puma programmable ui automation for large scale dynamic
play

PUMA: Programmable UI Automation for Large-Scale Dynamic Analysis of - PowerPoint PPT Presentation

Nov 08, 2023 •213 likes •638 views

PUMA: Programmable UI Automation for Large-Scale Dynamic Analysis of Mobile Apps Shuai Hao, Bin Liu, Suman Nath, William G.J. Halfond, Ramesh Govindan 2 Mobile App Explosion 1.2 million 1,200,000 1,000,000 Number of Apps 800,000 600,000

  1. PUMA: Programmable UI Automation for Large-Scale Dynamic Analysis of Mobile Apps Shuai Hao, Bin Liu, Suman Nath, William G.J. Halfond, Ramesh Govindan

  2. 2 Mobile App Explosion 1.2 million 1,200,000 1,000,000 Number of Apps 800,000 600,000 400,000 200,000 0 Source: http://en.wikipedia.org/wiki/Google_Play

  3. 3 App Behaviors are Complex Source: forbes.com Source: droidforums.net Source: zdnet.com

  4. 4 Dynamic Analysis These app behaviors can be studied by dynamic analysis. But given the huge number of apps, We need scalable dynamic analysis methods.

  5. Dynamic Analysis with UI Automation 5  UI-driven app exploration (or Monkey) Source: http://mttnow.com/ios-automated-ui-testing

  6. 6 Monkey: High-level Idea UI events UI info Monkey

  7. 7 Monkey in Dynamic Analysis Example: Check number of Ads on each page

  8. 8 Monkey: Overview Page Text List Image UI Extraction UI Structure Button Button UI Extraction Channel Monkey UI Action Channel Decide UI Action Action Dictionary Click “Continue” Button Button Click UI Action Multipage Scroll List Scroll The set of previously Next App Page An App Page visited pages

  9. 9 Monkey-based App Analyses AMC Check accessibility of UI elements MobiSys’13 DECAF Check ad violation on each page NSDI’14 SmartAds Deliver ad based on page content MobiSys’13 VanarSena Test whether app crashes MobiSys’14 ContextualFuzzing Test app crash and performance issue MSR- TR’13 AppsPlayground Detect privacy leak and malware CODASPY’13

  10. 10 Monkey Coverage vs. Speed Problem Monkey may never finish app exploration Solution Optimize app exploration in an analysis-specific way Refresh Example Updates can also be AMC: uses a structural similarity measure pushed to device DECAF: uses a structural similarity measure and ML- based technique to avoid similar page visit

  11. 11 Flexibility in Access to App Info Problem Analysis may require data that is not available in UI structure Solution Instrument app or extract info from environment Example SmartAds: uses app instrumentation to obtain in- app context info VanarSena: uses app instrumentation to control memory and isolated storage

  12. 12 Monkey-based App Analyses Result Complex and customized code e.g. DECAF: > 4300 LOC with 70% for monkey Impact Tool for analysis X is very hard to be reused for analysis Y.

  13. 13 Our Goal Provide a programmable way for monkey-based app analyses. • so that both analyses X and Y can be implemented easily by customization

  14. 14 Approach Event-Driven UI Automation UI Property Ad Fraud Page Content Monkey Monkey Monkey AMC DECAF SmartAds

  15. 15 Approach Event-Driven UI Automation Ad Fraud UI Property Page Content Ad Fraud Monkey UI Property Monkey Page Content Monkey DECAF AMC SmartAds events events events API Programmable PUMA Monkey

  16. 16 Framework Requirements Exploration Page Property Action Required System Transition Target Checked Taken Instrumentation AMC Distinct UI Accessibility - No DECAF Distinct UI Ad layout - No Page SmartAds All UI - Yes content 3 A E Distinct UI None - Yes Apps Distinct UI, text Info flow - Yes Playground Inject VanarSena Distinct UI, text Crash Yes fault Contextual Change All UI Crash, perf . No Fuzzing context Customize the definition of state equivalence Customize the definition of next state Specify instrumentation for the app Specify which properties to check Change the environment

