I found that some of the DroidBox logs are not related to the target app but still counted as sensitive behaviors of the app. For example, the following log message:
is produced by system_server instead of target app according to the output of adb shell ps -t command:
USER PID PPID VSIZE RSS WCHAN PC NAME
system 150 37 288764 59420 ffffffff 40032b64 S system_server
To remove these false positive logs, I rewrote the droidbox.py script and put it in my DroidBot project. The method I used for connecting log message to process is continuously calling ps command and maintaining a pid-to-process mapping.
If you find it interesting, please let me know. I can help you improve the scripts.
I tested DroidBox4.1.1 with simple apps.
I found that some of the DroidBox logs are not related to the target app but still counted as sensitive behaviors of the app. For example, the following log message:
is produced by system_server instead of target app according to the output of
adb shell ps -tcommand:To remove these false positive logs, I rewrote the
droidbox.pyscript and put it in my DroidBot project. The method I used for connecting log message to process is continuously callingpscommand and maintaining a pid-to-process mapping.If you find it interesting, please let me know. I can help you improve the scripts.