In-Vivo Bytecode Instrumentation for Improving Privacy on Android Smartphones in Uncertain Environments
This addresses privacy concerns for Android users by allowing direct on-device monitoring, though it is incremental as it builds on existing bytecode instrumentation techniques.
The paper tackles the problem of improving privacy for Android applications by proposing a tool chain for in-vivo bytecode instrumentation on smartphones, enabling runtime monitoring with reasonable time and effort, as demonstrated through prototypes like BetterPermissions and AdRemover.
In this paper we claim that an efficient and readily applicable means to improve privacy of Android applications is: 1) to perform runtime monitoring by instrumenting the application bytecode and 2) in-vivo, i.e. directly on the smartphone. We present a tool chain to do this and present experimental results showing that this tool chain can run on smartphones in a reasonable amount of time and with a realistic effort. Our findings also identify challenges to be addressed before running powerful runtime monitoring and instrumentations directly on smartphones. We implemented two use-cases leveraging the tool chain: BetterPermissions, a fine-grained user centric permission policy system and AdRemover an advertisement remover. Both prototypes improve the privacy of Android systems thanks to in-vivo bytecode instrumentation.