Powered by
Conference Publishing Consulting

3rd International Workshop on Software Development Lifecycle for Mobile (DeMobile 2015), August 31, 2015, Bergamo, Italy

DeMobile 2015 – Proceedings

Contents - Abstracts - Authors
Twitter: https://twitter.com/FSEconf

Frontmatter

Title Page


Foreword
We would like to welcome you to the 3rd International Workshop on Software Development Lifecycle for Mobile (DeMobile 2015), where we aim at establishing a community of researchers and practitioners to share their work and lead further research in the mobile software engineering.

Keynote Talks

App Store Mining and Analysis (Keynote)
Afnan Al-Subaihin, Anthony Finkelstein, Mark Harman, Yue Jia, William Martin, Federica Sarro, and Yuanyuan Zhang
(University College London, UK)
App stores are not merely disrupting traditional software deployment practice, but also offer considerable potential benefit to scientific research. Software engineering researchers have never had available, a more rich, wide and varied source of information about software products. There is some source code availability, supporting scientific investigation as it does with more traditional open source systems. However, what is important and different about app stores, is the other data available. Researchers can access user perceptions, expressed in rating and review data. Information is also available on app popularity (typically expressed as the number or rank of downloads). For more traditional applications, this data would simply be too commercially sensitive for public release. Pricing information is also partially available, though at the time of writing, this is sadly submerging beneath a more opaque layer of in-app purchasing. This talk will review research trends in the nascent field of App Store Analysis, presenting results from the UCL app Analysis Group (UCLappA) and others, and will give some directions for future work.

Walking the Model: The Smart Mobile Field Engineer (Keynote)
Yael Dubinsky
(IBM Research, Israel)
Walking the Model (WtM) is a concept that aims to promote the practice of practitioners and crews by providing on-the-job interaction between the system model of the business and the physical world. Among various implementations of this idea, WtM provides mobile field engineers with the ability to view, update and simulate by asking what-if questions while in the field. In this keynote speech, I present the notion and features of walking the model and show how WtM changes the way we perceive of different practices for both actual practice and learning processes.

Research Papers

AGRippin: A Novel Search Based Testing Technique for Android Applications
Domenico Amalfitano, Nicola Amatucci, Anna Rita Fasolino, and Porfirio Tramontana
(University of Naples Federico II, Italy)
Recent studies have shown a remarkable need for testing automation techniques in the context of mobile applications. The main contributions in literature in the field of testing automation regard techniques such as Capture/Replay, Model Based, Model Learning and Random techniques. Unfortunately, only the last two typologies of techniques are applicable if no previous knowledge about the application under testing is available. Random techniques are able to generate effective test suites (in terms of source code coverage) but they need a remarkable effort in terms of machine time and the tests they generate are quite inefficient due to their redundancy. Model Learning techniques generate more efficient test suites but often they do not not reach good levels of coverage. In order to generate test suites that are both effective and efficient, we propose in this paper AGRippin, a novel Search Based Testing technique founded on the combination of genetic and hill climbing techniques. We carried out a case study involving five open source Android applications that has demonstrated how the proposed technique is able to generate test suites that are more effective and efficient than the ones generated by a Model Learning technique.

Detecting Android Malware using Sequences of System Calls
Gerardo Canfora, Eric Medvet, Francesco Mercaldo, and Corrado Aaron Visaggio
(University of Sannio, Italy; University of Trieste, Italy)
The increasing diffusion of smart devices, along with the dynamism of the mobile applications ecosystem, are boosting the production of malware for the Android platform. So far, many different methods have been developed for detecting Android malware, based on either static or dynamic analysis. The main limitations of existing methods include: low accuracy, proneness to evasion techniques, and weak validation, often limited to emulators or modified kernels. We propose an Android malware detection method, based on sequences of system calls, that overcomes these limitations. The assumption is that malicious behaviors (e.g., sending high premium rate SMS, cyphering data for ransom, botnet capabilities, and so on) are implemented by specific system calls sequences: yet, no apriori knowledge is available about which sequences are associated with which malicious behaviors, in particular in the mobile applications ecosystem where new malware and non-malware applications continuously arise. Hence, we use Machine Learning to automatically learn these associations (a sort of "fingerprint" of the malware); then we exploit them to actually detect malware. Experimentation on 20000 execution traces of 2000 applications (1000 of them being malware belonging to different malware families), performed on a real device, shows promising results: we obtain a detection accuracy of 97%. Moreover, we show that the proposed method can cope with the dynamism of the mobile apps ecosystem, since it can detect unknown malware.

