CIDER: Understanding and Detecting Callback Compatibility Issues for Android Applications

CIDER

Based on the findings in our empirical study, we proposed PI-Graph, a graph-based model, to help detect callback compatibility issues in Android applications. With this model, we further design and implement CIDER, to help developers detect callback compatibility issues in Android applications.

PI-Graph Model

From our empirical study, we find that the issues caused by CCFG structural inconsistencies take the majority in our dataset. Based on this, we propose PIGraph, a graph-based model capturing CCFG structural inconsistencies among different API levels. PI-Graph is extracted from different versions of Android system. For more detail, please refer to the research paper.

Implementation of CIDER

CIDER is implemented on top of Soot. We leverage the call graph to analyze the source code of the given Android applications.

We have integrated a list of 7 PI-Graph together with CIDER, which are all the PI-Graph models used in our evaluation. Click here to check the detail of 7 PI-Graph models.

Try CIDER

Click here to download the jar file of CIDER.

You need to run CIDER with the following step:

1. Decompose the apk file, and get the path for AndroidManifest.xml, such as "./Documents/AFWall+/AndroidManifest.xml"

2. Run "java -jar CIDER.jar [path-to-android-jar] [path-to-apk] [path-to-androidmanifest.xml]". Click here to download android.jar. The following is an example of running CIDER: "java -jar CIDER.jar ./android.jar ./AFWall+.apk ./AFWall+/AndroidManifest.xml"

3. You will see the warning generated by CIDER in the console.

Researcher

Huaxun Huang
Lili Wei
Yepang Liu
Shing-Chi Cheung