Formalisation and Analysis of Dalvik Bytecode
|
|
- Reynold Barnett
- 6 years ago
- Views:
Transcription
1 Formalisation and Analysis of Dalvik Bytecode Erik Ramsgaard Wognsen Department of Computer Science Aalborg University DANSAS 12, 24 August 2012 Joint work with Henrik Karlsen, Mads Chr. Olesen, and René Rydhof Hansen Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
2 Android Widespread Linux based operating system for mobile devices Apps written in Java and compiled to Dalvik bytecode Apps from Android Market/Google Play Everyone can become a developer No manual application approval Lightweight certification 3rd party markets and unknown sources Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
3 Android Permissions Capabilities and sensitive information protected by permissions, e.g. WRITE EXTERNAL STORAGE WAKE LOCK ACCESS FINE LOCATION INTERNET Accept or deny app, not individual permissions What are they used for? Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
4 The Problem Malware Damage or disable phone (or hold it hostage) Steal information Abuse of services that cost money Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
5 A Solution Certification of apps Program analysis Verification of properties, e.g. Are foreign numbers dialed? Are text messages sent to premium numbers? Only these files on external storage are accessed:... Trustworthy? Based on published, formal semantics and analyses Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
6 Study of Android Apps What should be formalised and how? Quantitative study of usage of: Dalvik bytecode instructions Java features Android APIs We downloaded the 50 most popular apps of each category (1,700 apps) in November 2011 App sizes (*.apk files) range from 16 KB to 50 MB Bytecode (classes.dex files) ranges from 1.3 KB to 7.4 MB Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
7 Study - Dalvik Instructions Registers instead of operand stack (JVM) add-int d s1 s2 instead of iload s1, iload s2, iadd, istore d Dalvik supports 218 instructions Many are semantically similar We simplified them into 39 generalised instructions, e.g. Opcode Original instruction Generalised instruction 00 nop nop 01 move move 02 move/from16 03 move/16 04 move-wide 05 move-wide/from16 06 move-wide/16 07 move-object 08 move-object/from16 09 move-object/16 Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
8 Study - Instruction Usage Gen. instruction Used by Occurrences Of total occ. invoke-direct % 4,533, % return-void % 2,683, % invoke-virtual % 12,718, % const % 8,157, % move-result % 12,391, % invoke-super % 215, % const-string % 5,200, % fill-array-data % 97, % instance-of % 144, % sparse-switch % 21, % filled-new-array % 1, % Total 94,413, % Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
9 Study - Obfuscation ProGuard (recommended by Google) renames classes and variables to short meaningless names Some apps are partially obfuscated ( reflection) Look for class a as approximation September 2010: 36% of 1,100 apps (study by Enck et al.) November 2011: % of 1,700 apps Jeff Foster et al. Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
10 Study - Native Code Apps may include native ARM code Intended for performance or (re)use of C/C++ libraries Popular apps with native code September 2010: 6.45% of 1,100 apps (study by Enck et al.) November 2011: 20.35% of 1,700 apps Sandbox Unix user id (not VM based) Handling depends on the purpose of the concrete analysis Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
11 Study - Runtime.exec() Execution of programs in a native process Referenced in 19.53% of apps 80.44% of occurrences in library code Access to logcat read system logs pm install install apps su become superuser (for rooted devices)... Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
12 Study - Class Loading Load DEX and JAR files loadclass() Define classes from e.g. Javascript defineclass() java.lang.classloader dalvik.system.dexclassloader Used in 13.1% of apps Cannot be analysed statically before installation Necessary for Android apps? Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
13 Study - Javascript Interfaces Expose methods on Java object to Javascript running in embedded brower element Used in 39% of apps Some apps are enhanced webpages Send your shopping list to your friends Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
14 Study - Reflection Resolve classes, methods, and fields from strings java.lang.reflect referenced in 73% of apps Backwards compatibility Access hidden APIs Create objects from XML/JSON Statically known strings enable analysis Preliminary numbers (no collection API handling): 80% of Class.forName() and clazz.getmethod() calls 18.9% of apps that use Method.invoke() Identify and analyse patterns Formalisation Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
15 Reflection - An Example Class<?> clazz = Class.forName("my.pkg.Foo"); Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