Tailoring Software Architecture Concepts and Process for Mobile Application Development
Felix Javier Acero Salazar and Marco Brambilla
(Politecnico di Milano, Italy)
Enabled by the continuous improvement of the hardware and software in mobile devices, mobile applications have evolved into very complex pieces of software. Yet, such increase in complexity hasn't been paired by an increased awareness, among developers, of the important role that some software engineering processes play in managing such complexity. In this paper we focus on the architectural design of mobile applications: we show how this aspect is still overlooked by mobile app developers; we present a high level process and several concepts that aim to guide developers in the creation of suitable architectures for their apps; and we describe the advantages of integrating architectural thinking within the mobile app development process.

Optimizing Energy of HTTP Requests in Android Applications
Ding Li and William G. J. Halfond
(University of Southern California, USA)
Energy is important for mobile apps. Among all operations of mobile apps, making HTTP requests is one of the most energy consuming. However, there is not sufficient work in optimizing the energy consumption of HTTP requests in mobile apps. In our previous study, we found that making small HTTP requests was not energy efficient. Yet, we did not study how to optimize the energy of HTTP requests. In this paper, we make a preliminary study to bundle sequential HTTP requests with a proxy server. With our technique, we had a 50% energy saving for HTTP requests in two market Android apps. This result indicates that our technique is promising and we will build on the result in our future work.

Invited Talks

Perspectives on Static Analysis of Mobile Apps (Invited Talk)
Marco Autili, Ivano Malavolta, Alexander Perucci, and Gian Luca Scoccia
(University of L'Aquila, Italy; Gran Sasso Science Institute, Italy)
The use and development of mobile apps is growing at a tremendous rate in the last years. Even if this growth is making the mo- bile apps market very attractive for software developers, it is also continuously presenting new challenges. Indeed, mobile platforms are rapidly and continuously changing, with the addition of diverse capabilities like the support for new sensors, APIs, programming abstractions, etc. In this respect, a number of static analysis methods and techniques have been proposed in research as a powerful instrument for developing more qualitative mobile apps.In this invited talk we report on the results of a preliminary survey we con- ducted on static analysis methods and techniques of mobile apps.

Info
A Mobile Application for Geographical Data Gathering and Validation in Fieldwork (Invited Talk)
Karine Reis Ferreira, Lúbia Vinhas, Cláudio Henrique Bogossian, and André F. Araújo de Carvalho
(National Institute for Space Research, Brazil; Foundation of Science, Technology and Space Applications, Brazil)
Mobile devices, such as smartphones and tablets, are useful tools for in situ collecting information about spatial locations. In this paper, we describe the architecture of a mobile application for geographical data gathering and validation in fieldwork. This application is being developed based on well-established standards in order to assure spatial data interoperability between existing Spatial Data Infrastructures (SDI) and mobile systems.

CLAPP: Characterizing Loops in Android Applications (Invited Talk)
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna
(University of California at Santa Barbara, USA)
When performing program analysis, loops are one of the most important aspects that needs to be taken into account. In the past, many approaches have been proposed to analyze loops to perform different tasks, ranging from compiler optimizations to Worst-Case Execution Time (WCET) analysis. While these approaches are powerful, they focus on tackling very specific categories of loops and known loop patterns, such as the ones for which the number of iterations can be statically determined.
In this work, we developed a static analysis framework to characterize and analyze generic loops, without relying on techniques based on pattern matching. For this work, we focus on the Android platform, and we implemented a prototype, called CLAPP, that we used to perform the first large-scale empirical study of the usage of loops in Android applications. In particular, we used our tool to analyze a total of 4,110,510 loops found in 11,823 Android applications, and we gained several insights related to the performance issues and security aspects associated with loops.

Optimizing Display Energy Consumption for Hybrid Android Apps (Invited Talk)
Ding Li, Angelica Huyen Tran, and William G. J. Halfond
(University of Southern California, USA)
Energy has emerged as an important quality metric for apps that run on mobile platforms. This talk describes our approach for reducing display energy by automatically changing the color schemes used by a web app so that the pages consume less energy when displayed on an OLED based smartphone.

proc time: 1.2