implem

5_theseus/6_limits.typ

@@ -1,4 +1,4 @@
-#import "../lib.typ": paragraph, ART, DEX, APK, eg, SDK
+#import "../lib.typ": paragraph, ART, DEX, APK, eg, SDK, APKs
 #import "../lib.typ": todo, jfl-note, jm-note
 
 == Limitations and Future Works <sec:th-limits>
@@ -70,10 +70,14 @@ In any case, statically, because we remove neither the calls to the function tha
   This could mean better exploration techniques, such as the one implemented by Stoat and GroddDroid, or more intrusive approaches, such as forced execution.
 ]
 
-=== Comparison with DroidRA
+=== Comparison with DroidRA and Other Tools
 
 It would be very interesting to compare our tool to DroidRA.
 DroidRA is a tool that computes reflection information using static analysis and patches the application to add those calls.
 Beyond the classic comparison of static versus dynamic, DroidRA has a similar goal and strategy to ours.
 Two notable comparison criteria would be the failure rate and the number of edges added to an application call graph.
 The first criterion indicates how much the results can be used by other tools, while the second indicates how effective the approaches are.
+
+Because we elected to make our own software to modify the bytecode of the #APKs, it would be insightful to compare the finishing rate and performances of simple transformations with our tool, to the same transformation made with Apktool, Soot or SootUp.
+An example of a transformation to test would be to log each method call and its return value.
+More than finding which solution is the best to instrument an application, this would allow us to compare the weaknesses of each tool and find if some recurring issues for some tools can be solved using a technical solution implemented by another tool (#eg some applications deliberately include files with names that crash the standard Java zip library).