[Soot-list] How to Speed up Flowdroid!

Modhi Alsobiehy m99m20 at hotmail.com
Thu Sep 18 00:16:36 EDT 2014 

Hi Steven, 

the apk attached is kik from goole play.

these are the last lines shown before I need to restart the system:

[main] INFO soot.jimple.infoflow.Infoflow - Callgraph has 23780 edges
[main] WARN soot.jimple.infoflow.Infoflow - Static field tracking is disabled, results may be incomplete
[main] WARN soot.jimple.infoflow.Infoflow - Using flow-insensitive alias tracking, results may be imprecise
[main] INFO soot.jimple.infoflow.Infoflow - Looking for sources and sinks...
[main] INFO soot.jimple.infoflow.Infoflow - Source lookup done, found 104 sources and 75 sinks.



Thank you!



Modhi,





From: Steven Arzt
Sent: ‎Wednesday‎, ‎September‎ ‎17‎, ‎2014 ‎2‎:‎54‎ ‎PM
To: Modhi Alsobeihy
Cc: Bodden, Eric, soot-list at CS.McGill.CA, soot-list at sable.mcgill.ca





Hi Modhi,

Please send me one of the APK files in question and I'll have a look.

Best regards,
  Steven

-----Ursprüngliche Nachricht-----
Von: Modhi Alsobiehy [mailto:m99m20 at hotmail.com] 
Gesendet: Mittwoch, 17. September 2014 14:12
An: Steven Arzt
Cc: Bodden, Eric; soot-list at cs.mcgill.ca; Soot list
Betreff: Re: AW: [Soot-list] How to Speed up Flowdroid!

Eric, Steven, thank you for responding!
For apps of size 7+MB Im now providing 15GB of memory and I'm literally giving away precision using all exclusions, yet, flowdroid seems stuck right before showing the results of infoflow!

-Best,
Modhi

> On Sep 17, 2014, at 3:10 AM, "Steven Arzt" <Steven.Arzt at cased.de> wrote:
> 
> Ah, and the long runtime you experience stems from FlowDroid running 
> out of memory, but the JVM trying to free some bytes here and there by 
> aggressive garbage collection. This goes on for quite a while without 
> any real work being done (one GC cycles) before the JVM finally gives up.
> 
> You should also add the --aplength 1 option. This will save a lot of 
> memory, but will cost you some precision. If you are really desperate, 
> go for --nocallbacks and --aliasflowins.
> 
> -----Ursprüngliche Nachricht-----
> Von: soot-list-bounces at CS.McGill.CA 
> [mailto:soot-list-bounces at CS.McGill.CA]
> Im Auftrag von Steven Arzt
> Gesendet: Mittwoch, 17. September 2014 10:06
> An: 'Bodden, Eric'; 'Modhi Alsobiehy'
> Cc: soot-list at cs.mcgill.ca; 'Soot list'
> Betreff: Re: [Soot-list] How to Speed up Flowdroid!
> 
> Hi,
> 
> We actually already reduced the memory consumption quite a bit. You 
> are now able to analyze the Facebook app (which is one of the largest 
> apps in the
> store) with 15 GB of memory if you reduce the access path length to 1 
> and disable path reporting. So it's not as bad as it used to be with 
> the 500 GB in the old days. 4 GB will however only be sufficient for 
> small applications such as the DroidBench examples. The memory 
> consumption also depends on the number of flows inside your app, so if 
> an app performs very many operations on sensitive data, you might 
> exceed Facebook's 15 GB even though the app as such is smaller.
> 
> We have a number of ideas on how to reduce FlowDroid's memory 
> consumption, but that's research in progress. I hope that some good 
> students will be doing their masters' theses with me this term so that 
> we can try out these ideas.
> 
> Best regards,
>  Steven
> 
> -----Ursprüngliche Nachricht-----
> Von: soot-list-bounces at CS.McGill.CA 
> [mailto:soot-list-bounces at CS.McGill.CA]
> Im Auftrag von Bodden, Eric
> Gesendet: Mittwoch, 17. September 2014 08:57
> An: Modhi Alsobiehy
> Cc: soot-list at cs.mcgill.ca; Soot list
> Betreff: Re: [Soot-list] How to Speed up Flowdroid!
> 
> Hi Modhi.
> 
> With the current implementation 4GB is just way too little. For the 
> larger Android applications we frequently exceed 500GB and more of 
> memory. You might try with the least precise settings but with 4GB 
> this is likely not going to work either.
> 
> We are working on lowering memory consumption but it's not easy and 
> takes time.
> 
> Best wishes,
> Eric
> 
>> On 16.09.2014, at 19:35, Modhi Alsobiehy <m99m20 at hotmail.com> wrote:
>> 
>> Hi Flowdroid users,
>> 
>> I need to run flowdroid from command line to analyze 30+ of the top 
>> downloaded apps and it is taking a lot of time to run - 15+ hours!- 
>> for not so big apks- 5 to 16MB- To prevent any out of memory errors 
>> and speed up the process i am using these options: -Xmx4g and 
>> --nopaths
> Yet it keeps running and running and not showing any results - seems 
> stuck after a while!- From your experience with Flowdroid, what are 
> the best practices that speed up the process?
>> Are you aware of any specific system requirements that could help?
>> 
>> Your quick response is highly recommended!
>> 
>> -Best,
>> Modhi
>> _______________________________________________
>> Soot-list mailing list
>> Soot-list at CS.McGill.CA
>> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
> 
> --
> Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/ 
> Head of Secure Software Engineering  at Fraunhofer SIT, TU Darmstadt and EC SPRIDE
> Tel: +49 6151 16-75422    Fax: +49 6151 16-72051
> Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt
> 
> 
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140918/21886c40/attachment-0003.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kik.apk
Type: application/octet-stream
Size: 13118208 bytes
Desc: =?utf-8?Q?kik.apk?=
Url : http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140918/21886c40/attachment-0003.obj

More information about the Soot-list mailing list