Open Access
The Soot framework for Java program analysis: a retrospective
Patrick Lam,Eric Bodden,Ondrej Lhotak,Laurie Hendren +3 more
- 01 Oct 2011
TL;DR: relevant features of Soot are described, its development process is summarized, and useful features for future program analysis frameworks are discussed.
read more
Abstract: Soot is a successful framework for experimenting with compiler and software engineering techniques for Java programs. Researchers from around the world have implemented a wide range of research tools which build on Soot, and Soot has been widely used by students for both courses and thesis research. In this paper, we describe relevant features of Soot, summarize its development process, and discuss useful features for future program analysis frameworks.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps
Steven Arzt,Siegfried Rasthofer,Christian Fritz,Eric Bodden,Alexandre Bartel,Jacques Klein,Yves Le Traon,Damien Octeau,Patrick McDaniel +8 more
- 09 Jun 2014
TL;DR: FlowDroid is presented, a novel and highly precise static taint analysis for Android applications that successfully finds leaks in a subset of 500 apps from Google Play and about 1,000 malware apps from the VirusShare project.
IccTA: detecting inter-component privacy leaks in Android apps
Li Li,Alexandre Bartel,Tegawendé F. Bissyandé,Jacques Klein,Yves Le Traon,Steven Arzt,Siegfried Rasthofer,Eric Bodden,Damien Octeau,Patrick McDaniel +9 more
- 16 May 2015
TL;DR: IccTA, a static taint analyzer to detect privacy leaks among components in Android applications goes beyond state-of-the-art approaches by supporting inter- component detection and propagating context information among components, which improves the precision of the analysis.
SVF: interprocedural static value-flow analysis in LLVM
Yulei Sui,Jingling Xue +1 more
- 17 Mar 2016
TL;DR: SVF, which is fully implemented in LLVM, allows value-flow construction and pointer analysis to be performed in an iterative manner, thereby providing increasingly improved precision for both.
406
Static analysis of android apps
Li Li,Tegawend F. Bissyand,Mike Papadakis,Siegfried Rasthofer,Alexandre Bartel,Damien Octeau,Jacques Klein,Le Traon +7 more
TL;DR: The research community is still facing a number of challenges for building approaches that are aware altogether of implicit-Flows, dynamic code loading features, reflective calls, native code and multi-threading, in order to implement sound and highly precise static analyzers.
A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks
Siegfried Rasthofer,Steven Arzt,Eric Bodden +2 more
- 01 Jan 2014
TL;DR: SUSI, a novel machine-learning guided approach for identifying sources and sinks directly from the code of any Android API, is proposed and shown that SUSI can reliably classify sources and sink even in new, previously unseen Android versions and components like Google Glass or the Chromecast API.
378
References
Soot: a Java bytecode optimization framework
Raja Vallée-Rai,Phong Co,Etienne Gagnon,Laurie Hendren,Patrick Lam,Vijay Sundaresan +5 more
- 01 Nov 2010
TL;DR: Soot, a framework for optimizing Java* bytecode, is implemented in Java and supports three intermediate representations for representing Java bytecode: Baf, a streamlined representation of bytecode which is simple to manipulate; Jimple, a typed 3-address intermediate representation suitable for optimization; and Grimp, an aggregated version of Jimple suitable for decompilation.
Scaling Java points-to analysis using SPARK
Ondřej Lhoták,Laurie Hendren +1 more
- 07 Apr 2003
TL;DR: SPARK is introduced, a flexible framework for experimenting with points-to analyses for Java that supports equality- and subset-based analyses, variations in field sensitivity, respect for declared types, variationsIn call graph construction, off-line simplification, and several solving algorithms.
Polyglot: an extensible compiler framework for Java
Nathaniel Nystrom,Michael R. Clarkson,Andrew C. Myers +2 more
- 07 Apr 2003
TL;DR: This paper focuses on the design choices in Polyglot that are important for making the framework usable and highly extensible.
Optimizing Java Bytecode Using the Soot Framework: Is It Feasible?
Raja Vallée-Rai,Etienne Gagnon,Laurie Hendren,Patrick Lam,Patrice Pominville,Vijay Sundaresan +5 more
- 25 Mar 2000
TL;DR: The approach to class file optimization is to first convert the stack-based bytecode into Jimple, a three-address form more amenable to traditional program optimization, and then convert the optimized Jimple back to bytecode.
Practical virtual method call resolution for Java
Vijay Sundaresan,Laurie Hendren,Chrislain Razafimahefa,Raja Vallée-Rai,Patrick Lam,Etienne Gagnon,Charles Godin +6 more
- 01 Oct 2000
TL;DR: This paper addresses the problem of resolving virtual method and interface calls in Java bytecode by developing a technique that can be solved with only one iteration, and thus scales linearly with the size of the program, while at the same time providing more accurate results than two popular existing linear techniques, class hierarchy analysis and rapid type analysis.
Related Papers (5)
Yajin Zhou,Xuxian Jiang +1 more
- 20 May 2012
Thomas Reps,Susan Horwitz,Mooly Sagiv +2 more
- 25 Jan 1995