NaCLDroid: Native code isolation for android applications

Ilias Athanasopoulos, Vasileios P. Kemerlis, Georgios Portokalidis, Angelos D. Keromytis

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review


Android apps frequently incorporate third-party libraries that contain native code; this not only facilitates rapid application development and distribution, but also provides new ways to generate revenue. As a matter of fact, one in two apps in Google Play are linked with a library providing ad network services. However, linking applications with third-party code can have severe security implications: malicious libraries written in native code can exfiltrate sensitive information from a running app, or completely modify the execution runtime, since all native code is mapped inside the same address space with the execution environment, namely the Dalvik/ART VM. We propose NaClDroid, a framework that addresses these problems, while still allowing apps to include third-party code. NaClDroidprevents malicious native-code libraries from hijacking Android applications using Software Fault Isolation. More specifically, we place all native code in a Native Client sandbox that prevents unconstrained reads, or writes, inside the process address space. NaClDroidhas little overhead; for native code running inside the NaCl sandbox the slowdown is less than 10% on average.

Original languageEnglish
Title of host publicationComputer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
Number of pages18
Volume9878 LNCS
ISBN (Print)9783319457437
Publication statusPublished - 2016
Event21st European Symposium on Research in Computer Security, ESORICS 2016 - Heraklion, Greece
Duration: 26 Sept 201630 Sept 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9878 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349


Conference21st European Symposium on Research in Computer Security, ESORICS 2016


  • Android
  • NaCl
  • SFI


Dive into the research topics of 'NaCLDroid: Native code isolation for android applications'. Together they form a unique fingerprint.

Cite this