16 Reflection - An Example Class<?> clazz = Class.forName("my.pkg.Foo"); Method method = clazz.getmethod("bar", float.class); Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
17 Reflection - An Example Class<?> clazz = Class.forName("my.pkg.Foo"); Method method = clazz.getmethod("bar", float.class); Integer result = (Integer) method.invoke(clazz.newinstance(), 3.2f); Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
18 Reflection - An Example try { Class<?> clazz = Class.forName("my.pkg.Foo"); Method method = clazz.getmethod("bar", float.class); Integer result = (Integer) method.invoke(clazz.newinstance(), 3.2f); } catch (Exception e) { } Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
19 From Study to Formalisation Formalisation should include All (generalised) instructions Dynamic dispatch Exceptions Reflection API Formalisation based on Dalvik documentation Inspection of the Dalvik VM source Systematic testing Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
20 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
21 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
22 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
23 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
24 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
25 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
26 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
27 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
28 Dalvik Semantics and Analysis Operational semantics m.instructionat(pc ) = move v dest v src A S, H, m, pc, R :: SF = S, H, m, pc + 1, R[v dest R(v src )] :: SF CFA specified as flow logic constraints Over-approximation of program behaviour Textual object graph representation of references v src (Ŝ, Ĥ, ˆR, Ê) = (m, pc ): move v dest iff ˆR(m, pc )(v src ) ˆR(m, pc + 1)(v dest ) ˆR(m, pc ) {vdest } ˆR(m, pc + 1) The full instruction set (except concurrency) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
29 Reflection Assumptions/requirements All classes in app known (no dynamic class loading) Strings can be determined statically Reflection not used to manipulate string contents Formalisation and analysis of Class.forName() Class.getMethod() Class.newInstance() Method.invoke() Emulation of API calls as single Dalvik instructions Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
30 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
31 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
32 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
33 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
34 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
35 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
36 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
37 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
38 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
39 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
40 Reflection - Semantics Example somemethod.invoke(receiverobj, args...); m.instructionat(pc) = invoke-virtual v 1 v 2 v 3 meth meth.name = java/lang/reflect/method->invoke loc 1 = R(v 1) null o 1 = H(loc 1) o 1.class Method meth = methodsignature(h, o 1) loc 2 = R(v 2) null o 2 = H(loc 2) a = H(R(v 3)) Array m = resolvemethod(meth, o 2.class) R = [0,..., m.numlocals 1, m.numlocals a.value(0),..., m.numlocals + a.length 1 a.value(a.length 1)] A S, H, m, pc, R :: SF = S, H, m, 0, R :: m, pc, R :: SF Boxing/unboxing omitted here Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
41 (Ŝ, Ĥ, ˆR, Ê) = (m, pc): invoke-virtual v1 v2 v3 meth iff meth = java/lang/reflect/method->invoke (ObjRef (java/lang/reflect/method, m m, pc m)) ˆR(m, pc)(v 1): meth methodsignatures(ĥ, ObjRef (java/lang/reflect/method, mm, pcm)): (ObjRef (cl r, m r, pc r )) ˆR(m, pc)(v 2): m = resolvemethod(meth, cl r ) {ObjRef (cl r, m r, pc r )} ˆR(m, 0)(m.numLocals) 1 i arity(meth ): (ArrRef (a, m a, pc a)) ˆR(m, pc)(v 3): Ĥ(ArrRef (a, m a, pc a)) ˆR(m, 0)(m.numLocals + i) (ObjRef (cl o, m o, pc o)) Ĥ(ArrRef (a, ma, pca)): isboxclass(cl o) = Ĥ(ObjRef (cl o, m o, pc o))(value) ˆR(m, 0)(m.numLocals + i) m.returntype = void = β(null) ˆR(m, pc + 1)(retval) m.returntype RefType = ˆR(m, END) ˆR(m, pc + 1)(retval) m.returntype PrimType = cl b = primtoboxclass(m.returntype) ˆR(m, END) Ĥ(ObjRef (cl b, m, pc))(value) {ObjRef (cl b, m, pc)} ˆR(m, pc + 1)(retval) (ExcRef (cl e, m e, pc e)) Ê(m ): HANDLE (ˆR,Ê) ((ExcRef (cl e, me, pce)), (m, pc)) ˆR(m, pc) ˆR(m, {retval} pc + 1) Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
42 Lmy /pkg /AnalysisTestActivity;-> oncreate(landroid /os /Bundle;)V Lmy Lmy Lmy Lmy Lmy Lmy /pkg /pkg /pkg /pkg /pkg /pkg /ClassB;-> /ClassB;-> /ClassC;-> /AnalysisTestActivity;-> /ISomeInterface;-> /ClassC;-> factorial(i)i print()v increase(i)i <init>()v <clinit>()v <init>(i)v UNRESOLVED method call Lmy /pkg /ClassB;-> <init>(i)v Lmy /pkg /AnalysisTestActivity;-> reflectiontest()v Lmy /pkg /ClassA;-> <init>(i)v Lmy /pkg /R;-> <init>()v API Lmy /pkg /ClassB;-> increase(i)i Ljava /lang /Integer;-> valueof(i)ljava /lang /Integer; Ljava /lang /Class;-> newinstance()ljava /lang /Object; Ljava /lang /Class;-> getmethod(ljava /lang /String;)Ljava /lang /reflect /Method; Ljava /lang /Class;-> forname(ljava /lang /String;)Ljava /lang /Class; Ljava /lang /Object;-> <init>()v Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
