Idea: Callee-Site Rewriting of Sealed System Libraries

  • Philipp von Styp-Rekowsky
  • Sebastian Gerling
  • Michael Backes
  • Christian Hammer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7781)

Abstract

Inline reference monitoring instruments programs in order to enforce a security policy at runtime. This technique has become an essential tool to mitigate inherent security shortcomings of mobile platforms like Android. Unfortunately, rewriting all calls to security-relevant methods requires significant space and time, in particular if this process is performed on the phone. This work proposes a novel approach to inline reference monitoring that abstains from caller-site instrumentation even in the case where the monitored method is part of a sealed library. To that end we divert the control flow towards the security monitor by modifying references to security-relevant methods in the Dalvik Virtual Machine’s internal bytecode representation. This method is similar in spirit to modifying function pointers and effectively allows callee-site rewriting. Our initial empirical evaluation demonstrates that this approach incurs minimal runtime overhead.

Keywords

Android inline reference monitoring sealed libraries 

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Philipp von Styp-Rekowsky
    • 1
  • Sebastian Gerling
    • 1
  • Michael Backes
    • 1
    • 2
  • Christian Hammer
    • 1
  1. 1.Saarland UniversitySaarbrückenGermany
  2. 2.Max Planck Institute for Software Systems (MPI-SWS)SaarbrückenGermany

Personalised recommendations