Retrofitting Android Apps Benjamin Davis Hao Chen University of California Davis MobiSys 2013 The Android TM Platform 2 More than 600000 thirdparty apps amp games on Google ID: 557735
Download Presentation The PPT/PDF document "RetroSkeleton" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
RetroSkeleton: Retrofitting Android AppsBenjamin Davis, Hao ChenUniversity of California, Davis
MobiSys
2013Slide2
The AndroidTM Platform2
More than 600,000 third-party
apps & games on Google
Play
TM
alone
Android and Google Play are trademarks of Google Inc. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License.
“What are these apps doing?”
“How can I control what these apps do?”
?Slide3
Limitations of Android’s Permission System3
All or Nothing
Coarse-grained
No
revocationSlide4
Examples: TISSA (TRUST ‘11), Apex (ASIACCS ‘10)Deployment ChallengesProprietary binaries for device hardwareRequires rooting phone, voiding warranty, etc.InflexibleDifficult to enforce app-specific policiesNew behavior requires system changesEach Android version requires new implementation
4
Current Proposals: Platform ModificationsSlide5
GoalsObserve and control the behavior of third-party appsDevicesRequire no platform modificationsApproachPowerfulCompletePolicyApp-independentApplied automaticallyNon-goal: prevent detection by app
5Slide6
Rewriting Android AppsObservations:Apps interact with device via platform API method calls95% of apps are implemented entirely in DalvikDalvik bytecode is structured & unambiguousOur approach: in-app method-call interception via automatic bytecode rewriting
6Slide7
RetroSkeletonAutomatic App Analysis & RewritingTransformation Policy
Target Methods
Method Handlers
Original App
INPUT
REWRITING
OUTPUT
7
Rewritten AppSlide8
Intercepting Method InvocationsInterception strategy depends on:Method type (static, instance, …)Method attributes (protected, final, …)
Invocation kind (
direct
,
virtual
,
…)Higher-level strategies for:InheritanceVirtual method invocation8Slide9
DeveloperSocket
bind()
Inheritance-Based
Interception
9
WedgeSocket
@Override
bind()
DatagramSocketbind()
Android
Platform Code
App CodeSlide10
Challenge: Interception CompletenessReflection API (behavior specified at runtime)Statically identify invocation of the reflection APIAdd handlers to inspect and dispatch at runtimeNative and dynamically-loaded codeDetect and intercept invocation
10Slide11
RetroSkeletonAutomatic App Analysis & RewritingTransformation Policy
Target Methods
Method Handlers
Original App
INPUT
REWRITING
OUTPUT
11
Rewritten AppSlide12
Transformation Policy Specification12Target MethodHandler Behavior
public static void
retroSkeletonConnect
(
DatagramSocket
p0,
SocketAddress p1) throws SocketException{ Log.i("RSKEL", "connect called!"); p0.connect(p1); // invoke target method}
java.net.DatagramSocket
public void connect(SocketAddress peer) throws SocketExceptionSlide13
Use: Fine-Grained Network Access Control13
evil.com
example.comSlide14
Use: HTTPS-Everywhere for Apps14
http://
example.com
HTTPS Everywhere Project: https://
www.eff.org
/https-everywhere
https://example.com
HTTP
HTTPSSlide15
Use: Automatic Localization15
App Code
translation
service
Guten
Tag!
setText("Guten
Tag!")
"Guten Tag!"
"Good Day!"
Good Day!
setText("Good
Day!")Slide16
EvaluationRun-time overhead: (0.2 µs) + handlerRewrite speed: fast (~5 seconds)Impact on app size: (0.5% for our policies)Policy functionality:Applied to over 1,000 apps from Google PlayTested rewritten apps in emulator & observed handler behavior
16
Transformation Policy
Success
Network Access Control
99.5%
HTTPS-Everywhere93.2%Automatic Localization99.6%Slide17
Conclusion17In-app method interceptionApp-agnostic policy specification and applicationAutomatic rewriting, no manual guidanceRewritten apps deployable to any Android deviceComing Soon:retroskeleton.com