43 Prototype - Overview APK file apktool/unzip Android Manifest DEX file Resources apktool/baksmali smali source smali parser Data structures Constraint generator Callgraph query Prolog source Query Callgraph generation XSB Prolog engine Interactive querying Callgraph output Output Preprocessing DOT source Graphviz dot Image file Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
44 Flow Logic and Prolog Example (Ŝ, Ĥ, ˆR, Ê) = (m, pc): move v1 v2 iff ˆR(m, pc)(v 2) ˆR(m, pc + 1)(v 1) ˆR(m, pc) ˆR(m, {v1 } pc + 1) % PC 48: move v1, v2 hatr(m1, 49, 1, Y) :- hatr(m1, 48, 2, Y). hatr(m1, 49, V, Y) :- hatr(m1, 48, V, Y), V \= 1. Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
45 Modelling Java and Android API Methods All must be handled Reflection java/util/arraylist Java features Entry point methods need objects onsomeevent() Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
46 Analysing Real Apps Example: Sending text messages android/telephony/smsmanager->sendtextmessage() Malware pattern: Hardcoded destination Benign pattern: Destinations from contact list Tainting contact list Handling java/util/arraylist methods Changes to contact list? Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
47 Conclusion Formalisation of the generalised Dalvik instruction set Formalisation of the central parts of reflection Prototype implementation of the control flow analysis Sound call graph Some data flow capabilities sendtextmessage(), hardcoded numbers, taint A foundation for verifying security properties, e.g. Only these files on external storage are accessed:... Text messages are only sent to contacts from your contact list Your contact list does not leave the device Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
48 Future Work Java and Android APIs Manual analysis XML resources Performance Specialization Constraint simplifications Other solvers bddbddb A dedicated solver String analysis Java String Analyzer, Hampi, Kaluza Native code Analysis on device - class loading Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
49 Demo?- invoke( Landroid/telephony/SmsManager;->sendTextMessage( Ljava/lang/String;Ljava/lang/String;Ljava/lang/String; Landroid/app/PendingIntent;Landroid/app/PendingIntent;) V, 1, (top_ref, _, _)). no Erik Ramsgaard Wognsen DANSAS 12, 24 August / 26
50 Demo?- setof(y, (invoke( Landroid/telephony/SmsManager;-> sendtextmessage(ljava/lang/string;ljava/lang/string; Ljava/lang/String;Landroid/app/PendingIntent;Landroid/ app/pendingintent;)v, 1, O), hath(o, value, Y)), Set ). Y = _h159 O = (Ljava/lang/String;, Lorg/me/androidapplication1/ MoviePlayer;->onCreate(Landroid/os/Bundle;)V, 1) Set = [7132] Y = _h159 O = (Ljava/lang/String;, Lorg/media/player/MoviePlayer ;->oncreate(landroid/os/bundle;)v, 17) Set = [4161] no Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
51 Study - Library and Developer Code Developer code net.company.app/ net.company.app/net/ net.company.app/net/company/ net.company.app/net/company/app/ net.company.app/net/company/app/** Library code All other packages, e.g. net.company.app/com/mobclix/android Differences in features used? Erik Ramsgaard Wognsen (erw@cs.aau.dk) DANSAS 12, 24 August / 26
Study, Formalisation, and Analysis of Dalvik Bytecode
Study, Formalisation, and Analysis of Dalvik Bytecode Henrik Søndberg Karlsen, Erik Ramsgaard Wognsen, Mads Chr. Olesen, and René Rydhof Hansen Department of Computer Science, Aalborg University {hkarls07,ewogns08}@student.aau.dk
More informationRipple: Reflection Analysis for Android Apps in Incomplete Information Environments
Ripple: Reflection Analysis for Android Apps in Incomplete Information Environments Yifei Zhang, Tian Tan, Yue Li and Jingling Xue Programming Languages and Compilers Group University of New South Wales
More informationVirtualSwindle: An Automated Attack Against In-App Billing on Android
Northeastern University Systems Security Lab VirtualSwindle: An Automated Attack Against In-App Billing on Android ASIACCS 2014 Collin Mulliner, William Robertson, Engin Kirda {crm,wkr,ek}[at]ccs.neu.edu
More informationDetecting Advanced Android Malware by Data Flow Analysis Engine. Xu Hao & pll
Detecting Advanced Android Malware by Data Flow Analysis Engine Xu Hao & pll 2013.09 Content Background adfaer - Android Data Flow Analyzer Janus - Detect Reflection Experiment Future Work Android Security
More informationAndroid Internals and the Dalvik VM!
Android Internals and the Dalvik VM! Adam Champion, Andy Pyles, Boxuan Gu! Derived in part from presentations by Patrick Brady, Dan Bornstein, and Dan Morrill from Google (http://source.android.com/documentation)!
