graph. Simplifying function call graph by using regular expression after statically analyzing data flow, which just considering related widget and listener.(2) Present GUI traversal method based on activity translation graph and function call graph. According to the data flow, we simulate user events and actions to traverse GUI widgets.(3) Write test scripts to traverse applications by UiAutomator, a test kit with excellent coupling can simulate the native events of Android. Besides, UiAutomator could dynamicly execute and monitor traversal on the GUI elements in application activities.(4) Verify the validity and applicability of the proposed method in this paper by Experiments. Using the proposed method to test and traverse application in Android system, write test scripts for traversal programs. Experiments show that the proposed method can improve the coverage of GUIs and Activities. The sensitive behaviors in application can be found by this traversal-based approach.Researching on Android application GUI testing to improve GUI test coverage rate, which can help developers improve test efficiency. In aspect of program security, the logs and testing reports generated by testing application with proposed method in this paper can be analyzed privacy security by security researchers. After that developers can improve the security of applications.