DroidBench is a set of open source real-life Android applications to be used as a testing ground for static and dynamic security tools. It contains different applications with data leaks. The challenges for the security tools are the identification of the data leakage. For the checking of false-positive alarms, we also included different applications that do not have a data leak.
Version 2 comprises 120 test cases, including the following categories:
- Arrays and Lists
- Field and Object Sensitivity
- Inter-App Communication
- General Java
- Miscellaneous Android-Specific
- Implicit Flows
- Emulator Detection
Where can I find DroidBench?
DroidBench is hosted at GitHub.
Are there other Java-based Benchmarks?
SecuriBench would be a Benchmark suite which focuses on Web-based applications written in Java.
We welcome your contributions!
You are most welcome to contribute additional test cases to DroidBench. To do so, please fork the project, commit an appropriate Eclipse source project and APK, update the README and then send us a pull request.