A lightweight approach to component-level exception mechanism for robust android apps

Recent researches have reported that Android programs are vulnerable to unexpected exceptions. One reason is that the current design of Android platform solely depends on Java exception mechanism, which is unaware of the component-based structure of Android programs. This paper proposes a component-level exception mechanism for programmers to build robust Android programs with. With the mechanism, they can define an intra-component handler for each component to recover from exceptions, and they can propagate uncaught exceptions to caller component along the reverse of component activation flow. Theoretically, we have formalized an Android semantics with exceptions to prove the robustness property of the mechanism. In practice, we have implemented the mechanism with a domain-specific library that extends existing Android components. This lightweight approach does not demand the change of the Android platform. In our experiment with Android benchmark programs, the library is found to catch a number of runtime exceptions that would otherwise get the programs terminated abnormally. We also measure the overhead of using the library to show that it is very small. Our proposal is a new mechanism for defending Android programs from unexpected exceptions. HighlightsWe design a component-level exception mechanism for Android program to improve its robustness.We design a formal semantics for Android-Java with exceptions to prove the robustness theoretically.Our experiment with nine Android source benchmarks shows that six programs become more robust with the mechanism.Our approach is lightweight, not demanding any change of Android platform for use of the mechanism.Our proposal is a new mechanism for defending Android programs from unexpected exceptions.

[1]  Chrysanthos Dellarocas Toward Exception Handling Infrastructures for Component-Based Software , 2000 .

[2]  Cecília M. F. Rubira,et al.  A systematic approach for structuring exception handling in robust component-based software , 2010, Journal of the Brazilian Computer Society.

[3]  Grigore Rosu,et al.  K-Java , 2015, POPL.

[4]  Reto Meier Professional Android Application Development , 2008 .

[5]  Mark Ryan,et al.  Proceedings of the 7th International Symposium on Trustworthy Global Computing (TGC) , 2013 .

[6]  René Rydhof Hansen,et al.  Formalisation and analysis of Dalvik bytecode , 2014, Sci. Comput. Program..

[7]  Eugenio Moggi,et al.  Notions of Computation and Monads , 1991, Inf. Comput..

[8]  Tobias Nipkow,et al.  Javalight is type-safe—definitely , 1998, POPL '98.

[9]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[10]  Mark P. Jones The Functions of Java Bytecode , 1998 .

[11]  Alexandre Sztajnberg,et al.  A contract-based approach to describe and deploy non-functional adaptations in software architectures , 2010, Journal of the Brazilian Computer Society.

[12]  Jacques Klein,et al.  Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis , 2013 .

[13]  Avik Chaudhuri,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[14]  Avik Chaudhuri,et al.  Language-based security on Android , 2009, PLAS '09.

[15]  Egon Börger,et al.  Java and the Java Virtual Machine: Definition, Verification, Validation , 2001 .

[16]  Philip Wadler,et al.  Featherweight Java: a minimal core calculus for Java and GJ , 2001, TOPL.

[17]  Philip Wadler,et al.  The essence of functional programming , 1992, POPL '92.

[18]  Byeong-Mo Chang,et al.  A type and effect system for activation flow of components in Android programs , 2014, Inf. Process. Lett..

[19]  Zigurd Mednieks,et al.  Enterprise Android: Programming Android Database Applications for the Enterprise , 2013 .

[20]  Étienne Payet,et al.  An operational semantics for android activities , 2014, PEPM '14.

[21]  Jeffrey S. Foster,et al.  SymDroid: Symbolic Execution for Dalvik Bytecode , 2012 .

[22]  Gang Huang,et al.  Towards architecture-level middleware-enabled exception handling of component-based systems , 2011, CBSE '11.

[23]  Martin Monperrus,et al.  Exception handling analysis and transformation using fault injection: Study of resilience against unanticipated exceptions , 2015, Inf. Softw. Technol..

[24]  Sophia Drossopoulou,et al.  Java is Type Safe - Probably , 1997, ECOOP.

[25]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[26]  Alexander Romanovsky Exception handling in component-based system development , 2001, 25th Annual International Computer Software and Applications Conference. COMPSAC 2001.

[27]  Avik Chaudhuri Language-based security on Android (abstract only) , 2009, SIGP.

[28]  Alessandro Armando,et al.  Formal Modeling and Reasoning about the Android Security Framework , 2012, TGC.

[29]  Martin P. Robillard,et al.  Static analysis to support the evolution of exception structure in object-oriented systems , 2003, TSEM.

[30]  Jan S. Rellermeyer,et al.  An empirical study of the robustness of Inter-component Communication in Android , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[31]  Byeong-Mo Chang,et al.  Visualization of exception propagation for Java using static analysis , 2002, Proceedings. Second IEEE International Workshop on Source Code Analysis and Manipulation.

[32]  John Regehr,et al.  Intent fuzzer: crafting intents of death , 2014, WODA+PERTEA 2014.

[33]  Philip Wadler,et al.  Monads for functional programming , 1995, NATO ASI PDC.

[34]  J. Foster,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[35]  Kwangkeun Yi,et al.  Interprocedural exception analysis for Java , 2001, SAC.

[36]  Guy L. Steele,et al.  Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley)) , 2005 .

[37]  José Meseguer,et al.  Formal Analysis of Java Programs in JavaFAN , 2004, CAV.