Reyhaneh Jabbarvand

 
  Home   CV   Research Lab
 
   
             
  UIUC students:
  • Graduate students
    • Philmon Roberts (Summer 2021-)
  • Undergrad students
    • Swathi Ram (Spring 2021-)
    • Hui Li Tao (Summer 2021-)
    • Anthony Huerta (Summer 2021)
Visiting students:
  • Undergrad students
    • Gorkay Aydemir (Middle East Technical University, Turkey, Summer 2021)
    • Oussama Bezzad (Al Akhawayn University, Morocco, Summer 2021)
    • Mehmet Arif Demirtas (Istanbul Technical University, Turkey, Summer 2021)
    • Doga Demirturk (Koc University, Turkey, Summer 2021)
    • Said Gurbuz (Middle East Technical University, Turkey, Summer 2021)
    • Ali Reza Ibrahimzada (Marmara University, Turkey, Summer 2021)
    • Umur Gorkem Karaduman (Middle East Technical University, Turkey, Summer 2021)
    • Elif Ecem Samlioglu (Sabanci University, Turkey, Summer 2021)
    • Dilara Tekinoglu (Sabanci University, Turkey, Summer 2021)
    • Yigit Varli (Middle East Technical University, Turkey, Summer 2021)
    • Qinchen Yang (NYU, Summer 2021)
    • Aral Yekta Yarimca (Middle East Technical University, Turkey, Summer 2021)
    • Alperen Yildiz (Sabanci Unievrsity, Turkey, Summer 2021)
  • High School students
    • Ansh Gupta (Washington High School, CA, Summer 2021)
Projects:
  • Energy testing of Android apps
  • The rising popularity of mobile apps deployed on battery-constrained devices has motivated the need for effective and efficient energy-aware testing techniques. However, currently there is a lack of test generation tools for exercising the energy properties of apps. Automated test generation is not useful without tools that help developers to measure the quality of the tests. Additionally, the collection of tests generated for energy testing could be quite large, as it may involve a test suite that covers all the energy-greedy parts of the code under different use cases. Thereby, there is a need for techniques to manage the size of test suite, while maintaining its effectiveness in revealing energy defects. This research proposes a four-pronged approach to advance energy testing for mobile applications, including techniques for energy-aware test input generation, energy-aware test oracle construction, energy-aware test-suite adequacy assessment, and energy-aware test-suite minimization.
    Papers: [FSE'20], [ICSE'19], [ICSE'18], [FSE'17], [ISSTA'16]
  • Permission analysis of Android apps
  • Permissions are the cornerstone for Android security model, as they enable secure access to sensitive resources of the phone. Consequently, improper use of Android permission model can lead to permission-induced issues that disrupt the functional and non-functional behavior of the apps. However, due to the lack of automated tools for detecting such issues, many of those defects are shipped with the final product, which not only dissatisfies end users but also poses security risks to their phones. Without considering the temporal aspects of an attack, state-of-the-art techniques aimed at protecting the users against permission-induced attacks, are prone to have low-coverage in detection and high-disruption in prevention of such attacks. Project Terminator addresses this shortcoming by incorporating the notion of time in both detection and prevention of the attacks. Terminator leverages temporal logic model checking to detect permission-induced threats, and then relies on Androidís dynamic permission mechanism to thwart the identified threats by revoking unsafe permissions. However, such countermeasure, i.e., permission revocation, could itself result in other defects, such as crash, if the target app suffers from dynamic-permission-compatibility issue. To identify such permission-induced compatibility defects, developers need to exhaustively re-execute tests for all possible permission combinations, thereby increasing the time and resources required to test apps. Project PATDroid, is intended to help app developers with this challenge. PATDroid can significantly reduce the testing effort by performing a hybrid program analysis that determines which tests should be executed on what permission combinations.
    Papers: [FSE'17], [ICSE'18]
  • Android testing in general
  • GUI-based testing has been primarily used to examine the functionality and usability of mobile apps. Despite the numerous GUI-based test input generation techniques proposed in the literature, these techniques are still limited by (1) lack of context-aware text inputs; (2) failing to generate expressive tests; and (3) absence of test oracles. To address these limitations, CRAFTDROID leverages information retrieval, along with static and dynamic analysis techniques, to extract the human knowledge from an existing test suite for one app and transfer the test cases and oracles to be used for testing other apps with the similar functionalities. Evaluation of CRAFTDROID on real-world commercial Android apps corroborates its effectiveness by achieving 73% precision and 90% recall on average for transferring both the GUI events and oracles. In addition, 75% of the attempted transfers successfully generated valid and feature-based tests for popular features among apps in the same category.
    Papers: [ASE'19]

 
             
 

Design by: Reyhaneh Jabbarvand