  17. 17 Key Idea: Event-driven Paradigm

  18. 18 Key Idea: Event-driven Paradigm App-specific Events Go to initial page Next Click Pick a clickable UI element Effect environment changes, if needed Modify environment Perform click, user input Text Input Wait for page done In-line Analysis Check page equivalence State Equivalence Need continue Terminating App

  19. 19 Framework Requirements Exploration Page Property Action Required System Transition Target Checked Taken Instrumentation AMC Distinct UI Accessibility - No DECAF Distinct UI Ad layout - No Modify environment Page SmartAds State Equivalence All UI - Yes content 3 A E Distinct UI None - Yes Apps Distinct UI, text Info flow App-specific Events - Yes Playground Inject VanarSena Distinct UI, text Crash Yes fault Contextual Change All UI Crash, perf . No Fuzzing context Text Input Next Click In-line Analysis

  20. 20 Example: Network Usage Profiler Count bytes sent and received in HTTP traffic 400 KB State Equivalence 1 MB Next Click <described later> 200 KB App-specific Events 500 KB

  21. 21 Example: Network Usage Profiler Count bytes sent and received in HTTP traffic State Equivalence <described later>

  22. 22 State Equivalence Determine whether two pages are equivalent or not Structural similarity, content similarity, customized

  23. 23 Example: Network Usage Profiler Count bytes sent and received in HTTP traffic Next Click <described later>

  24. 24 Next Click Determine which UI element to click Sequential order, max-type order, customized

  25. 25 Example: Network Usage Profiler Count bytes sent and received in HTTP traffic … App-specific Events

  26. 26 App-Specific Events Instrumentation through SIF  regexp-based filter language  Users define named event  Associate named event with a codepoint in the binary S. Hao, D. Li, W. Halfond, R. Govindan . “SIF: Selective Instrumentation Framework for Mobile Applications.” In ACM MobiSys , 2013.

  27. 27 Putting It All Together Original PUMAScript App Instrumented Instrumenter App Interpreter Monkey PUMA

  28. 28 Implementation Challenges  Obtaining UI structure  Intercept uiautomator events  Supporting page scrolling  Check for scrolling direction  Scroll in a zig-zag pattern  Combine partial pages  Detecting page loading completion  WINDOW_CONTENT_CHANGED event  Use window-based moving average heuristic

  29. 29 Evaluation Research Questions Can PUMA support rapid development of 1 large-scale dynamic app analyses? What insights into the app ecosystem can 2 these analyses provide?

  30. 30 Evaluation Methodology  Implemented 7 analysis studies  Downloaded 3,600 apps from Google Play  Ran over emulators phones

  31. 31 Implemented Analysis Studies Accessibility Check accessibility of UI elements Violation Detection Content-based Crawl in-app data for search engine App Search UI Structure Classify apps based on UI structure Classifier Ad Fraud Detect ads placement violation Detection Network Usage Profile in-app HTTP traffic use Profiler Permission Usage Profile in-app permission usage Profiler Stress Testing Inject null HTTP response for test

  32. 32 RQ1: Rapid Development? Accessibility Violation Detection Content-based App Search UI Structure Finished development Classifier and experiments within Ad Fraud Detection 2 weeks Network Usage Profiler Permission Usage Profiler Stress Testing

  33. 33 RQ1: Rapid Development? PUMAScript User Code Study Task (LOC) (LOC) Accessibility violation detection 11 60 Content-based app search ~4300 LOC 14 0 UI structure classifier 11 0 Ad fraud detection 11 52 Network usage profiler 19 8 Permission usage profiler 20 5 Stress testing 16 5 PUMA only uses < 100 LOC for all studies

  34. 34 Cross-Analysis Scaling Optimization With PUMA Computing Resources UI Property Monkey API Ad Fraud Monkey API Page Content Monkey API

  35. 35 Cross-Analysis Scaling Optimization With PUMA after page is loaded UI Property Monkey API check UI property after page is loaded 1. check UI property For 100 apps and 1 phone, it took 8 hours after page is loaded Ad Fraud 2. check Ad fraud instead of 20 hours to finish. Monkey API check ad fraud 3. crawl page content  2.5x speed up after page is loaded Page Content Monkey API crawl page content

