Formalisation and analysis of Dalvik bytecode
نویسندگان
چکیده
With the large, and rapidly increasing, number of smartphones based on the Android platform, combined with the open nature of the platform that allows “apps” to be downloaded and executed on the smartphone, misbehaving and malicious (malware) apps are set to become a serious problem. To counter this problem, automated tools for analysing and verifying apps are essential. Furthermore, to ensure high-fidelity of such tools, it is essential to formally specify both semantics and analyses. In this paper we present, to the best of our knowledge, the first formalisation of the complete Dalvik bytecode language including reflection features and the first formally specified control flow analysis for the language, including advanced control flow features such as dynamic dispatch, exceptions, and reflection. To determine which features to include in the formalisation and analysis, 1,700 Android apps from the Google Play app market (formerly known as Android Market) were downloaded and examined.
منابع مشابه
SymDroid: Symbolic Execution for Dalvik Bytecode
Apps on Google’s Android mobile device platform are written in Java, but are compiled to a special bytecode language called Dalvik. In this paper, we introduce SymDroid, a symbolic executor that operates directly on Dalvik bytecode. SymDroid begins by first translating Dalvik into μ-Dalvik, a simpler language that has only 16 instructions, in contrast to Dalvik’s more than 200 instructions. We ...
متن کاملNon-termination of Dalvik bytecode via compilation to CLP
We present a set of rules for compiling a Dalvik bytecode program into a logic program with array constraints. Non-termination of the resulting program entails that of the original one, hence the techniques we have presented before for proving non-termination of constraint logic programs can be used for proving non-termination of Dalvik programs. 1998 ACM Subject Classification D.2.4 Software/P...
متن کاملAppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware
As the techniques for Androidmalware detection are progressing, malware also fights back through deploying advanced code encryption with the help of Android packers. An effective Android malware detection therefore must take the unpacking issue into consideration to prove the accuracy. Unfortunately, this issue is not easily addressed. Android packers often adopt multiple complex anti-analysis ...
متن کاملAndroid: From Reversing to Decompilation
This talk deals with Android’s bytecode analysis. The Android system is now widespread, and lots of applications are developed each days. These applications are mostly written in Java, though it is possible to do calls to binaries or shared libraries. To be executed on the DVM the Java source code is translated into Java bytecode (.class files) and then a tool named ‘dx’ is used to convert it i...
متن کاملFormal Certification of Android Bytecode
Android is an operating system that has been usedin a majority of mobile devices. Each application in Androidruns in an instance of the Dalvik virtual machine, which isa register-based virtual machine (VM). Most applications forAndroid are developed using Java, compiled to Java bytecodeand then translated to DEX bytecode using the dx tool inthe Android SDK. In this work,...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Sci. Comput. Program.
دوره 92 شماره
صفحات -
تاریخ انتشار 2014