当前位置: X-MOL 学术ACM Trans. Auton. Adapt. Syst. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Controlling Interactions with Libraries in Android Apps Through Runtime Enforcement
ACM Transactions on Autonomous and Adaptive Systems ( IF 2.7 ) Pub Date : 2019-12-09 , DOI: 10.1145/3368087
Oliviero Riganelli 1 , Daniela Micucci 1 , Leonardo Mariani 1
Affiliation  

Android applications are executed on smartphones equipped with a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively affected. For example, apps must properly acquire, use, and release microphones, cameras, and other multimedia devices, otherwise the behavior of the apps that use the same resources might be compromised. Unfortunately, several apps do not use resources correctly, for instance, due to faults and inaccurate design decisions. By interacting with these apps, users may experience unexpected behaviors, which in turn may cause instability and sporadic failures, especially when resources are accessed. In this article, we present an approach that lets users protect their environment from the apps that use resources improperly by enforcing the correct usage protocol. This is achieved by using software enforcers that can observe executions and change them when necessary. For instance, enforcers can detect that a resource has been acquired but not released and automatically perform the release operation, thus giving the possibility to use that same resource to the other apps. The main idea is that software libraries, in particular, the ones controlling access to resources, can be augmented with enforcers that can be activated and deactivated on demand by users to protect their environment from unwanted app behaviors. We call the software libraries augmented with one or more enforcers proactive libraries , because the activation of the enforcer decorates the library with proactive behaviors that can guarantee the correctness of the execution despite the invocation of the operations implemented by the library. For example, enforcers can detect that a resource has not been released on time and proactively release it. Our experimental results with 27 possible misuses of resources in real Android apps reveal that proactive libraries are able to effectively correct library misuses with negligible runtime overheads.

中文翻译:

通过运行时强制控制与 Android 应用程序中的库的交互

Android 应用程序在配备各种资源的智能手机上执行,必须正确访问和控制这些资源,否则可能会对执行的正确性和整个环境的稳定性产生负面影响。例如,应用程序必须正确获取、使用和释放麦克风、摄像头和其他多媒体设备,否则使用相同资源的应用程序的行为可能会受到影响。不幸的是,一些应用程序不能正确使用资源,例如,由于错误和不准确的设计决策。通过与这些应用程序交互,用户可能会遇到意想不到的行为,进而可能导致不稳定和偶发性故障,尤其是在访问资源时。在本文中,我们提出了一种让用户保护通过强制执行正确的使用协议来不正确地使用资源的应用程序的环境。这是通过使用软件执行者可以观察处决并在必要时更改它们。例如,enforcer 可以检测到资源已被获取但未释放,并自动执行释放操作,从而为其他应用程序使用相同的资源提供了可能性。主要思想是软件库,特别是控制资源访问的软件库,可以通过用户按需激活和停用的强制执行器来增强,以保护他们的环境免受不需要的应用程序行为的影响。我们称这些软件库增加了一个或多个实施者主动图书馆, 因为执行器的激活用主动行为尽管调用了库实现的操作,但可以保证执行的正确性。例如,执法者可以检测到资源没有按时释放并主动释放它。我们对真实 Android 应用程序中 27 种可能的资源滥用的实验结果表明,主动库能够有效地纠正库滥用,而运行时开销可以忽略不计。
更新日期:2019-12-09
down
wechat
bug