Scalable and Practical App Digging Engine
SPADE is a collection of tools for quickly and automatically analyzing runtime states of a large collection of mobile apps. Such tasks are becoming increasingly important for app stores: e.g., for checking apps' runtime security and privacy properties, for capturing and indexing data inside apps for better app search, etc. SPADE uses two key techniques. First, it uses binary instrumentation to automatically insert custom code into app binary to capture its runtime state. Second, it executes an instrumented app in a phone/tablet emulator and automatically navigates through various app pages by emulating user interactions. SPADE employs a number of novel optimizations to increase coverage (i.e., fraction of total app pages that are explored) and speed (i.e., number of unique app pages explored).
An overview of the project, with scenarios and technical challenges, can be found here.
- SmartAds: contextual ads on mobile aps. See video here.
- AppSearch: search engine over data deep inside apps
- DECAF: Detecting various ad frauds in mobile apps
- VanarSena: Mobile app testing in the cloud
- Yimo: Checking COPPA compliance of kids' apps
Contact: Suman Nath
- Shuai Hao, Bin Liu, Suman Nath, William G.J. Halfond, and Ramesh Govindan, PUMA: Programmable UI-Automation for Large Scale Dynamic Analysis of Mobile Apps, in The International Conference on Mobile Systems, Applications, and Services (MobiSys), ACM, June 2014
- Lenin Ravindranath, Suman Nath, Jitendra Padhye, and Hari Balakrishnan, Automatic and Scalable Fault Detection for Mobile Applications, in The International Conference on Mobile Systems, Applications, and Services (MobiSys), ACM, June 2014
- Bin Liu, Suman Nath, Ramesh Govindan, and Jie Liu, DECAF: DEtecting and Characterizing Ad Fraud in Mobile Apps, in USENIX Symposium on Networked Systems Design and Implementation (NSDI) , USENIX Symposium on Networked Systems Design and Implemenentation, 2014
- Felix Xiaozhu Lin, Lenin Ravindranath, Suman Nath, and Jie Liu, SPADE: Scalable App Digging with Binary Instrumentation and Automated Execution, no. MSR-TR-2013-126, January 2013