More informationA Framework for Evaluating Mobile App Repackaging Detection Algorithms
A Framework for Evaluating Mobile App Repackaging Detection Algorithms Heqing Huang, PhD Candidate. Sencun Zhu, Peng Liu (Presenter) & Dinghao Wu, PhDs Repackaging Process Downloaded APK file Unpack Repackaged
More informationJava Security. Compiler. Compiler. Hardware. Interpreter. The virtual machine principle: Abstract Machine Code. Source Code
Java Security The virtual machine principle: Source Code Compiler Abstract Machine Code Abstract Machine Code Compiler Concrete Machine Code Input Hardware Input Interpreter Output 236 Java programs: definitions
More informationCS260 Intro to Java & Android 04.Android Intro
CS260 Intro to Java & Android 04.Android Intro Winter 2015 Winter 2015 CS260 - Intro to Java & Android 1 Android - Getting Started Android SDK contains: API Libraries Developer Tools Documentation Sample
More informationAbusing Android In-app Billing feature thanks to a misunderstood integration. Insomni hack 18 22/03/2018 Jérémy MATOS
Abusing Android In-app Billing feature thanks to a misunderstood integration Insomni hack 18 22/03/2018 Jérémy MATOS whois securingapps Developer background Worked last 12 years in Switzerland on security
More informationAndroid App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore
Android App Development Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore Mobile devices (e.g., smartphone, tablet PCs, etc.) are increasingly becoming an essential part of human life
More informationJava Class Loading and Bytecode Verification
Java Class Loading and Bytecode Verification Every object is a member of some class. The Class class: its members are the (definitions of) various classes that the JVM knows about. The classes can be dynamically
More informationReconstructing DALVIK. Applications. Marc Schönefeld CANSECWEST 2009, MAR18
Reconstructing DALVIK Applications Marc Schönefeld CANSECWEST 2009, MAR18 Motivation As a reverse engineer I have the tendency to look in the code that is running on my mobile device Coming from a JVM
More informationCompiling Techniques
Lecture 10: Introduction to 10 November 2015 Coursework: Block and Procedure Table of contents Introduction 1 Introduction Overview Java Virtual Machine Frames and Function Call 2 JVM Types and Mnemonics
More informationHigh-Level Language VMs
High-Level Language VMs Outline Motivation What is the need for HLL VMs? How are these different from System or Process VMs? Approach to HLL VMs Evolutionary history Pascal P-code Object oriented HLL VMs
More informationAndroid Application Sandbox. Thomas Bläsing DAI-Labor TU Berlin
Android Application Sandbox Thomas Bläsing DAI-Labor TU Berlin Agenda Introduction What is Android? Malware on smartphones Common countermeasures on the Android platform Use-Cases Design Conclusion Summary
More informationUnder the Hood: The Java Virtual Machine. Problem: Too Many Platforms! Compiling for Different Platforms. Compiling for Different Platforms
Compiling for Different Platforms Under the Hood: The Java Virtual Machine Program written in some high-level language (C, Fortran, ML, ) Compiled to intermediate form Optimized Code generated for various
More informationNifty stuff that you can still do with Android. Xavier 'xeu' Martin HES 2013 May 2th 2013
Nifty stuff that you can still do with Android Xavier 'xeu' Martin HES 2013 May 2th 2013 1 Thank You! This presentation is a compilation of original research done by the following people: Tim Strazzere
More informationOWASP German Chapter Stammtisch Initiative/Ruhrpott. Android App Pentest Workshop 101
OWASP German Chapter Stammtisch Initiative/Ruhrpott Android App Pentest Workshop 101 About What we will try to cover in the first session: Setup of a Mobile Application Pentest Environment Basics of Mobile
More informationApplications Mobiles et Internet des Objets Introduction a l architecture d Android
Applications Mobiles et Internet des Objets Introduction a l architecture d Android Thibault CHOLEZ - thibault.cholez@loria.fr TELECOM Nancy - Universite de Lorraine LORIA - INRIA Nancy Grand-Est From
More informationMobile OS. Symbian. BlackBerry. ios. Window mobile. Android
Ing. Elton Domnori December 7, 2011 Mobile OS Symbian BlackBerry Window mobile Android ios Mobile OS OS First release Last release Owner Android Android 1.0 September 2008 Android 4.0 May 2011 Open Handset
More informationH.-S. Oh, B.-J. Kim, H.-K. Choi, S.-M. Moon. School of Electrical Engineering and Computer Science Seoul National University, Korea
H.-S. Oh, B.-J. Kim, H.-K. Choi, S.-M. Moon School of Electrical Engineering and Computer Science Seoul National University, Korea Android apps are programmed using Java Android uses DVM instead of JVM
More informationID: Sample Name: YNtbLvNHuo Cookbook: defaultandroidfilecookbook.jbs Time: 14:44:34 Date: 12/01/2018 Version:
ID: 42511 Sample Name: YNtbLvNHuo Cookbook: defaultandroidfilecookbook.jbs Time: 14:44:34 Date: 12/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationJava: framework overview and in-the-small features
Chair of Software Engineering Carlo A. Furia, Marco Piccioni, Bertrand Meyer Java: framework overview and in-the-small features Chair of Software Engineering Carlo A. Furia, Marco Piccioni, Bertrand Meyer
More informationAnother difference is that the kernel includes only the suspend to memory mechanism, and not the suspend to hard disk, which is used on PCs.
