Back to overview

Custom Full-Coverage Dynamic Program Analysis for Android

Type of publication Peer-reviewed
Publikationsform Proceedings (peer-reviewed)
Author Sun Haiyang, Zheng Yudi, Bulej Lubomír, Kell Stephen, Binder Walter,
Project LoadOpt - Workload Characterization and Optimization for Multicore Systems
Show all

Proceedings (peer-reviewed)

Title of proceedings Companion Proceedings of SPLASH 2015
Place Pittsburgh, US
DOI 10.1145/2814189.2814190


Dynamic analysis tools often perform instrumentation via interfaces that are implementation-specific, so are not supported by alternative implementations of a given source language. The Android mobile platform is one example: its Dalvik virtual machine executes an alternative, register-based bytecode, and lacks debugging and instrumentation interfaces that Java analysis developers rely upon. In this demonstration, we present a framework for dynamic program analysis development on Android, based on the existing ShadowVM framework for Java. By re-creating the latter's abstractions in the impoverished Android environment, it offers a high-level programming interface, load-time instrumentation, full bytecode coverage, and strong isolation, thereby avoiding common problems suffered by existing dynamic analyses on Android (offline-only instrumentation, lack of support for dynamic loading, and risk of unsound results owing to gaps in coverage). We will demonstrate our system with an Android-specific network traffic analysis, deployed on both an ARM/Intel-based emulator and a real device.