Title | Checking conformance of applications against GUI policies |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Zhang Z, Feng Y, Ernst MD, Porst S, Dillig I |
Conference Name | ESEC/FSE 2021: The ACM 29th joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) |
Pagination | 95-106 |
Date or Month Published | August |
Conference Location | Athens, Greece |
Abstract | A good graphical user interface (GUI) is crucial for an application's usability, so vendors and regulatory agencies increasingly place restrictions on how GUI elements should appear to and interact with users. Motivated by this concern, this paper presents a new technique (based on static analysis) for checking conformance between (Android) applications and GUI policies expressed in a formal specification language. In particular, this paper (1) describes a specification language for formalizing GUI policies, (2) proposes a new program abstraction called an \emphevent-driven layout forest, and (3) describes a static analysis for constructing this abstraction and checking it against a GUI policy. We have implemented the proposed approach in a tool called Venus, and we evaluate it on 2361 Android applications and 17 policies. Our evaluation shows that Venus can uncover malicious applications that perform ad fraud and identify violations of GUI design guidelines and GDPR laws. |
Downloads | https://docs.google.com/presentation/d/1CsPMaomfsL53KON1nWfI3vVN8bKmzLMJ... slides (Google Slides)
https://github.com/izgzhen/ui-checker implementation
|
Citation Key | ZhangFEPD2021 |