9. Android is an open-source operating system for mobile devices. Nowadays, it has more than 1.4 billion monthly active users (statistic from September 2015) and the largest share on the mobile device
More informationMobile development initiation
Mobile development initiation Outline Mobile development: o Why? o How? o New issues Android ios 2 Mobile growth ¼ Internet access Sales of smartphones and tablets increase o + 70% tab Community 3 Why
More informationLecture 08. Android Permissions Demystified. Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner. Operating Systems Practical
Lecture 08 Android Permissions Demystified Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner Operating Systems Practical 20 November, 2013 OSP Lecture 08, Android Permissions Demystified
More informationdroidcon Greece Thessaloniki September 2015
droidcon Greece Thessaloniki 10-12 September 2015 Reverse Engineering in Android Countermeasures and Tools $ whoami > Dario Incalza (@h4oxer) > Application Security Engineering Analyst > Android Developer
More informationMinds-on: Android. Session 1
Minds-on: Android Session 1 Paulo Baltarejo Sousa Instituto Superior de Engenharia do Porto 2016 Outline Mobile devices Android OS Android architecture Android Studio Practice 1 / 33 2 / 33 Mobile devices
More informationCMSC 430 Introduction to Compilers. Spring Intermediate Representations and Bytecode Formats
CMSC 430 Introduction to Compilers Spring 2016 Intermediate Representations and Bytecode Formats Introduction Front end Source code Lexer Parser Types AST/IR IR 2 IR n IR n.s Middle end Back end Front
More informationAtelier Java - J1. Marwan Burelle. EPITA Première Année Cycle Ingénieur.
marwan.burelle@lse.epita.fr http://wiki-prog.kh405.net Plan 1 2 Plan 3 4 Plan 1 2 3 4 A Bit of History JAVA was created in 1991 by James Gosling of SUN. The first public implementation (v1.0) in 1995.
More informationAndroid App Development
Android App Development Outline Introduction Android Fundamentals Android Studio Tutorials Introduction What is Android? A software platform and operating system for mobile devices Based on the Linux kernel
More information2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions
2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation
More information02 B The Java Virtual Machine
02 B The Java Virtual Machine CS1102S: Data Structures and Algorithms Martin Henz January 22, 2010 Generated on Friday 22 nd January, 2010, 09:46 CS1102S: Data Structures and Algorithms 02 B The Java Virtual
More informationIntroduction To Android
Introduction To Android Mobile Technologies Symbian OS ios BlackBerry OS Windows Android Introduction to Android Android is an operating system for mobile devices such as smart phones and tablet computers.
More informationUnder the Hood: The Java Virtual Machine. Lecture 23 CS2110 Fall 2008
Under the Hood: The Java Virtual Machine Lecture 23 CS2110 Fall 2008 Compiling for Different Platforms Program written in some high-level language (C, Fortran, ML,...) Compiled to intermediate form Optimized
More informationUnderstanding the Dalvik bytecode with the Dedexer tool Gabor Paller
Understanding the Dalvik bytecode with the Dedexer tool Gabor Paller gaborpaller@gmail.com 2009.12.02 Background As we all know, Android is a Linux-Java platform. The underlying operating system is a version
More informationSwift: A Register-based JIT Compiler for Embedded JVMs
Swift: A Register-based JIT Compiler for Embedded JVMs Yuan Zhang, Min Yang, Bo Zhou, Zhemin Yang, Weihua Zhang, Binyu Zang Fudan University Eighth Conference on Virtual Execution Environment (VEE 2012)
More informationLecture 9 : Basics of Reflection in Java
Lecture 9 : Basics of Reflection in Java LSINF 2335 Programming Paradigms Prof. Kim Mens UCL / EPL / INGI (Slides partly based on the book Java Reflection in Action, on The Java Tutorials, and on slides
More informationPAPER ON ANDROID ESWAR COLLEGE OF ENGINEERING SUBMITTED BY:
PAPER ON ANDROID ESWAR COLLEGE OF ENGINEERING SUBMITTED BY: K.VENU 10JE1A0555 Venu0555@gmail.com B.POTHURAJU 10JE1A0428 eswr10je1a0410@gmail.com ABSTRACT early prototypes, basic building blocks of an android
More informationModeling the Android Platform
Modeling the Android Platform Étienne Payet LIM-ERIMIA, université de la Réunion BYTECODE 13 Saturday 23 March 2013 Étienne Payet (LIM-ERIMIA) Modeling the Android Platform BYTECODE 13 1 / 50 Reunion,
More informationAHNLAB 조주봉 (silverbug)
AHNLAB 조주봉 (silverbug) Android Android is a software stack for mobile devices that includes an operating system, middleware and key applications. Application framework Dalvik virtual machine Integrated
More informationAndroid Analysis Tools. Yuan Tian
Android Analysis Tools Yuan Tian Malware are more creative: XcodeGhost More than 300 a pps are infected, including wechat and netease Collect device ID, Apple ID and p assword 10/3/15 CMU Mobile Security
More informationTrace Compilation. Christian Wimmer September 2009
Trace Compilation Christian Wimmer cwimmer@uci.edu www.christianwimmer.at September 2009 Department of Computer Science University of California, Irvine Background Institute for System Software Johannes
More informationChapter 2. Operating-System Structures
Chapter 2 Operating-System Structures 2.1 Chapter 2: Operating-System Structures Operating System Services User Operating System Interface System Calls Types of System Calls System Programs Operating System
More informationIntroduction. Lecture 1. Operating Systems Practical. 5 October 2016
Introduction Lecture 1 Operating Systems Practical 5 October 2016 This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.
