| Abstract | Call graphs are at the core of many static analyses rangingfrom the detection of unused methods to advanced control-and data-flow analyses. Therefore, a comprehensive under-standing of the precision and recall of the respective graphsis crucial to enable an assessment which call-graph construc-tion algorithms are suited in which analysis scenario. Forexample, malware is often obfuscated and tries to hide itsintent by using Reflection. Call graphs that do not representreflective method calls are, therefore, of limited use whenanalyzing such apps.
In general, the precision is well understood, but the recallis not, i.e., in which cases a call graph will not contain anycall edges. In this paper, we discuss the design of a compre-hensive test suite that enables us to compute a fingerprintof theunsoundnessof the respective call-graph constructionalgorithms. This suite also enables us to make a comparativeevaluation of static analysis frameworks. Comparing Sootand WALA shows that WALA currently has better supportfor new Java 8 features and also for Java Reflection. However,in some cases both fail to include expected edges. |
|---|
