Improving privacy on android smartphones through in-vivo bytecode instrumentation
Résumé
In this paper we claim that a widely applicable and efficient means to fight against malicious mobile Android applications is: 1) to per- form runtime monitoring 2) by instrumenting the application byte- code and 3) in-vivo, i.e. directly on the smartphone. We present a tool chain to do this and present experimental results showing that this tool chain can run on smartphones in a reasonable amount of time and with a realistic effort. Our findings also identify chal- lenges to be addressed before running powerful runtime monitoring and instrumentations directly on smartphones. We implemented two use-cases leveraging the tool chain: FineGPolicy, a fine-grained user centric permission policy system and AdRemover an adver- tisement remover. Both prototypes improve the privacy of Android systems thanks to in-vivo bytecode instrumentation.
Origine : Fichiers produits par l'(les) auteur(s)