Static Dalvik VM bytecode instrumentation
نویسنده
چکیده
This work proposes a novel approach to restricting the access for blacklisted Android system API calls. Main feature of the suggested method introduced in this paper is that it requires only rootless or (user-mode) access to the system unlike previous works. For that reason this method is valuable for end-users due to the possibility of project distribution via Play Market and it does not require any phone system modifications and/or updates. This paper explains the required background of Android OS necessary for understanding and describes the method for modification Android application. In this paper the proof-of-concept implementation. That is able to block the application's IMEI requests is introduced. Also this paper lists unsuccessful methods that tried to provide the user security. Obviously with those restrictions application may lack some of features that can only be granted in unsecured environment.
منابع مشابه
SymDroid: Symbolic Execution for Dalvik Bytecode
Apps on Google’s Android mobile device platform are written in Java, but are compiled to a special bytecode language called Dalvik. In this paper, we introduce SymDroid, a symbolic executor that operates directly on Dalvik bytecode. SymDroid begins by first translating Dalvik into μ-Dalvik, a simpler language that has only 16 instructions, in contrast to Dalvik’s more than 200 instructions. We ...
متن کاملFormal Certification of Android Bytecode
Android is an operating system that has been usedin a majority of mobile devices. Each application in Androidruns in an instance of the Dalvik virtual machine, which isa register-based virtual machine (VM). Most applications forAndroid are developed using Java, compiled to Java bytecodeand then translated to DEX bytecode using the dx tool inthe Android SDK. In this work,...
متن کاملAppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware
As the techniques for Androidmalware detection are progressing, malware also fights back through deploying advanced code encryption with the help of Android packers. An effective Android malware detection therefore must take the unpacking issue into consideration to prove the accuracy. Unfortunately, this issue is not easily addressed. Android packers often adopt multiple complex anti-analysis ...
متن کاملStatic Analysis of App Dependencies in Android Bytecode
Android applications (apps) are highly interactive, but have— by design—no facilities to declare dependencies reflecting such interactions. Dependencies are hidden in code and uncovering them requires static analysis techniques. This technical note presents our static analysis infrastructure to extract dependency information from Android (Dalvik) bytecode. This infrastructure is used in a study...
متن کاملDexLego: Reassembleable Bytecode Extraction for Aiding Static Analysis
The scale of Android applications in the market is growing rapidly. To efficiently detect the malicious behavior in these applications, an array of static analysis tools are proposed. However, static analysis tools suffer from code hiding techniques like packing, dynamic loading, self modifying, and reflection. In this paper, we thus present DEXLEGO, a novel system that performs a reassembleabl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1706.06925 شماره
صفحات -
تاریخ انتشار 2017