RetroSkeleton: retrofitting android apps

  title={RetroSkeleton: retrofitting android apps},
  author={Benjamin Davis and Hao Chen},
  booktitle={MobiSys '13},
An obvious asset of the Android platform is the tremendous number and variety of available apps. There is a less obvious, but potentially even more important, benefit to the fact that nearly all apps are developed using a common platform. We can leverage the relatively uniform nature of Android apps to allow users to tweak applications for improved security, usability, and functionality with relative ease (compared to desktop applications). We design and implement an Android app rewriting… 

Figures and Tables from this paper

WrapDroid: Flexible and Fine-Grained Scheme Towards Regulating Behaviors of Android Apps

E evaluation results show that WrapDroid can effectively regulate the behaviors of Android apps according to given policies with negligible performance overhead and could be flexibly adopted by Android devices.

Rewriting an Android app using RetroSkeleton

It is shown how RetroSkeleton can be used to automatically add custom fine-grained network access controls into an existing app, giving users more control over their apps.

Hybrid User-level Sandboxing of Third-party Android Apps

The evaluation shows that AppCage can successfully detect and block attempts to leak private information by third-party apps, and the performance overhead caused by AppCages is negligible for apps without native libraries and minor for apps with them.

ARTist: The Android Runtime Instrumentation and Security Toolkit

With the introduction of Android 5 Lollipop, the Android Runtime (ART) superseded the Dalvik Virtual Machine (DVM) by introducing ahead-of-time compilation and native execution of applications,

Taming transitive permission attack via bytecode rewriting on Android application

This paper presents an instrumentation framework, called SEAPP, for Android applications or "apps" to detect the transitive permission attack on unmodified Android, which automatically rewrites an app without requiring its source codes and produces a security-harden app.

NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running stock Android

The proposed solution, called NJAS, works by executing an Android application within the context of another one, and it achieves sandboxing by means of system call interposition, and the core sandboxing mechanism cannot be evaded by using native code components.

RmPerm: A Tool for Android Permissions Removal

This work proposes a novel approach, which does not require any change to the underlying OS, allowing users to selectively remove permissions from apps before installing them, and with a finer granularity, and presents the viability of the approach via an empirical assessment on 81K apps.

ASM: A Programmable Interface for Extending Android Security

The Android Security Modules (ASM) framework is proposed, which provides a programmable interface for defining new reference monitors for Android and envision ASM enabling in-the-field security enhancement of Android devices without requiring root access, a significant limitation of existing bring-your-own-device solutions.

CASE: Comprehensive Application Security Enforcement on COTS Mobile Devices

CASE is an automatic app patching tool used by app developers to enable module-level security in their apps built for COTS Android devices and is robust against malicious Java and native app modules.

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices

DeepDroid is a dynamic enterprise security policy enforcement scheme on Android devices implemented by dynamic memory instrumentation of a small number of critical system processes without any firmware modification and can be easily deployed on various smartphone platforms with a wide range of Android versions.



I-ARM-Droid : A Rewriting Framework for In-App Reference Monitors for Android Applications

A rewriting framework for embedding In-App Reference Monitors (I-ARM) into Android applications to protect users from untrusted and potentially malicious applications is designed and implemented.

Dr. Android and Mr. Hide: fine-grained permissions in android applications

A suite of tools that allow fine-grained permissions to be inferred on existing apps; to be enforced by developers on their own apps; and to be retrofitted by users to increase security of existing apps without affecting functionality are developed.

Android permissions demystified

Stowaway, a tool that detects overprivilege in compiled Android applications, is built and finds that about one-third of applications are overprivileged.

FreeMarket: Shopping for free in Android applications

The FreeMarket attack is presented, which automatically identifies and exploits such insecure IAB coding practices and produces a rewritten application for which all in-app purchases succeed without any payment.

A Study of Android Application Security

A horizontal study of popular free Android applications uncovered pervasive use/misuse of personal/ phone identifiers, and deep penetration of advertising and analytics networks, but did not find evidence of malware or exploitable vulnerabilities in the studied applications.

Aurasium: Practical Policy Enforcement for Android Applications

A novel solution called Aurasium is developed that bypasses the need to modify the Android operating system while providing much of the security and privacy that users desire, and has been tested on three versions of the Android OS, and is freely available.

Apex: extending Android permission model and enforcement with user-defined runtime constraints

A policy enforcement framework for Android that allows a user to selectively grant permissions to applications as well as impose constraints on the usage of resources and an extended package installer that allows the user to set these constraints through an easy-to-use interface is presented.

These aren't the droids you're looking for: retrofitting android to protect data from imperious applications

Two privacy controls for Android smartphones that empower users to run permission-hungry applications while protecting private data from being exfiltrated are examined, finding that they can successfully reduce the effective permissions of the application without causing side effects for 66% of the tested applications.

Why eve and mallory love android: an analysis of android SSL (in)security

An analysis of 13,500 popular free apps downloaded from Google's Play Market revealed that 1,074 (8.0%) of the apps examined contain SSL/TLS code that is potentially vulnerable to MITM attacks, and MalloDroid is introduced, a tool to detect potential vulnerability againstMITM attacks.

Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets

A permissionbased behavioral footprinting scheme to detect new samples of known Android malware families and a heuristics-based filtering scheme to identify certain inherent behaviors of unknown malicious families are proposed.