SPADE: Scalable App Digging with Binary Instrumentation and Automated Execution

We present SPADE, a system for quickly and automatically analyzing runtime states of a large collection of mobile apps. Such tasks are becoming increasingly important for app stores: e.g., for checking apps’ runtime security and privacy properties, for capturing and indexing data inside apps for better app search, etc. SPADE uses two key techniques. First, it uses binary instrumentation to automatically insert custom code into app binary to capture its runtime state. Second, it executes an instrumented app in a phone emulator and automatically navigates through various app pages by emulating user interactions. SPADE employs a number of novel optimizations to increase coverage and speed. We have implemented three novel applications on SPADE. Our experiments with 5,300 apps from Windows Phone app store show that these applications are extremely useful. We also report coverage of SPADE on these apps and survey various root causes that make automated execution difficult on mobile apps. Finally, we show that our optimizations make SPADE significantly fast, allowing an app store to process up to 3,000 apps per day on a single phone emulator.