Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2015
IEEE
2015
IEEE
Grab 'n Run: Secure and Practical Dynamic Code Loading for Android Applications
Android introduced the dynamic code loading (DCL) mechanism to allow for code reuse, to achieve extensibility, to enable updating functionalities, or to boost application startup performance. In spite of its wide adoption by developers, previous research has shown that the secure implementation of DCL-based functionality is challenging, often leading to remote code injection vulnerabilities. Unfortunately, previous attempts to address this problem by both the academic and Android developers communities are affected by either practicality or completeness issues, and, in some cases, are affected by severe vulnerabilities. In this paper, we propose, design, implement, and test Grab ’n Run, a novel code verification protocol and a series of supporting libraries, APIs, and tools, that address the by abstracting away from the developer many of the challenging implementation details. Grab ’n Run is designed to be practical: Among its tools, it provides a dropin library, which requires...
Real-time Traffic| Added | 13 Apr 2016 |
| Updated | 13 Apr 2016 |
| Type | Journal |
| Year | 2015 |
| Where | ACSAC |
| Authors | Luca Falsina, Yanick Fratantonio, Stefano Zanero, Christopher Kruegel, Giovanni Vigna, Federico Maggi |
Comments (0)
Researcher Info
|