  36. 36 RQ2: Insights into App Ecosystem? Accessibility Accessibility Check accessibility of UI elements Check accessibility of UI elements Violation Detection Violation Detection Content-based Content-based Crawl in-app data for search engine Crawl in-app data for search engine App Search App Search UI Structure Classify apps based on UI structure Classifier Ad Fraud Detect ads placement violation Detection Network Usage Profile in-app HTTP traffic use Profiler Permission Usage Profile in-app permission usage Profiler Stress Testing Inject null HTTP response for test

  37. 37 RQ2: Insights into App Ecosystem? Accessibility Violation Detection Start Stop Start Start Start Stop Button Button Scrolling Distance Size Word Count K. Lee, J. Flinn, T. J. Giuli, B. Noble, C. Peplin. “AMC : Verifying User Interface Properties for Vehicular Applications.” In ACM MobiSys’13.

  38. 38 RQ2: Insights into App Ecosystem? Accessibility Violation Detection scrolling button distance button size word count user action per task 0 500 1000 1500 2000 2500 ~55% of our apps violate ≥1 accessibility rules

  39. 39 RQ2: Insights into App Ecosystem? Content-based App Search

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Taking the PUMA E P&amp;L to the next level Stefan Seidel Teamhead PUMA.Safe Ecology

Taking the PUMA E P&amp;L to the next level Stefan Seidel Teamhead PUMA.Safe Ecology

Taking the PUMA E P&amp;L to the next level Stefan Seidel Teamhead PUMA.Safe Ecology Sustainable Innovation 2012 October 30th 2012 PUMA PUMA PUMA is the leading Sportlifestyle company with products which start in Sport and end in

324 views • 14 slides
Making FPGAs Programmable as Computers and Doing It At Scale Paul Chow High-Performance

Making FPGAs Programmable as Computers and Doing It At Scale Paul Chow High-Performance

Making FPGAs Programmable as Computers and Doing It At Scale Paul Chow High-Performance Reconfigurable Computing Group Department of Electrical and Computer Engineering University of Toronto Whats the real goal? Build large-scale

1.1k views • 63 slides
Automation and standardization of semantic video annotations for large-scale empirical film

Automation and standardization of semantic video annotations for large-scale empirical film

Automation and standardization of semantic video annotations for large-scale empirical film studies SWIB 2018 Henning Agt-Rickauer / Christian Hentschel / Harald Sack Hasso Plattner Institute, University of Potsdam, Germany Analyzing

372 views • 25 slides
FPAA: FPGA Extension SoC FPAA SoC FPAA: Computing SoC Dev Board Large Scale FPAA Devices

FPAA: FPGA Extension SoC FPAA SoC FPAA: Computing SoC Dev Board Large Scale FPAA Devices

FPAA: FPGA Extension SoC FPAA SoC FPAA: Computing SoC Dev Board Large Scale FPAA Devices utilize high density of Programmable and Configurable components (often the same components) FG circuits enable in one device: Programmable Memory

444 views • 6 slides
PageRank and recommenders on very large scale A Big Data perspective through Stratosphere

PageRank and recommenders on very large scale A Big Data perspective through Stratosphere

PageRank and recommenders on very large scale PageRank and recommenders on very large scale A Big Data perspective through Stratosphere Mrton Balassi Data Mining and Search Group 1 1 Computer and Automation Research Institute of the Hungarian

719 views • 68 slides
Verification of Reactive Programs from Industrial Automation Dimitri Bohlender Programmable

Verification of Reactive Programs from Industrial Automation Dimitri Bohlender Programmable

Verification of Reactive Programs from Industrial Automation Dimitri Bohlender Programmable Logic Controller (PLC) Tailored to the domain of industrial automation Realise reactive systems, repeatedly executing the same task Single Cycle

162 views • 14 slides
Dual Approximate Dynamic Programming for Large Scale Hydro Valleys P. Carpentier, J-P.