More informationWhat is a VM? Categories of Virtual Machines. Process Virtual Machine 11/17/2010
What is a VM? Virtual Machines COMP755 An efficient, isolated duplicate of a real machine Current use includes virtual machines which have no direct correspondence to any real hardware Categories of Virtual
More informationCSc 453 Interpreters & Interpretation
CSc 453 Interpreters & Interpretation Saumya Debray The University of Arizona Tucson Interpreters An interpreter is a program that executes another program. An interpreter implements a virtual machine,
More informationMobile and Ubiquitous Computing: Android Programming (part 1)
Mobile and Ubiquitous Computing: Android Programming (part 1) Master studies, Winter 2015/2016 Dr Veljko Pejović Veljko.Pejovic@fri.uni-lj.si The World of Android The Android Platform A mobile operating
More informationSHWETANK KUMAR GUPTA Only For Education Purpose
Introduction Android: INTERVIEW QUESTION AND ANSWER Android is an operating system for mobile devices that includes middleware and key applications, and uses a modified version of the Linux kernel. It
More informationAndroid app protection through anti-tampering and anti-debugging Techniques
Android app protection through anti-tampering and anti-debugging Techniques by Jia Wan A thesis submitted to the School of Computing in conformity with the requirements for the degree of Master of Science
More informationTowards Verification of Well-Formed Transactions in Java Card Bytecode
Bytecode 2005 Preliminary Version Towards Verification of Well-Formed Transactions in Java Card Bytecode René Rydhof Hansen 1 Informatics and Mathematical Modelling Technical University Denmark Kgs. Lyngby,
More informationSecure Programming. An introduction to Splint. Informatics and Mathematical Modelling Technical University of Denmark E
Secure Programming An introduction to Splint Christian D. Jensen René Rydhof Hansen Informatics and Mathematical Modelling Technical University of Denmark E05-02230 CDJ/RRH (IMM/DTU) Secure Programming
More informationJava language. Part 1. Java fundamentals. Yevhen Berkunskyi, NUoS
Java language Part 1. Java fundamentals Yevhen Berkunskyi, NUoS eugeny.berkunsky@gmail.com http://www.berkut.mk.ua What Java is? Programming language Platform: Hardware Software OS: Windows, Linux, Solaris,
More informationCMPSC 497: Java Security
CMPSC 497: Java Security Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University 1 Enforcement Mechanisms Static mechanisms
More informationThings You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation
Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole- System Emulation Yue Duan, Mu Zhang, Abhishek Vasisht Bhaskar, Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang, XiaoFeng
More informationUse this page to configure individual settings of an Android facet attached to a specific module. In this section: Common Android Fac et options
Android Facet Page File Project Structure Modules - module - Android facet Use this page to configure individual settings of an Android facet attached to a specific module. In this section: Common Android
More informationAndroid Overview. Francesco Mercaldo, PhD
Android Overview Francesco Mercaldo, PhD Post-Doctoral researcher Corso di Sicurezza delle Reti e dei Sistemi Software Università degli Studi del Sannio (fmercaldo@unisannio.it) Things are not always what
More informationLecture 1 Introduction to Android. App Development for Mobile Devices. App Development for Mobile Devices. Announcement.
CSCE 315: Android Lectures (1/2) Dr. Jaerock Kwon App Development for Mobile Devices Jaerock Kwon, Ph.D. Assistant Professor in Computer Engineering App Development for Mobile Devices Jaerock Kwon, Ph.D.
