SPADE

Scalable and Practical App Digging Engine

SPADE is a collection of tools for quickly and automatically analyzing runtime states of a large collection of mobile apps. Such tasks are becoming increasingly important for app stores: e.g., for checking apps' runtime security and privacy properties, for capturing and indexing data inside apps for better app search, etc. SPADE uses two key techniques. First, it uses binary instrumentation to automatically insert custom code into app binary to capture its runtime state. Second, it executes an instrumented app in a phone/tablet emulator and automatically navigates through various app pages by emulating user interactions. SPADE employs a number of novel optimizations to increase coverage (i.e., fraction of total app pages that are explored) and speed (i.e., number of unique app pages explored).

An overview of the project, with scenarios and technical challenges, can be found here.

Scenarios

  • SmartAds: contextual ads on mobile aps. See video here.
  • AppSearch: search engine over data deep inside apps
  • DECAF: Detecting various ad frauds in mobile apps
  • VanarSena: Mobile app testing in the cloud
  • Yimo: Checking COPPA compliance of kids' apps

Contact: Suman Nath

People
Publications