TY - GEN
T1 - NaCLDroid
T2 - 21st European Symposium on Research in Computer Security, ESORICS 2016
AU - Athanasopoulos, Ilias
AU - Kemerlis, Vasileios P.
AU - Portokalidis, Georgios
AU - Keromytis, Angelos D.
PY - 2016
Y1 - 2016
N2 - Android apps frequently incorporate third-party libraries that contain native code; this not only facilitates rapid application development and distribution, but also provides new ways to generate revenue. As a matter of fact, one in two apps in Google Play are linked with a library providing ad network services. However, linking applications with third-party code can have severe security implications: malicious libraries written in native code can exfiltrate sensitive information from a running app, or completely modify the execution runtime, since all native code is mapped inside the same address space with the execution environment, namely the Dalvik/ART VM. We propose NaClDroid, a framework that addresses these problems, while still allowing apps to include third-party code. NaClDroidprevents malicious native-code libraries from hijacking Android applications using Software Fault Isolation. More specifically, we place all native code in a Native Client sandbox that prevents unconstrained reads, or writes, inside the process address space. NaClDroidhas little overhead; for native code running inside the NaCl sandbox the slowdown is less than 10% on average.
AB - Android apps frequently incorporate third-party libraries that contain native code; this not only facilitates rapid application development and distribution, but also provides new ways to generate revenue. As a matter of fact, one in two apps in Google Play are linked with a library providing ad network services. However, linking applications with third-party code can have severe security implications: malicious libraries written in native code can exfiltrate sensitive information from a running app, or completely modify the execution runtime, since all native code is mapped inside the same address space with the execution environment, namely the Dalvik/ART VM. We propose NaClDroid, a framework that addresses these problems, while still allowing apps to include third-party code. NaClDroidprevents malicious native-code libraries from hijacking Android applications using Software Fault Isolation. More specifically, we place all native code in a Native Client sandbox that prevents unconstrained reads, or writes, inside the process address space. NaClDroidhas little overhead; for native code running inside the NaCl sandbox the slowdown is less than 10% on average.
KW - Android
KW - NaCl
KW - SFI
UR - http://www.scopus.com/inward/record.url?scp=84990030103&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84990030103&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-45744-4_21
DO - 10.1007/978-3-319-45744-4_21
M3 - Conference contribution
AN - SCOPUS:84990030103
SN - 9783319457437
VL - 9878 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 422
EP - 439
BT - Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
PB - Springer/Verlag
Y2 - 26 September 2016 through 30 September 2016
ER -