1716                                     Journal of Software  软件学报 Vol.32, No.6,  June 2021

         [22]    Huang SS, Green TJ, Loo BT. Datalog and emerging applications: An interactive tutorial. In: Proc. of the ACM SIGMOD Int’l
             Conf. on Management of Data. 2011. 1213−1216. [doi: 10.1145/1989323.1989456]
         [23]    FlowDroid data flow analysis tool. https://github.com/secure-software-engineering/FlowDroid
         [24]    Jgrapht. https://github.com/jgrapht/jgrapht/wiki
         [25]    Reps  T,  Horwitz  S, Sagiv M. Precise  interprocedural dataflow  analysis via graph reachability. In: Proc. of the 22nd  ACM
             SIGPLAN-SIGACT Symp. on Principles of Programming Languages. 1995. 49−61. [doi: 10.1145/199448.199462]
         [26]    Bartel A, Klein J, Le Traon Y, Monperrus M. Dexpler: Converting Android dalvik bytecode to jimple for static analysis with soot.
             In: Proc. of the ACM SIGPLAN Int’l Workshop on State of the Art in Java Program Analysis. 2012. 27−38. [doi: 10.1145/2259051.
             2259056]
         [27]    DroidBench 2.0. https://github.com/secure-software-engineering/DroidBench
         [28]    Zhou YJ, Jiang XX. Dissecting Android malware: Characterization and evolution. In: Proc. of the 2012 IEEE Symp. on Security
             and Privacy. IEEE, 2012. 95−109. [doi: 10.1109/SP.2012.16]
         [29]    Pauck F,  Bodden  E,  Wehrheim  H.  Do  Android taint  analysistools keep their promises? In: Proc. of the 2018 26th  ACM Joint
             Meeting on European Software Engineering Conf. and Symp. on the Foundations of Software Engineering. ACM, 2018. 331−341.
             [doi: 10.1145/3236024.3236029]
         [30]    Cai H, Jenkins J. Leveraging historical versions of android apps for efficient and precise taint analysis. In: Proc. of the 15th ACM/
             IEEE Int’l Conf. on Mining Software Repositories. 2018. 265−269. [doi: 10.1145/3196398.3196433]
         [31]    He D, Li H, Wang L, Meng H, Zheng H, Liu J, Hu S, Li L, Xue J. Performance-Boosting sparsification of the ifds algorithm with
             applications to taint analysis. In: Proc. of the 2019 34th IEEE/ACM Int’l Conf. on Automated Software Engineering (ASE). IEEE,
             2019. 267−279. [doi: 10.1109/ASE.2019.00034]

         附中文参考文献:
          [2]  2019 年中国手机安全状况报告. http://zt.360.cn/1101061855.php?dtid=1101061451&did=610435085
          [3]  王蕾,李丰,李炼,冯晓兵.污点分析技术的原理和实践应用.软件学报,2017,28(4):860−882. http://www.jos.org.cn/1000-9825/5190.
             htm [doi: 10.13328/j.cnki.jos.005190]
         [13]  梅宏,王千祥,张路,王戟.软件分析技术进展.计算机学报,2009,32(9):1697−1710. [doi: 10.3724/SP.J.1016.2009.01697]


                       张捷(1986－),男,讲师,CCF 专业会员,主                    段振华(1948－),男,博士,教授,博士生导
                       要研究领域为软件安全,恶意代码分析.                           师,CCF 会士,主要研究领域为形式化方
                                                                    法,可信软件基础理论与方法.



                       田聪 (1981 － ), 女 , 博士 , 教授 , 博士生导
                       师,CCF 杰出会员,主要研究领域为软件安
                       全,智能软件开发方法,可信软件基础理论
                       与方法.