More informationImproving Java Code Performance. Make your Java/Dalvik VM happier
Improving Java Code Performance Make your Java/Dalvik VM happier Agenda - Who am I - Java vs optimizing compilers - Java & Dalvik - Examples - Do & dont's - Tooling Who am I? (Mobile) Software Engineering
More informationExercise 7 Bytecode Verification self-study exercise sheet
Concepts of ObjectOriented Programming AS 2018 Exercise 7 Bytecode Verification selfstudy exercise sheet NOTE: There will not be a regular exercise session on 9th of November, because you will take the
More informationID: Sample Name: gsa_wearable.apk Cookbook: defaultandroidfilecookbook.jbs Time: 09:49:05 Date: 16/10/2017 Version:
ID: 34303 Sample Name: sa_wearable.apk Cookbook: defaultandroidfilecookbook.jbs Time: 09:49:05 Date: 1/10/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Classification
More informationCS263: Runtime Systems Lecture: High-level language virtual machines
CS263: Runtime Systems Lecture: High-level language virtual machines Today: A Review of Object-oriented features Chandra Krintz UCSB Computer Science Department Virtual machines (VMs) Terminology Aka managed
More informationCMSC 430 Introduction to Compilers. Fall Language Virtual Machines
CMSC 430 Introduction to Compilers Fall 2018 Language Virtual Machines Introduction So far, we ve focused on the compiler front end Syntax (lexing/parsing) High-level language semantics Ultimately, we
More informationIntroduction to Android
Introduction to Android Ambient intelligence Alberto Monge Roffarello Politecnico di Torino, 2017/2018 Some slides and figures are taken from the Mobile Application Development (MAD) course Disclaimer
More informationStatic Program Analysis
Static Program Analysis Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ws-1617/spa/ Recap: Taking Conditional Branches into Account Extending
More informationThe Java Language Implementation
CS 242 2012 The Java Language Implementation Reading Chapter 13, sections 13.4 and 13.5 Optimizing Dynamically-Typed Object-Oriented Languages With Polymorphic Inline Caches, pages 1 5. Outline Java virtual
More informationFormal Security Analysis of Android Apps
Formal Security Analysis of Android Apps Matteo Maffei S&P Security and Privacy Group Exploits extremely slow patching process Exploits OS vulnerabilities Breaks sandbox separation logic by notifications
More informationFormal methods for software security
Formal methods for software security Thomas Jensen, INRIA Forum "Méthodes formelles" Toulouse, 31 January 2017 Formal methods for software security Formal methods for software security Confidentiality
More informationAndroid Malware: they divide, we conquer
Android Malware: they divide, we conquer Igor Muttik *, Irina Mariuca Asavoae ** J. Blasco ***, T.M. Chen ***, H.K. Kalutarage *****, H.N. Nguyen ****, M. Roggenbach **, S.A. Shaikh **** * - Intel Security;
More informationCOSC 3P97 Mobile Computing
COSC 3P97 Mobile Computing Mobile Computing 1.1 COSC 3P97 Prerequisites COSC 2P13, 3P32 Staff instructor: Me! teaching assistant: Steve Tkachuk Lectures (MCD205) Web COSC: http://www.cosc.brocku.ca/ COSC
More informationLecture 1 - Introduction to Android
Lecture 1 - Introduction to Android This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/
More informationDeveloping Mobile Applications
Developing Mobile Applications J2ME Java 2 Micro Edition 1 Virtual machines portable apps virtual machine native apps operating system hardware 2 Java - important issues Symbolic language not a random
More informationCS263: Runtime Systems Lecture: High-level language virtual machines. Part 1 of 2. Chandra Krintz UCSB Computer Science Department
CS263: Runtime Systems Lecture: High-level language virtual machines Part 1 of 2 Chandra Krintz UCSB Computer Science Department Portable, Mobile, OO Execution Model Execution model embodied by recent
More informationJava Instrumentation for Dynamic Analysis
Java Instrumentation for Dynamic Analysis and Michael Ernst MIT CSAIL Page 1 Java Instrumentation Approaches Instrument source files Java Debug Interface (JDI) Instrument class files Page 2 Advantages
More informationAndroid. Mobile operating system developed by Google A complete stack. Based on the Linux kernel Open source under the Apache 2 license
Android Android Mobile operating system developed by Google A complete stack OS, framework A rich set of applications Email, calendar, browser, maps, text messaging, contacts, camera, dialer, music player,
More informationPlaying with skype. 4knahs
Playing with skype 4knahs slacking @work Monkey taken from : http://www.websimians.com/ For educational purposes only! I do not support the use of any of the mentioned techniques for illegal activities..
More informationAndroid. (XKE Mars 2009) Erwan Alliaume.
