ELDetector: An Automated Approach Detecting Endless-loop in Mini Programs
In recent years, mini-programs have rapidly gained popularity and are widely used in payment, travel, shopping and other fields, greatly enhancing the convenience of users’ lives. However, these services usually require access to sensitive personal information such as phone numbers, location information, ID numbers and other permissions. In the process of using them, users may frequently encounter permission requests, and sometimes even be forced to authorize them, leading to poor usage experience or even falling into an endless-loop authorization cycle that is difficult to exit. Unfortunately, most of the existing studies are fragmented and only deal with individual issues of personal information usage in mini-programs, lacking a comprehensive analysis of how permission requests affect user experience. To address this problem, this paper proposes an automated tool called ELDetector that automatically traverses mini-program pages through dynamic analysis and detects authorization endless-loops with the assistance of the Large Language Model (LLM). We find that authorization endless-loops of mini-programs are mainly classified into two categories: single-page endless-loop and multi-page endless-loop, based on the number of pages caught in the loop. We evaluated ELDetector on 97 popular mini-programs with an accuracy of 79.4% in detecting the authorization endless-loop problem, of which 15 mini-programs have been fixed by the developers. In addition, with the help of the Large Language Model (LLM), ELDetector is 54% faster than the traditional monkey test in identifying authorization endless-loop entrance points.
Sun 27 AprDisplayed time zone: Eastern Time (US & Canada) change
16:00 - 17:30 | Session2: FM for Software Quality Assurance & TestingResearch Papers / Data and Benchmarking at 207 Chair(s): Feifei Niu University of Ottawa | ||
16:00 12mLong-paper | Augmenting Large Language Models with Static Code Analysis for Automated Code Quality Improvements Research Papers | ||
16:12 12mLong-paper | Benchmarking Prompt Engineering Techniques for Secure Code Generation with GPT Models Research Papers Marc Bruni University of Applied Sciences and Arts Northwestern Switzerland, Fabio Gabrielli University of Applied Sciences and Arts Northwestern Switzerland, Mohammad Ghafari TU Clausthal, Martin Kropp University of Applied Sciences and Arts Northwestern Switzerland Pre-print | ||
16:24 12mLong-paper | Vulnerability-Triggering Test Case Generation from Third-Party Libraries Research Papers Yi Gao Zhejiang University, Xing Hu Zhejiang University, Zirui Chen , Tongtong Xu Nanjing University, Xiaohu Yang Zhejiang University | ||
16:36 6mShort-paper | Microservices Performance Testing with Causality-enhanced Large Language Models Research Papers Cristian Mascia University of Naples Federico II, Roberto Pietrantuono Università di Napoli Federico II, Antonio Guerriero Università di Napoli Federico II, Luca Giamattei Università di Napoli Federico II, Stefano Russo Università di Napoli Federico II | ||
16:42 6mShort-paper | MaRV: A Manually Validated Refactoring Dataset Data and Benchmarking Henrique Gomes Nunes Universidade Federal de Minas Gerais, Tushar Sharma Dalhousie University, Eduardo Figueiredo Federal University of Minas Gerais | ||
16:48 6mShort-paper | PyResBugs: A Dataset of Residual Python Bugs for Natural Language-Driven Fault Injection Data and Benchmarking Domenico Cotroneo University of Naples Federico II, Giuseppe De Rosa University of Naples Federico II, Pietro Liguori University of Naples Federico II | ||
16:54 6mShort-paper | The Heap: A Contamination-Free Multilingual Code Dataset for Evaluating Large Language Models Data and Benchmarking Jonathan Katzy Delft University of Technology, Răzvan Mihai Popescu Delft University of Technology, Arie van Deursen TU Delft, Maliheh Izadi Delft University of Technology | ||
17:00 12mLong-paper | ELDetector: An Automated Approach Detecting Endless-loop in Mini Programs Research Papers Nan Hu Xi’an Jiaotong University, Ming Fan Xi'an Jiaotong University, Jingyi Lei Xi'an Jiaotong University, Jiaying He Xi'an Jiaotong University, Zhe Hou China Mobile System Integration Co. | ||
17:12 12mLong-paper | Testing Android Third Party Libraries with LLMs to Detect Incompatible APIs Research Papers Tarek Mahmud Texas State University, Bin Duan University of Queensland, Meiru Che Central Queensland University, Anne Ngu Texas State University, Guowei Yang University of Queensland |