Cheetah: Just-in-Time Taint Analysis for Android Apps

AutorNguyen Quang Do, Lisa; Ali, Karim; Livshits, Benjamin; Bodden, Eric; Smith, Justin; Murphy-Hill, Emerson
ArtConference Proceedings
AbstraktCurrent static-analysis tools are often long-running, which causes them to be sidelined into nightly build checks. As a result, developers rarely use such tools to detect bugs when writing code, because they disrupt their workflow. In this paper, we present Cheetah, a static taint analysis tool for Android apps that interleaves bug fixing and code development in the Eclipse integrated development environment. Cheetah is based on the novel concept of Just-in-Time static analysis that discovers and reports the most relevant results to the developer fast, and computes the more complex results incrementally later. Unlike traditional batch-style static-analysis tools, Cheetah causes minimal disruption to the developer's workflow. This video demo showcases the main features of Cheetah:
In2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C), p.39-42
PublisherCurran Associates, Inc.