Dual Approximate Dynamic Programming for Large Scale Hydro Valleys P. Carpentier, J-P.

Dams management problem DADP in a nutshell Numerical experiments Dual Approximate Dynamic Programming for Large Scale Hydro Valleys P. Carpentier, J-P. Chancelier, V. Lecl` ere, F. Pacaud supported by the FMJH Program Gaspard Monge for

883 views • 33 slides
Pre- &amp; Post-Earthquake Applications of Large-Scale Dynamic Analysis of Cities Xin-Zheng LU

Pre- &amp; Post-Earthquake Applications of Large-Scale Dynamic Analysis of Cities Xin-Zheng LU

ICRM Symposium 2018, 7 August 2018 Pre- &amp; Post-Earthquake Applications of Large-Scale Dynamic Analysis of Cities Xin-Zheng LU Institute of Disaster Prevention and Mitigation Department of Civil Engineering, Tsinghua University Email:

510 views • 31 slides
FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large Scale Solar Lead April 2017 CONTENTS 1. Introduction to CEFC 2. Investment trends 3. The future of large scale solar 4. Pathway to sustainable

664 views • 21 slides
Dynamic Optimized Advanced Scheduling of Bandwidth Demands for Large Scale Science Applications

Dynamic Optimized Advanced Scheduling of Bandwidth Demands for Large Scale Science Applications

Dynamic Optimized Advanced Scheduling of Bandwidth Demands for Large Scale Science Applications Funded by US Dept. of Energy (DOE) Contract DE-FG02-09ER46622 Byrav Ramamurthy

345 views • 18 slides
Simulating Large-scale Dynamic Random Graphs in OMNeT++ onsson 1 usson 1 Olafur Ragnar

Simulating Large-scale Dynamic Random Graphs in OMNeT++ onsson 1 usson 1 Olafur Ragnar

Simulating Large-scale Dynamic Random Graphs in OMNeT++ onsson 1 usson 1 Olafur Ragnar Helgason 2 Kristj an Valur J Ymir Vigf Reykjavik University KTH Royal Institute of Technology School of Computer Science Laboratory for

773 views • 35 slides
Dynamic Response of a Large-scale Prestressed Concrete Girder Bridge Subjected to Hurricane Wave

Dynamic Response of a Large-scale Prestressed Concrete Girder Bridge Subjected to Hurricane Wave

Civil &amp; Environmental Engineering Session: Bridge Survivability under Extreme Multi-Hazard Loading Dynamic Response of a Large-scale Prestressed Concrete Girder Bridge Subjected to Hurricane Wave Forces Thomas Schumacher, University of

397 views • 29 slides
Computation: Digital and Analog Large-Scale FPAA SoC FPAA Analog &amp; Digital

Computation: Digital and Analog Large-Scale FPAA SoC FPAA Analog &amp; Digital

Computation: Digital and Analog Large-Scale FPAA SoC FPAA Analog &amp; Digital Programmable Configurable Design tools Why Physical / Analog Computing? [Hasler and Marr 2013] Expansion of C. Meads original hypothesis, 1990

514 views • 3 slides
Mizan: A System for Dynamic Load Balancing in Large-scale Graph Processing Zuhair Khayyat 1 Karim

Mizan: A System for Dynamic Load Balancing in Large-scale Graph Processing Zuhair Khayyat 1 Karim

Mizan: A System for Dynamic Load Balancing in Large-scale Graph Processing Zuhair Khayyat 1 Karim Awara 1 Amani Alonazi 1 Hani Jamjoom 2 Dan Williams 2 Panos Kalnis 1 1 King Abdullah University of Science and Technology Thuwal, Saudi Arabia 2 IBM

703 views • 39 slides
Weak State Routing for Large Scale Dynamic Networks Utku Gnay Acer, Shivkumar Kalyanaraman,

Weak State Routing for Large Scale Dynamic Networks Utku Gnay Acer, Shivkumar Kalyanaraman,

Weak State Routing for Large Scale Dynamic Networks Utku Gnay Acer, Shivkumar Kalyanaraman, Alhussein A. Abouzeid Rensselaer Polytechnic Institute Department of Electrical, Computer &amp; Systems Engineering q Which area should we NOT be

