| Abstract | Dynamic analysis is essential for evaluating mobile app security and privacy under realistic conditions. Achieving actionable visibility - spanning data sources, transformations, and sinks - requires hooking a broad set of Android APIs at scale, which introduces significant performance challenges even on modern devices. In this paper we design a high-volume dynamic hooking environment with the two dominant instrumentation frameworks: Frida and Xposed/LSPosed. We characterize their overheads under dense hook deployments and heavy data flows, identify bottlenecks, and present performance optimizations for serialization and transport. We discuss trade-offs in usability, deployability, and stability, and outline practical guidance for large-scale, semantically rich tracing on Android. |
|---|
