DOI QR코드

DOI QR Code

Testing Android Applications Considering Various Contexts Inferred from Permissions

안드로이드 어플리케이션 개발에서 퍼미션 분석을 사용한 다양한 테스트 환경 조건 생성 기법

  • Received : 2015.03.17
  • Accepted : 2015.06.11
  • Published : 2015.08.15

Abstract

The context-awareness of mobile applications yields several issues for testing, since mobile applications should be able to be tested in any environment and under any contextual input. In previous studies of testing for Android applications as an event-driven system, many researchers have focused on using generated test cases considering only Graphical User Interface (GUI) events. However, it is difficult to find failures that could be detected when considering the changes in the context in which applications run. It is even more important to consider various contexts since the mobile applications adapt and use the new features and sensors of mobile devices. In this paper, we provide a method of systematically generating various executing contexts from permissions. By referring to the lists of permissions, the resources used by the applications for running Android applications can be easily inferred. To evaluate the efficiency of our testing method, we applied the method on two open source projects and showed that it contributes to improve the statement code coverage.

최근에 제조되는 스마트폰들이 점점 다양한 인터페이스 장비와 사용자 주변 환경을 인식하는 센서 장비를 포함하게 되면서, 어플리케이션을 개발 시 주어진 장비들을 활용함으로 인해 증가된 개발 및 테스팅 복잡도를 효과적으로 제어하는 것이 중요하게 되었다. 이는 기존의 이벤트 기반 혹은 사용자가 지정한 입력만을 사용하여 테스트를 수행하는 연구로는 한계가 있음을 의미하며 대상 어플리케이션과 상호작용하는 주변 기기를 특정하여 이들로부터 구체적인 실행 환경 조합을 체계적으로 생성하는 연구가 필요하고 할 수 있다. 본 연구에서는 안드로이드 어플리케이션과 함께 배포되는 퍼미션 정보를 기반으로 어플리케이션의 기능에 영향 주는 주변 기기들을 분석한 후 이를 기반으로 외부 환경 조건들을 자동으로 생성하는 방법을 제안한다. 마지막으로 오픈소스에 본 연구기법을 적용하여 코드 커버리지가 향상됨을 보임으로써 본 연구의 효과성을 검증하였다.

Keywords

Acknowledgement

Supported by : 한국연구재단, 정보통신기술진흥센터

References

  1. G. D. Abowd, A. K. Dey, P. J. Brown, N. Davies, M. Smith, and P. Steggles, "Towards a Better Understanding of Context and Context Awareness," Handheld and Ubiquitous Computing, Vol. 1707, pp. 304-307, Jan. 1999. https://doi.org/10.1007/3-540-48157-5_29
  2. M. Wang, J. Yuan, H. Miao, and G. Tan, "A Static Analysis Approach for Automatic Generating Test Cases for Web Applications," Proc. of Computer Science and Software Engineering, Vol. 2, pp. 751-754, Dec. 2008.
  3. A. K. Maji, K. Hao, S. Sultana, and S. Bagchi, "Characterizing Failures in Mobile OSes: A Case Study with Android and Symbian," Proc. of the 21st IEEE International Symposium on Software Reliability Engineering, pp. 249-258, Nov. 2010.
  4. Monkey, [Online]. Available: http://developer.android.com/tools/help/monkey.html
  5. MonkeyRunner, [Online]. Available: http://developer.android.com/tools/help/monkeyrunner_concepts.html
  6. D. Amalfitano, A.R. Fasolino, P.Tramontana, S. DeCarmine, and A. M. Memon, "Using GUI Ripping for Automated Testing of Android Applications," Proc. of the 27th IEEE/ACM International Conference on Automated Software Engineering, pp. 258-261, Sep. 2012.
  7. Z. Liu, X. Gao, and X. Long, "Adaptive Random Testing of Mobile Application," 2nd International Conference on Computer Engineering and Technology, Vol. 2, pp. 297-301, Apr. 2010.
  8. D. Amalfitano, A.R. Fasolino, P. Tramontana, S. DeCarmine, and G. Imparato, "A Toolset for GUI testing of Android Applications," Proc. of the 28th IEEE International Conference on Software Maintenance, pp. 650-653, Sep. 2012.
  9. D. Amlfitano, A.R. Fasolino, P. Tramontana, and N. Amatucci, "Considering Context Events in Event-Based Testing of Mobile Applications," 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation Workshops, pp. 126-133, Mar. 2013.
  10. W. Du and A.P. Mathur, "Vulnerability Testing of Software System Using Fault Injection," Technical report, COAST, Purdue University, pp. 1-20, Apr. 1998.
  11. Google. Android Open Source Project, http://source.android.com/, Jul. 2014.
  12. R. Johnson, Z. Wang, C. Gagnon, and A. Stavrou, "Analysis of Android Applications' Permissions," 2012 IEEE Sixth International Conference on Software Security and Reliability Companion, pp. 45-46, Jun. 2012.
  13. X. Wei, L. Gomez, I. Neamtiu, and M. Faloutsos, "Permission Evolution in the Android Ecosystem," Proc. of the 28th Annual Computer Security Applications Conference, pp. 31-40, Dec. 2012.
  14. W.E. Wong, J.R. Horgan, S. London, and A.P. Mathur, "Effect of Test Set Size and Block Coverage on the Fault Detection Effectiveness," Software Reliability Engineering, pp. 230-238. Nov. 1994.
  15. K.W.Y. Au, Y.F. Zhou, Z. Huang, and D. Lie, "PScout: Analyzing the Android Permission Specification," Proc. of the 2012 ACM Conference on Computer and Communications Security, pp. 217-228, Oct. 2012.
  16. Android Developer, System Permissions, [Online]. Available: http://developer.android.com/intl/ko/guide/topics/security/permissions.html, Jul. 2014.
  17. Open Camera, [Online]. Available: http://opencamera.sourceforge.net
  18. Angulo, [Online]. Available: http://www.domob.eu/projects/angulo.php