Main navigation | Main content
William Enck, Peter Gilbert, Byung gon Chun, Landon P. Cox, Jaeyeon
Jung, Patrick McDaniel, and Anmol Sheth. “TaintDroid: An
information-flow tracking system for realtime privacy monitoring on
smartphones”. In Operating Systems Design and Implementation
(OSDI), pages 393–407, Vancouver, BC, Canada, October 2010.
[USENIX]
Lok Kwong Yan and Heng Yin. “DroidScope: Seamlessly
reconstructing the OS and Dalvik semantic views for dynamic Android
malware analysis”. In USENIX Security Symposium,
Bellevue, WA, USA, August 2012.
[USENIX]
Question: Section 4.2 of the DroidScope paper describes how the system selectively disables the execution of JIT-compiled code that falls in an analyst-specified address region. The paper mentions that this approach is not optimal in terms of performance because the code is still recompiled, even though the compiled version will never be used. Suggest a different way of changing the logic shown in the flowchart in Figure 4, which would not have this performance issue. Despite the performance difference, why might the approach taken by DroidScope still be preferable?
Damien Octeau, Somesh Jha, and Patrick McDaniel. “Retargeting
Android applications to Java bytecode”. In Foundations of
Software Engineering (FSE), Cary, NC, USA, November 2012.
[ACM]
Android applications are written in Java, but distributed in a non-standard bytecode format that has significant differences from regular .class files. This paper is devoted to how to translate back.
Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni
Vigna. “PiOS: Detecting privacy leaks in iOS
applications”. In Network and Distributed System Security
Symposium (NDSS), pages 473–487, San Diego, CA, USA, February 2011.
[NDSS]
William Enck, Damien Octeau, Patrick McDaniel, and Swarat
Chaudhuri. “A study of Android application security”. In
USENIX Security Symposium, San Francisco, CA, USA, August 2011.
[USENIX]