POSTER: The ART of App Compartmentalization
| Title | POSTER: The ART of App Compartmentalization |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Backes, Michael, Bugiel, Sven, Huang, Jie, Schranz, Oliver |
| Conference Name | Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4139-4 |
| Keywords | advertising libraries, android runtime(art), app compartmentalization, privilege isolation, pubcrawl170201 |
| Abstract | On Android, advertising libraries are commonly integrated with their host apps. Since the host and advertising components share the application's sandbox, advertisement code inherits all permissions and can access host resources with no further approval needed. Motivated by the privacy risks of advertisement libraries as already shown in the literature, this poster introduces an Android Runtime (ART) based app compartmentalization mechanism to achieve separation between trusted app code and untrusted library code without system modification and application rewriting. With our approach, advertising libraries will be isolated from the host app and the original app will be partitioned into two sub-apps that run independently, with the host app's resources and permissions being protected by Android's app sandboxing mechanism. ARTist [1], a compiler-based Android app instrumentation framework, is utilized here to recreate the communication channels between host and advertisement library. The result is a robust toolchain on device which provides a clean separation of developer-written app code and third-party advertisement code, allowing for finer-grained access control policies and information flow control without OS customization and application rebuilding. |
| URL | http://doi.acm.org/10.1145/2976749.2989056 |
| DOI | 10.1145/2976749.2989056 |
| Citation Key | backes_poster:_2016 |