Never before has any OS been so popular as Android. Existing mobile phones are not simply devices for making phone calls and receiving SMS messages, but powerful communication and entertainment platforms for web surfing, social networking, etc. Even though the Android OS offers powerful communication and application execution capabilities, it is riddled with defects (e.g., security risks, and compatibility issues), new vulnerabilities come to light daily, and bugs cost the economy tens of billions of dollars annually. For example, malicious apps (e.g., back-doors, fraud apps, ransomware, spyware, etc.) are reported [Google, 2022] to exhibit malicious behaviours, including privacy stealing, unwanted programs installed, etc. To counteract these threats, many works have been proposed that rely on static analysis techniques to detect such issues. However, static techniques are not sufficient on their own to detect such defects precisely. This will likely yield false positive results as static analysis has to make some trade-offs when handling complicated cases (e.g., object-sensitive vs. object-insensitive). In addition, static analysis techniques will also likely suffer from soundness issues because some complicated features (e.g., reflection, obfuscation, and hardening) are difficult to be handled [Sun et al., 2021b, Samhi et al., 2022].

翻译：从未有任何操作系统能像Android这般广受欢迎。现有手机已不仅仅是用于拨打电话和接收短信的设备，而是集网页浏览、社交网络等功能于一体的强大通信与娱乐平台。尽管Android操作系统提供了强大的通信和应用执行能力，但它也充斥着缺陷（如安全风险和兼容性问题），新的漏洞每日浮现，相关缺陷每年给经济造成数百亿美元的损失。例如，据报道[Google, 2022]，恶意应用（如后门、欺诈应用、勒索软件、间谍软件等）会表现出隐私窃取、安装非授权程序等恶意行为。为应对这些威胁，已有大量工作提出依赖静态分析技术来检测此类问题。然而，静态技术本身不足以精确检测这些缺陷。这可能导致误报结果，因为静态分析在处理复杂情况（如对象敏感与非对象敏感分析）时需做出权衡。此外，静态分析技术还可能面临完备性问题，因为某些复杂特征（如反射、混淆和加固）难以处理[Sun et al., 2021b, Samhi et al., 2022]。