Samit Anwer
Aniya Aggarwal
Vinayak Naik
ABSTRACT
Each Android application runs in its own virtual machine, with its own Linux user account and corresponding permissions. Although this ensures that permissions are given as per each application's requirements, each permission itself is still broad enough to possible exploitation. Such an exploitation may result in over consumption of phone's resources, in terms of processing, battery, and communication bandwidth. In this paper, we propose a tool, called Chiromancer, for the developers and phone users to control application's permissions at a fine granularity and to tune the application's resource consumption to their satisfaction. The framework is based on static code analysis and code injection. It takes in compiled code and so does not require access to source code of the application. As a case study, we passed publicly available applications from Google Play through Chiromancer to fine tune their performance. We compared energy and data consumed by these applications before and after the code injection to corroborate our claims of improvement in performance. We observed substantial improvements.
- Admob - monetize and promote your mobile apps with ads - google ads. http://www.google.co.in/ads/admob/.Google Scholar
- Android Apps, Download APK. http://www.appsapk.com/.Google Scholar
- Google Play. https://play.google.com/store.Google Scholar
- Number of available Android applications - AppBrain. http://www.appbrain.com/stats/ number-of-android-apps.Google Scholar
- Package Index - Android Developers. http:// developer.android.com/reference/packages.html.Google Scholar
- Soot: a Java Optimization Framework. http://www.sable.mcgill.ca/soot/.Google Scholar
- S. Arzt, S. Rasthofer, and E. Bodden. Instrumenting Android and Java Applications as Easy as abc. In RV, pages 364–381, 2013.Google Scholar
- A. Bartel, J. Klein, M. Monperrus, K. Allix, and Y. L. Traon. Improving Privacy on Android Smartphones Through In-Vivo bytecode instrumentation. CoRR, abs/1208.4536, 2012.Google Scholar
- A. Bartel, J. Klein, M. Monperrus, and Y. Le Traon. Dexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot. In Proceedings of the International Workshop on the State Of the Art in Java Program Analysis (SOAP’2012), 2012. Google ScholarDigital Library
- I. D. Corporation. Worldwide Quarterly Mobile Phone Tracker. http://www.idc.com/tracker/ showproductinfo.jsp?prod_id=37.Google Scholar
- Eclipse. The AspectJ Project. https://www.eclipse.org/aspectj/.Google Scholar
Index Terms
- Chiromancer: a tool for boosting Android application performance
Recommendations
On adopting linters to deal with performance concerns in Android apps
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software EngineeringWith millions of applications (apps) distributed through mobile markets, engaging and retaining end-users challenge Android developers to deliver a nearly perfect user experience. As mobile apps run in resource-limited devices, performance is a critical ...
HybriDroid: static analysis framework for Android hybrid applications
ASE '16: Proceedings of the 31st IEEE/ACM International Conference on Automated Software EngineeringMobile applications (apps) have long invaded the realm of desktop apps, and hybrid apps become a promising solution for supporting multiple mobile platforms. Providing both platform-specific functionalities via native code like native apps and user ...
Automatically securing permission-based software by reducing the attack surface: an application to Android
ASE '12: Proceedings of the 27th IEEE/ACM International Conference on Automated Software EngineeringIn the permission-based security model (used e.g. in Android and Blackberry), applications can be granted more permissions than they actually need, what we call a “permission gap”. Malware can leverage the unused permissions for achieving their ...
Comments