manager (ASM), we are able to not only apply policies
at the individual application level but across multiple ap-
plications simultaneously. This allows us to effectively
orchestrate the execution of various applications on the
device and mediate their access to critical resources and
user’s private data. This allows us to also detect attempts
by multiple applications to collaborate and implement a
malicious logic. With its overall low overhead and high
repackaging success rate, it is possible to imagine Aura-
sium implementing an effective isolation and separation
at the application layer without the need of complex vir-
tualization technology.
Even though Aurasium currently only treats applica-
tions as black boxes and focuses on its external behav-
ior, the idea of enforcing policy at per-application level
by repackaging applications to attach side-by-side moni-
toring code is very powerful. By carefully instrumenting
the application’s Dalvik VM instance on the fly, it is even
possible to apply more advanced dynamic analysis such
as information flow and taint analysis, and we leave this
as a possible direction of future work. We also plan on
expanding our investigation of the potential threat mod-
els against Aurasium and provide practical ways to mit-
igate them, especially in the case of executing untrusted
native code.
7 Acknowledgments
This material is based on work supported by the Army
Research Office under Cyber-TA Grant No. W911NF-
06-1-0316 and by the National Science Foundation Grant
No. CNS-0716612.
References
[1] Android apktool: A tool for reengineering Android apk files.
code.google.com/p/android-apktool/.
[2] Android.OS/Fakeplayer. www.f-secure.com/v-
descs/trojan\_androidos\_fakeplayer\_a.shtml.
[3] Android.OS/NickiSpy. www.maikmorgenstern.de/
wordpress/?tag=androidnickispy.
[4] Bothunter community threat intelligence feed.
http://www.bothunter.net.
[5] dex2jar: A tool for converting Android’s .dex format to Java’s
.class format. code.google.com/p/dex2jar/.
[6] OpenBinder. www.angryredplanet.com/
~
hackbod/
openbinder/docs/html/.
[7] smali: An assembler/disassembler for Android’s dex format.
code.google.com/p/smali/.
[8] UI/Application exerciser Monkey. developer.android.com/
guide/developing/tools/monkey.html.
[9] In U.S. market, new smartphone buyers increasingly embrac-
ing Android. blog.nielsen.com/nielsenwire/online_
mobile/, sep 2011.
[10] ANDROID OPEN SOURCE PROJECT. Platform versions.
developer.android.com/resources/dashboard/
platform-versions.html.
[11] ANDRUS, J., DALL, C., HOF, A. V., LAADAN, O., AND NIEH,
J. Cells: a virtual mobile smartphone architecture. In Pro-
ceedings of the Twenty-Third ACM Symposium on Operating Sys-
tems Principles (New York, NY, USA, 2011), SOSP ’11, ACM,
pp. 173–187.
[12] BL
¨
ASING, T., SCHMIDT, A.-D., BATYUK, L., CAMTEPE,
S. A., AND ALBAYRAK, S. An Android application sand-
box system for suspicious software detection. In 5th Interna-
tional Conference on Malicious and Unwanted Software (MAL-
WARE’2010) (Nancy, France, France, 2010).
[13] BURGUERA, I., ZURUTUZA, U., AND NADJM-TEHRANI, S.
Crowdroid: behavior-based malware detection system for An-
droid. In Proceedings of the 1st ACM Workshop on Security
and Privacy in Smartphones and Mobile devices (New York, NY,
USA, 2011), SPSM ’11, ACM, pp. 15–26.
[14] CHIN, E., FELT, A. P., GREENWOOD, K., AND WAGNER, D.
Analyzing inter-application communication in Android. In Pro-
ceedings of the 9th International Conference on Mobile Systems,
Applications, and Services (New York, NY, USA, 2011), Mo-
biSys ’11, ACM, pp. 239–252.
[15] CONTI, M., NGUYEN, V. T. N., AND CRISPO, B. Crepe:
context-related policy enforcement for Android. In Proceed-
ings of the 13th International Conference on Information Security
(Berlin, Heidelberg, 2011), ISC’10, Springer-Verlag, pp. 331–
345.
[16] DEGUSTA, M. Android orphans: Visualizing a sad history of
support. theunderstatement.com/post/11982112928/
android-orphans-visualizing-a-sad-history-of-
support.
[17] DIETZ, M., SHEKHAR, S., PISETSKY, Y., SHU, A., AND WAL-
LACH, D. S. Quire: lightweight provenance for smart phone
operating systems. In Proceedings of the 20th USENIX Confer-
ence on Security (Berkeley, CA, USA, 2011), SEC’11, USENIX
Association, pp. 23–23.
[18] ENCK, W. Defending users against smartphone apps: Techniques
and future directions. In Proceedings of the 7th International
Conference on Information Systems Security (Kolkata, India, dec
2011), ICISS.
[19] ENCK, W., GILBERT, P., CHUN, B.-G., COX, L. P., JUNG, J.,
MCDANIEL, P., AND SHETH, A. N. TaintDroid: an information-
flow tracking system for realtime privacy monitoring on smart-
phones. In Proceedings of the 9th USENIX Conference on Oper-
ating Systems Design and Implementation (Berkeley, CA, USA,
2010), OSDI’10, USENIX Association, pp. 1–6.
[20] ENCK, W., OCTEAU, D., MCDANIEL, P., AND CHAUDHURI,
S. A study of Android application security. In Proceedings of
the 20th USENIX conference on Security (Berkeley, CA, USA,
2011), SEC’11, USENIX Association, pp. 21–21.
[21] ENCK, W., ONGTANG, M., AND MCDANIEL, P. On lightweight
mobile phone application certification. In Proceedings of the
16th ACM Conference on Computer and Communications Secu-
rity (New York, NY, USA, 2009), CCS ’09, ACM, pp. 235–245.
[22] ENCK, W., ONGTANG, M., AND MCDANIEL, P. Understanding
Android security. IEEE Security and Privacy 7 (January 2009),
50–57.
[23] FELT, A. P., CHIN, E., HANNA, S., SONG, D., AND WAG-
NER, D. Android permissions demystified. In Proceedings of the
18th ACM Conference on Computer and Communications Secu-
rity (New York, NY, USA, 2011), CCS ’11, ACM, pp. 627–638.
13