Android (XKE Mars 2009) Erwan Alliaume ealliaume(*at*)xebia(*dot*)fr http://www.xebia.fr http://blog.xebia.fr History August 2005 Google acquires Android November 2007 Open Handset Alliance announcement
More informationChapter 2: Operating-System Structures
Chapter 2: Operating-System Structures Chapter 2: Operating-System Structures Operating System Services User Operating System Interface System Calls Types of System Calls System Programs Operating System
More informationInteroperation of tasks
Operating systems (vimia219) Interoperation of tasks Tamás Kovácsházy, PhD 4 th topic, Implementation of tasks, processes and threads Budapest University of Technology and Economics Department of Measurement
More informationA Method-Based Ahead-of-Time Compiler For Android Applications
A Method-Based Ahead-of-Time Compiler For Android Applications Fatma Deli Computer Science & Software Engineering University of Washington Bothell November, 2012 2 Introduction This paper proposes a method-based
More informationCuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes
CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, Engin Kirda 02/23/2016 Android 2015
More informationAdvanced Enterprise Debugging
ThoughtWorks Neal Ford TS-4588 Advanced Enterprise Debugging ThoughtWorker/Meme Wrangler ThoughtWorks www.thoughtworks.com 2007 JavaOne SM Conference TS-4588 What This Session Covers Forensic debugging
More informationSmall footprint inspection techniques for Android
Small footprint inspection techniques for Android Damien Cauquil, Pierre Jaury 29C3 December 29, 2012 Damien Cauquil, Pierre Jaury Small footprint inspection techniques for Android 1 / 33 Introduction
More informationPractice of Android Reverse Engineering
Practice of Android Reverse Engineering Jim Huang ( 黃敬群 ) Developer, 0xlab jserv@0xlab.org July 23, 2011 / HITcon Rights to copy Copyright 2011 0xlab http://0xlab.org/ contact@0xlab.org Attribution ShareAlike
More informationLanguage-Based Security on Android (call for participation) Avik Chaudhuri
+ Language-Based Security on Android (call for participation) Avik Chaudhuri + What is Android? Open-source platform for mobile devices Designed to be a complete software stack Operating system Middleware
More informationWebAssembly. neither Web nor Assembly, but Revolutionary
WebAssembly neither Web nor Assembly, but Revolutionary The WebAssembly revolution has begun Jay Phelps Chief Software Architect previously Support, Dev Rel, Staff Augmentation, Mentorship, and more www.thisdot.co
More informationAndroid App Protection via Interpretation Obfuscation
Android App Protection via Interpretation Obfuscation Junliang Shu, Juanru Li, Yuanyuan Zhang and Dawu Gu Lab of Cryptology and Computer Security Shanghai Jiao Tong University Shanghai, China, Abstract
More informationIntroduction to Android
Introduction to Android http://myphonedeals.co.uk/blog/33-the-smartphone-os-complete-comparison-chart www.techradar.com/news/phone-and-communications/mobile-phones/ios7-vs-android-jelly-bean-vs-windows-phone-8-vs-bb10-1159893
More informationChapter 2: Operating-System Structures. Operating System Concepts 9 th Edition
Chapter 2: Operating-System Structures Silberschatz, Galvin and Gagne 2013 Chapter 2: Operating-System Structures Operating System Services User Operating System Interface System Calls Types of System
More informationMethodHandle implemention tips and tricks
MethodHandle implemention tips and tricks Dan Heidinga J9 VM Software Developer daniel_heidinga@ca.ibm.com J9 Virtual Machine 2011 IBM Corporation MethodHandles: a 30 sec introduction A method handle is
More informationFile Synchronization using API Google Drive on Android Operating System
File Synchronization using API Google Drive on Android Operating System Agustinus Noertjahyana, Kevin Darmawan, Justinus Andjarwirawan Informatics Engineering Department Petra Christian University Surabaya,
More informationImproving Java Performance
Improving Java Performance #perfmatters Raimon Ràfols ...or the mumbo-jumbo behind the java compiler Agenda - Disclaimer - Who am I? - Our friend the java compiler - Language additions & things to consider
More informationUnpacking the Packed Unpacker
Unpacking the Packed Unpacker Reversing an Android Anti-Analysis Native Library Maddie Stone @maddiestone BlackHat USA 2018 Who am I? - Maddie Stone Reverse Engineer on Google s Android Security Team 5+
More informationPlaying Hide and Seek with Dalvik Executables
Playing Hide and Seek with Dalvik Executables Axelle Apvrille Hack.Lu, October 2013 Hack.Lu 2013 - A. Apvrille 2/20 Who am i? whoami #!/usr/bin/perl -w my $self = { realname => Axelle Apvrille, nickname
More informationRun-time Program Management. Hwansoo Han
Run-time Program Management Hwansoo Han Run-time System Run-time system refers to Set of libraries needed for correct operation of language implementation Some parts obtain all the information from subroutine
More informationINVESTIGATING ANDROID BYTECODE EXECUTION ON JAVA VIRTUAL MACHINES
INVESTIGATING ANDROID BYTECODE EXECUTION ON JAVA VIRTUAL MACHINES A DISSERTATION SUBMITTED TO THE UNIVERSITY OF MANCHESTER FOR THE DEGREE OF MASTER OF SCIENCE IN THE FACULTY OF ENGINEERING AND PHYSICAL
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationarxiv: v1 [cs.cr] 27 Dec 2018
Fine-grained Code Coverage Measurement in Automated Black-box Android Testing A Preprint arxiv:1812.10729v1 [cs.cr] 27 Dec 2018 Aleksandr Pilgun SnT, University of Luxembourg Luxembourg Olga Gadyatskaya
More informationMobile Application Development - Android
Mobile Application Development - Android MTAT.03.262 Satish Srirama satish.srirama@ut.ee Goal Give you an idea of how to start developing Android applications Introduce major Android application concepts
More informationThe Terminator to Android Hardening Services. Yueqian Zhang, Xiapu Luo, Haoyang Yin Department of Computing The Hong Kong Polytechnic University
The Terminator to Android Hardening Services Yueqian Zhang, Xiapu Luo, Haoyang Yin Department of Computing The Hong Kong Polytechnic University 1 Source: Trend Micro Percentage of top 10 apps in each category
More information