{"citation":{"short":"F. Pauck, E. Bodden, H. Wehrheim, ArXiv:1804.02903 (2018).","apa":"Pauck, F., Bodden, E., &#38; Wehrheim, H. (2018). Do Android Taint Analysis Tools Keep their Promises? <i>ArXiv:1804.02903</i>.","mla":"Pauck, Felix, et al. “Do Android Taint Analysis Tools Keep Their Promises?” <i>ArXiv:1804.02903</i>, 2018.","ieee":"F. Pauck, E. Bodden, and H. Wehrheim, “Do Android Taint Analysis Tools Keep their Promises?,” <i>arXiv:1804.02903</i>. 2018.","chicago":"Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis Tools Keep Their Promises?” <i>ArXiv:1804.02903</i>, 2018.","ama":"Pauck F, Bodden E, Wehrheim H. Do Android Taint Analysis Tools Keep their Promises? <i>arXiv:180402903</i>. 2018.","bibtex":"@article{Pauck_Bodden_Wehrheim_2018, title={Do Android Taint Analysis Tools Keep their Promises?}, journal={arXiv:1804.02903}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, year={2018} }"},"status":"public","title":"Do Android Taint Analysis Tools Keep their Promises?","author":[{"first_name":"Felix","id":"22398","full_name":"Pauck, Felix","last_name":"Pauck"},{"orcid":"0000-0003-3470-3647","full_name":"Bodden, Eric","id":"59256","last_name":"Bodden","first_name":"Eric"},{"first_name":"Heike","last_name":"Wehrheim","id":"573","full_name":"Wehrheim, Heike"}],"department":[{"_id":"77"},{"_id":"76"}],"abstract":[{"lang":"eng","text":"In recent years, researchers have developed a number of tools to conduct\r\ntaint analysis of Android applications. While all the respective papers aim at\r\nproviding a thorough empirical evaluation, comparability is hindered by varying\r\nor unclear evaluation targets. Sometimes, the apps used for evaluation are not\r\nprecisely described. In other cases, authors use an established benchmark but\r\ncover it only partially. In yet other cases, the evaluations differ in terms of\r\nthe data leaks searched for, or lack a ground truth to compare against. All\r\nthose limitations make it impossible to truly compare the tools based on those\r\npublished evaluations.\r\n  We thus present ReproDroid, a framework allowing the accurate comparison of\r\nAndroid taint analysis tools. ReproDroid supports researchers in inferring the\r\nground truth for data leaks in apps, in automatically applying tools to\r\nbenchmarks, and in evaluating the obtained results. We use ReproDroid to\r\ncomparatively evaluate on equal grounds the six prominent taint analysis tools\r\nAmandroid, DIALDroid, DidFail, DroidSafe, FlowDroid and IccTA. The results are\r\nlargely positive although four tools violate some promises concerning features\r\nand accuracy. Finally, we contribute to the area of unbiased benchmarking with\r\na new and improved version of the open test suite DroidBench."}],"publication":"arXiv:1804.02903","file_date_updated":"2018-11-21T10:49:23Z","project":[{"name":"SFB 901","_id":"1"},{"_id":"3","name":"SFB 901 - Project Area B"},{"_id":"12","name":"SFB 901 - Subproject B4"}],"date_updated":"2022-01-06T06:57:35Z","type":"preprint","file":[{"date_created":"2018-11-21T10:49:23Z","success":1,"creator":"florida","file_size":1045861,"access_level":"closed","file_id":"5781","date_updated":"2018-11-21T10:49:23Z","file_name":"Do Android Taint Analysis Tools Keep their Promises.pdf","relation":"main_file","content_type":"application/pdf"}],"year":"2018","has_accepted_license":"1","_id":"2711","user_id":"477","language":[{"iso":"eng"}],"ddc":["000"],"date_created":"2018-05-09T08:27:11Z"}