Abstract
Runtime verification (RV) covering the whole Android system is challenging, due to the lack of support for analyzing and monitoring events across multiple processes. Existing RV frameworks for Android, which are often built on top of RV tools for Java, only support single-process monitoring. In this paper, we describe an RV framework for Android, capable of performing RV across multiple Android components in different processes by capturing inter-process-communication events. Our approach features an extended regular expression formalism, allowing one to specify RV properties to describe event patterns across processes. We illustrate the use of our framework by detecting nested indirect service use through proxy processes, which is not possible with prevailing RV tools on Android.
A. Villazón—Visiting researcher at Università della Svizzera italiana (USI)
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – enforcing user requirements on Android apps. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36742-7_39
Bosu, A., Liu, F., Yao, D.D., Wang, G.: Collusive data leak and more: large-scale threat analysis of inter-app communications. In: ASIA CCS, pp. 71–85 (2017)
Colombo, C., Pace, G.J., Schneider, G.: LARVA–safer monitoring of real-time Java programs (tool paper). In: SEFM, pp. 33–37 (2009)
Daian, P., et al.: RV-Android: efficient parametric android runtime verification, a brief tutorial. In: Bartocci, E., Majumdar, R. (eds.) RV 2015. LNCS, vol. 9333, pp. 342–357. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23820-3_24
Falcone, Y., Currea, S., Jaber, M.: Runtime verification and enforcement for android applications with RV-Droid. In: Qadeer, S., Tasiran, S. (eds.) RV 2012. LNCS, vol. 7687, pp. 88–95. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35632-2_11
Jin, D., Meredith, P.O.N., Lee, C., Roşu, G.: JavaMOP: efficient parametric runtime monitoring framework. In: ICSE, pp. 1427–1430 (2012)
Kim, M., Kannan, S., Lee, I., Sokolsky, O., Viswanathan, M.: Java-MaC. ENTCS 55(2), 218–235 (2001)
Küster, J.-C., Bauer, A.: Monitoring real android malware. In: Bartocci, E., Majumdar, R. (eds.) RV 2015. LNCS, vol. 9333, pp. 136–152. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23820-3_9
Marek, L., Villazón, A., Zheng, Y., Ansaloni, D., Binder, W., Qi, Z.: DiSL: a domain-specific language for bytecode instrumentation. In: AOSD, pp. 239–250 (2012)
Reger, G., Cruz, H.C., Rydeheard, D.: MarQ: monitoring at runtime with QEA. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 596–610. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46681-0_55
Sun, H., North, A., Binder, W.: Multi-process runtime verification for android. In: APSEC, pp. 701–706 (2017)
Sun, H., Rosà, A., Javed, O., Binder, W.: ADRENALIN-RV: android runtime verification using load-time weaving. In: ICST, pp. 532–539 (2017)
Xiang, C., Qi, Z., Binder, W.: Flexible and extensible runtime verification for Java (Extended Version). Int. J. Softw. Eng. Knowl. Eng. 25, 1595–1609 (2015)
Acknowledgments
The work presented in this paper has been supported by Swiss National Science Foundation (scientific exchange project IZSEZ0_177215) and by Hasler Foundation (project 18012). The research was conducted while A. Villazón was with Università della Svizzera italiana.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Villazón, A., Sun, H., Binder, W. (2018). Capturing Inter-process Communication for Runtime Verification on Android. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice. ISoLA 2018. Lecture Notes in Computer Science(), vol 11247. Springer, Cham. https://doi.org/10.1007/978-3-030-03427-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-03427-6_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03426-9
Online ISBN: 978-3-030-03427-6
eBook Packages: Computer ScienceComputer Science (R0)