Checking conformance of applications against GUI policies

Download: PDF.

“Checking conformance of applications against GUI policies” by Zhen Zhang, Yu Feng, Michael D. Ernst, Sebastian Porst, and Isil Dillig. In ESEC/FSE 2021: The ACM 29th joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), (Athens, Greece), Aug. 2021.

Abstract

A good graphical user interface (GUI) is crucial for an application's usability, so vendors and regulatory agencies increasingly place restrictions on how GUI elements should appear to and interact with users. Motivated by this concern, this paper presents a new technique (based on static analysis) for checking conformance between (Android) applications and GUI policies expressed in a formal specification language. In particular, this paper (1) describes a specification language for formalizing GUI policies, (2) proposes a new program abstraction called an event-driven layout forest, and (3) describes a static analysis for constructing this abstraction and checking it against a GUI policy. We have implemented the proposed approach in a tool called Venus, and we evaluate it on 2361 Android applications and 17 policies. Our evaluation shows that Venus can uncover malicious applications that perform ad fraud and identify violations of GUI design guidelines and GDPR laws.

Download: PDF.

BibTeX entry:

@inproceedings{ZhangFEPD2021,
   author = {Zhen Zhang and Yu Feng and Michael D. Ernst and Sebastian
	Porst and Isil Dillig},
   title = {Checking conformance of applications against {GUI} policies},
   booktitle = {ESEC/FSE 2021: The ACM 29th joint European Software
	Engineering Conference and Symposium on the Foundations of
	Software Engineering (ESEC/FSE)},
   address = {Athens, Greece},
   month = aug,
   year = {2021}
}

(This webpage was created with bibtex2web.)

Back to Michael Ernst's publications.