Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Engineering Secure Software and Systems

ESSoS 2013: Engineering Secure Software and Systems pp 33–41Cite as

Idea: Callee-Site Rewriting of Sealed System Libraries

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7781))

Abstract

Inline reference monitoring instruments programs in order to enforce a security policy at runtime. This technique has become an essential tool to mitigate inherent security shortcomings of mobile platforms like Android. Unfortunately, rewriting all calls to security-relevant methods requires significant space and time, in particular if this process is performed on the phone. This work proposes a novel approach to inline reference monitoring that abstains from caller-site instrumentation even in the case where the monitored method is part of a sealed library. To that end we divert the control flow towards the security monitor by modifying references to security-relevant methods in the Dalvik Virtual Machine’s internal bytecode representation. This method is similar in spirit to modifying function pointers and effectively allows callee-site rewriting. Our initial empirical evaluation demonstrates that this approach incurs minimal runtime overhead.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: Appguard - real-time policy enforcement for third-party applications. Tech. Rep. A/02/2012, Saarland University, Computer Science (July 2012), http://www.infsec.cs.uni-saarland.de/projects/appguard/android_irm.pdf

  2. Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: Context-Related Policy Enforcement for Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  3. Davis, B., Sanders, B., Khodaverdian, A., Chen, H.: I-ARM-Droid: A rewriting framework for in-app reference monitors for android applications. In: Mobile Security Technologies 2012, MoST 2012 (2012)

    Google Scholar 

  4. Desmet, L., Joosen, W., Massacci, F., Naliuka, K., Philippaerts, P., Piessens, F., Vanoverberghe, D.: The s3ms.net run time monitor. Electron. Notes Theor. Comput. Sci. 253(5), 153–159 (2009)

    Article  Google Scholar 

  5. Erlingsson, Ú., Schneider, F.B.: Irm enforcement of java stack inspection. In: Proc. 2002 IEEE Symposium on Security and Privacy (Oakland 2002), pp. 246–255 (2000)

    Google Scholar 

  6. Fragkaki, E., Bauer, L., Jia, L., Swasey, D.: Modeling and Enhancing Android’s Permission System. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 1–18. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  7. Google Seccomp sandbox for Linux, http://code.google.com/p/seccompsandbox/

  8. Hunt, G., Brubacher, D.: Detours: binary interception of Win32 functions. In: Proceedings of the 3rd Conference on USENIX Windows NT Symposium, WINSYM 1999. USENIX Association, Berkeley (1999)

    Google Scholar 

  9. Jeon, J., Micinski, K.K., Vaughan, J., Fogel, A., Reddy, N., Foster, J., Millstein, T.: Dr. Android and Mr. Hide: Fine-grained permissions in android applications. In: 2012 ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM (2012)

    Google Scholar 

  10. Ligatti, J., Bauer, L., Walker, D.: Edit automata: Enforcement mechanisms for run-time security policies. International Journal of Information Security 4(1-2), 2–16 (2005)

    Article  Google Scholar 

  11. Nauman, M., Khan, S., Zhang, X.: Apex: Extending android permission model and enforcement with user-defined runtime constraints. In: Proc. 5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010, pp. 328–332 (2010)

    Google Scholar 

  12. Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3(1), 30–50 (2000)

    Article  Google Scholar 

  13. Xu, R., Saïdi, H., Anderson, R.: Aurasium – practical policy enforcement for android applications. In: Proc. 21st USENIX Security Symposium (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Saarland University, Saarbrücken, Germany

    Philipp von Styp-Rekowsky, Sebastian Gerling, Michael Backes & Christian Hammer

  2. Max Planck Institute for Software Systems (MPI-SWS), Saarbrücken, Germany

    Michael Backes

Authors
  1. Philipp von Styp-Rekowsky
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sebastian Gerling
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Backes
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christian Hammer
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, TU Dortmund und Fraunhofer ISST, Otto-Hahn-Straße 14, 44221, Dortmund, Germany

    Jan Jürjens

  2. One Microsoft Way, Microsoft Research, 98052-6399, Redmond, WA, USA

    Benjamin Livshits

  3. Department of Computer Science, Katholieke Universiteit Leuven, Celestijnenlaan 200A, 3001, Heverlee, Belgium

    Riccardo Scandariato

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

von Styp-Rekowsky, P., Gerling, S., Backes, M., Hammer, C. (2013). Idea: Callee-Site Rewriting of Sealed System Libraries. In: Jürjens, J., Livshits, B., Scandariato, R. (eds) Engineering Secure Software and Systems. ESSoS 2013. Lecture Notes in Computer Science, vol 7781. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36563-8_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36563-8_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36562-1

  • Online ISBN: 978-3-642-36563-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation