Zurück zur Übersicht

Custom Full-Coverage Dynamic Program Analysis for Android

Publikationsart Peer-reviewed
Publikationsform Tagungsbeitrag (peer-reviewed)
Autor/in Sun Haiyang, Zheng Yudi, Bulej Lubomír, Kell Stephen, Binder Walter,
Projekt LoadOpt - Workload Characterization and Optimization for Multicore Systems
Alle Daten anzeigen

Tagungsbeitrag (peer-reviewed)

Titel der Proceedings Companion Proceedings of SPLASH 2015
Ort Pittsburgh, US
DOI 10.1145/2814189.2814190


Dynamic analysis tools often perform instrumentation via interfaces that are implementation-specific, so are not supported by alternative implementations of a given source language. The Android mobile platform is one example: its Dalvik virtual machine executes an alternative, register-based bytecode, and lacks debugging and instrumentation interfaces that Java analysis developers rely upon. In this demonstration, we present a framework for dynamic program analysis development on Android, based on the existing ShadowVM framework for Java. By re-creating the latter's abstractions in the impoverished Android environment, it offers a high-level programming interface, load-time instrumentation, full bytecode coverage, and strong isolation, thereby avoiding common problems suffered by existing dynamic analyses on Android (offline-only instrumentation, lack of support for dynamic loading, and risk of unsound results owing to gaps in coverage). We will demonstrate our system with an Android-specific network traffic analysis, deployed on both an ARM/Intel-based emulator and a real device.