Bytecode instrumentation mechanism for monitoring mobile application information flow

Mobile applications are monitored for performance check or tested for error correctness in respect of particular security properties. The more sensitive the information such as credit card, personal medical and private information processed by mobile app, the more important to observe and check the flow of the information during mobile app execution. Monitoring untrusted mobile app to verify there is no information flow during the runtime of mobile app in an environment, where critical information are existed, are very difficult. This paper concerned with the observation of information flow of untrusted mobile app at runtime. The paper presents first part Observe points of framework called observing untrusted app execution to control information flow with the aim of supporting user interaction to change app behaviour. This paper presents all necessary instrumentation algorithms of Java bytecode and discusses the prototype implementation of new bytecode instrumentation mechanism for observing information flow during runtime.

[1]  David W. Wall,et al.  Link-time optimization of address calculation on a 64-bit architecture , 1994, PLDI '94.

[2]  Mohamed Sarrab,et al.  Policy based runtime verification of information flow. , 2011 .

[3]  Mohamed Khalefa Sarrab Runtime Verification of Information flow: Policy-Based Runtime Verification of Information Flow Control , 2011 .

[4]  Bill Venners,et al.  Inside the Java Virtual Machine , 1997 .

[5]  Geoff A. Cohen,et al.  Automatic Program Transformation with JOIE , 1998, USENIX Annual Technical Conference.

[6]  Susan L. Graham,et al.  An execution profiler for modular programs , 1983, Softw. Pract. Exp..

[7]  Mark Horowitz,et al.  ATUM: a new technique for capturing address traces using microcode , 1986, ISCA '86.

[8]  Shigeru Chiba,et al.  A Bytecode Translator for Distributed Execution of "Legacy" Java Software , 2001, ECOOP.

[9]  James R. Larus,et al.  Rewriting executable files to measure program behavior , 1994, Softw. Pract. Exp..

[10]  Sheng Liang,et al.  Dynamic class loading in the Java virtual machine , 1998, OOPSLA '98.

[11]  Alan Eustace,et al.  ATOM - A System for Building Customized Program Analysis Tools , 1994, PLDI.

[12]  Sheng Liang,et al.  Java Native Interface: Programmer's Guide and Reference , 1999 .

[13]  Walter Binder,et al.  Reengineering Standard Java Runtime Systems through Dynamic Bytecode Instrumentation , 2007 .

[14]  Helge Janicke,et al.  Runtime monitoring and controlling of Information flow. , 2010 .

[15]  Srinivasan Parthasarathy,et al.  NetProf: Network-based High-level Profiling of Java Bytecode , 1996 .

[16]  Yannis Smaragdakis,et al.  J-Orchestra: Automatic Java Application Partitioning , 2002, ECOOP.

[17]  Thomas Ball,et al.  What's in a region?: or computing control dependence regions in near-linear time for reducible control flow , 1993, LOPL.

[18]  Urs Hölzle,et al.  Binary Component Adaptation , 1997, ECOOP.

[19]  Walter Binder,et al.  A Quantitative Evaluation of the Contribution of Native Code to Java Workloads , 2006, 2006 IEEE International Symposium on Workload Characterization.

[20]  Walter Binder,et al.  Advanced Java bytecode instrumentation , 2007, PPPJ.

[21]  Hadj Bourdoucen,et al.  Runtime Monitoring Using Policy Based Approach to Control Information Flow for Mobile Apps , 2013 .

[22]  Mohamed Sarrab,et al.  Runtime verification using policy-based approach to control information flow , 2013, Int. J. Secur. Networks.

[23]  Insik Shin,et al.  Mobile code security by Java bytecode instrumentation , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[24]  Benjamin G. Zorn,et al.  BIT: A Tool for Instrumenting Java Bytecodes , 1997, USENIX Symposium on Internet Technologies and Systems.