Static Dalvik VM bytecode instrumentation

Eugene Minibaev

This work proposes a novel approach to restricting the access for blacklisted Android system API calls. Main feature of the suggested method introduced in this paper is that it requires only rootless or (user-mode) access to the system unlike previous works. For that reason this method is valuable for end-users due to the possibility of project distribution via Play Market and it does not require any phone system modifications and/or updates. This paper explains the required background of Android OS necessary for understanding and describes the method for modification Android application. In this paper the proof-of-concept implementation. That is able to block the application's IMEI requests is introduced. Also this paper lists unsuccessful methods that tried to provide the user security. Obviously with those restrictions application may lack some of features that can only be granted in unsecured environment.

Knowledge Graph

arrow_drop_up

Comments

Sign up or login to leave a comment