625 views • 28 slides
Efficient Large Scale 3D Reconstruction (Wenbing Tao) School of Automation, Institute

Efficient Large Scale 3D Reconstruction (Wenbing Tao) School of Automation, Institute

, Efficient Large Scale 3D Reconstruction (Wenbing Tao)

1.11k views • 73 slides
One kit to target any system and any device of Windows 10. Assess for yourself if youre ready to

One kit to target any system and any device of Windows 10. Assess for yourself if youre ready to

One kit to target any system and any device of Windows 10. Assess for yourself if youre ready to ship. Catch bugs earlier in development. Test 1-150 devices with a single instance of the HLK HLK Tests come directly from the teams who created

480 views • 36 slides
Quickref: a Stress Test for Texinfo Didier Verna EPITA / LRDE didier@lrde.epita.fr lrde/~didier

Quickref: a Stress Test for Texinfo Didier Verna EPITA / LRDE didier@lrde.epita.fr lrde/~didier

Introduction Overview Demo Challenges Conclusion Quickref: a Stress Test for Texinfo Didier Verna EPITA / LRDE didier@lrde.epita.fr lrde/~didier @didierverna didier.verna in/didierverna e TUG 2019 E Introduction Introduction Quickref:

578 views • 25 slides
Testing Cloud Native Applications Pini Reznik, @pini42 October 2016 @pini42

Testing Cloud Native Applications Pini Reznik, @pini42 October 2016 @pini42

Testing Cloud Native Applications Pini Reznik, @pini42 October 2016 @pini42 www.container-solutions.com | info@container-solutions.com Some background... @pini42 www.container-solutions.com | info@container-solutions.com @pini42

847 views • 41 slides
Mid- to Long-term Colorado River System Projections Alan Butler Upper Colorado River Commission

Mid- to Long-term Colorado River System Projections Alan Butler Upper Colorado River Commission

Mid- to Long-term Colorado River System Projections Alan Butler Upper Colorado River Commission Work Meeting August 7, 2020 Basin-Wide Model Comparison 24-MS MTOM CRSS AOP tier determinations and Long-term planning studies, Risk-based

135 views • 9 slides
Who We Are Our mission at CFED is to make it possible for millions of

Who We Are Our mission at CFED is to make it possible for millions of

Who We Are Our mission at CFED is to make it possible for millions of people to achieve financial security and contribute to an opportunity economy. How do we do it We push to expand innovative

762 views • 44 slides
Project Diyi Yang 1 Announcements Homework 1 Homework 2 due: Feb 3 rd , 3:00pm ET 2

Project Diyi Yang 1 Announcements Homework 1 Homework 2 due: Feb 3 rd , 3:00pm ET 2

CS 4650/7650: Natural Language Processing Project Diyi Yang 1 Announcements Homework 1 Homework 2 due: Feb 3 rd , 3:00pm ET 2 Midterm (In Class) One-page cheat sheet (A4 size) Feb 26 th 3 Project Logistics Team info: March 4

476 views • 13 slides
Testing SLURM batch system for a grid farm: functionalities, scalability, performance and how it

Testing SLURM batch system for a grid farm: functionalities, scalability, performance and how it

Testing SLURM batch system for a grid farm: functionalities, scalability, performance and how it works with Cream-CE D O N V I T O G I A C I N T O ( I N F N ) Z A N G R A N D O , L U I G I ( I N F N ) S G A R A V A T T O , M A S S I M O (

669 views • 21 slides
Load Testing with JMeter Presented by Matthew Stout - mat@ucsc.edu UCSC ITS - APM -

Load Testing with JMeter Presented by Matthew Stout - mat@ucsc.edu UCSC ITS - APM -

Load Testing with JMeter Presented by Matthew Stout - mat@ucsc.edu UCSC ITS - APM - Infrastructure &amp; Operations JMeter Overview Java application for load testing and measuring performance Originally for web applications but has

810 views • 46 slides

More recommend