检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:汤杨[1] 曾凡平[1,2,3] 王健康[1] 黄心依
机构地区:[1]中国科学技术大学计算机科学与技术学院,合肥230026 [2]计算机科学国家重点实验室(中国科学院软件研究所),北京100190 [3]安徽省计算与通讯软件重点实验室,合肥230026
出 处:《计算机应用》2016年第10期2811-2815,共5页journal of Computer Applications
基 金:安徽省自然科学基金资助项目(11040606M131)~~
摘 要:针对传统软件安全测试方法(例如:符号执行、模糊测试、污点分析等)无法获得较高的Android程序图形用户界面(GUI)覆盖率的问题,提出动态和静态相结合的Android程序测试方法。该方法在静态分析Android应用程序数据流的基础之上,构建程序活动转换图和函数调用图,解析程序GUI元素,进而编写测试脚本动态遍历应用程序GUI元素。将该方法应用于订票日历、WiFi万能钥匙和360天气应用的实际测试,结果表明:Activity的平均覆盖率达到76%,明显高于人工测试的平均值30.08%和基于控件树遍历的42.05%~61.29%,该方法能够有效遍历Android应用程序GUI元素。Traditional security testing methods (such as symbolic execution, fuzz testing, and taint analysis) cannot obtain high coverage of Graph User Interface (GUI) for Android programs. To solve this problem, an Android program testing method combining both static and dynamic analysis was proposed. Based on the static analysis of data flow of Android applications, activity translation graph and function call graph were constructed, and the GUI elements of the program were parsed, then scripts were written to dynamically traverse GUI elements of applications. This method was applied to the testing of the applications including Booking Calendar, Wifi Master Key and 360 Weather, the result showed that the average coverage of activity reached 76%, which was significantly higher than that of manual testing (30.08%) as well as GUI tree traversal (42.05%-61.29%). Experimental result demonstrate that the method can effectively traverse GUI of Android applications.
关 键 词:静态分析 动态测试 事件模拟 活动调用图 函数调用图 图形用户界面遍历
分 类 号:TP311.5[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.232
