Adding trace matching with free variables to AspectJ
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
abc: the aspectbench compiler for aspectJ
GPCE'05 Proceedings of the 4th international conference on Generative Programming and Component Engineering
Design of SMS commanded-and-controlled and P2P-structured mobile botnets
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Dissecting Android Malware: Characterization and Evolution
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Aurasium: practical policy enforcement for Android applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
CHEX: statically vetting Android apps for component hijacking vulnerabilities
Proceedings of the 2012 ACM conference on Computer and communications security
LeakMiner: Detect Information Leakage on Android with Static Taint Analysis
WCSE '12 Proceedings of the 2012 Third World Congress on Software Engineering
AppGuard: enforcing user requirements on android apps
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Slicing droids: program slicing for smali code
Proceedings of the 28th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
Novel types of malware on mobile devices have raised researchers interest in implementing static and dynamic techniques for detecting and mitigating malicious behavior of mobile applications. In this hands-on tutorial we will demonstrate and explain different techniques for instrumenting Android applications using the Aspect Bench Compiler (abc) and the program analysis and transformation tool Soot. Through high-level abstractions such as AspectJ aspects and Tracematches, abc supports a declarative style of instrumentation that lends itself to the rapid prototyping of at least simple instrumentation schemes. Soot supports instrumentation in an imperative style, which requires more work but allows more fine-grained control. Both abc and Soot are inter operable, as they instrument the same intermediate program representation. Furthermore, as we show, both can be easily integrated with static program analyses that can be used to specialize instrumentation schemes based on additional information extracted from the static structure of the instrumented app.