Android applications are executed on smartphones equippedwith a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively affected. For example, apps must properly acquire, use, and release microphones, cameras, and other multimedia devices, otherwise the behavior of the apps that use the same resources might be compromised. Unfortunately, several apps do not use resources correctly, for instance, due to faults and inaccurate design decisions. By interacting with these apps, users may experience unexpected behaviors, which in turn may cause instability and sporadic failures, especially when resources are accessed. In this article, we present an approach that lets users protect their environment from the apps that use resources improperly by enforcing the correct usage protocol. This is achieved by using software enforcers that can observe executions and change them when necessary. For instance, enforcers can detect that a resource has been acquired but not released and automatically perform the release operation, thus giving the possibility to use that same resource to the other apps. The main idea is that software libraries, in particular, the ones controlling access to resources, can be augmented with enforcers that can be activated and deactivated on demand by users to protect their environment from unwanted app behaviors.We call the software libraries augmented with one or more enforcers proactive libraries, because the activation of the enforcer decorates the library with proactive behaviors that can guarantee the correctness of the execution despite the invocation of the operations implemented by the library. For example, enforcers can detect that a resource has not been released on time and proactively release it. Our experimental results with 27 possible misuses of resources in real Android apps reveal that proactive libraries are able to effectively correct library misuses with negligible runtime overheads.

Riganelli, O., Micucci, D., Mariani, L. (2019). Controlling interactions with libraries in android apps through runtime enforcement. ACM TRANSACTIONS ON AUTONOMOUS AND ADAPTIVE SYSTEMS, 14(2), 1-29 [10.1145/3368087].

Controlling interactions with libraries in android apps through runtime enforcement

Riganelli, O;Micucci, D;Mariani, L
2019

Abstract

Android applications are executed on smartphones equippedwith a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively affected. For example, apps must properly acquire, use, and release microphones, cameras, and other multimedia devices, otherwise the behavior of the apps that use the same resources might be compromised. Unfortunately, several apps do not use resources correctly, for instance, due to faults and inaccurate design decisions. By interacting with these apps, users may experience unexpected behaviors, which in turn may cause instability and sporadic failures, especially when resources are accessed. In this article, we present an approach that lets users protect their environment from the apps that use resources improperly by enforcing the correct usage protocol. This is achieved by using software enforcers that can observe executions and change them when necessary. For instance, enforcers can detect that a resource has been acquired but not released and automatically perform the release operation, thus giving the possibility to use that same resource to the other apps. The main idea is that software libraries, in particular, the ones controlling access to resources, can be augmented with enforcers that can be activated and deactivated on demand by users to protect their environment from unwanted app behaviors.We call the software libraries augmented with one or more enforcers proactive libraries, because the activation of the enforcer decorates the library with proactive behaviors that can guarantee the correctness of the execution despite the invocation of the operations implemented by the library. For example, enforcers can detect that a resource has not been released on time and proactively release it. Our experimental results with 27 possible misuses of resources in real Android apps reveal that proactive libraries are able to effectively correct library misuses with negligible runtime overheads.
Articolo in rivista - Articolo scientifico
Android; Policy enforcement; Proactive library; Resource leak; Resource usage; Runtime enforcement; Self-healing;
Proactive library, self-healing, Android, resource leak, resource usage, policy enforcement, runtime enforcement
English
2019
14
2
1
29
3368087
reserved
Riganelli, O., Micucci, D., Mariani, L. (2019). Controlling interactions with libraries in android apps through runtime enforcement. ACM TRANSACTIONS ON AUTONOMOUS AND ADAPTIVE SYSTEMS, 14(2), 1-29 [10.1145/3368087].
File in questo prodotto:
File Dimensione Formato  
Riganelli-2019-ACM Transact Autonom Adapt Sys-VoR.pdf

Solo gestori archivio

Descrizione: Research Article
Tipologia di allegato: Publisher’s Version (Version of Record, VoR)
Licenza: Tutti i diritti riservati
Dimensione 4.23 MB
Formato Adobe PDF
4.23 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Riganelli-2019-ACM Transact Autonom Adapt Sys-VoR.pdf

Solo gestori archivio

Descrizione: Research Article
Tipologia di allegato: Publisher’s Version (Version of Record, VoR)
Licenza: Tutti i diritti riservati
Dimensione 4.22 MB
Formato Adobe PDF
4.22 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10281/255564
Citazioni
  • Scopus 8
  • ???jsp.display-item.citation.isi??? 7
Social impact