Improving Android's Reliability and Security

Iulian Neamtiu
Computer Science Department, NJIT


Abstract

Android is the dominant mobile platform worldwide. Our work uses a wide range of techniques to improve Android's reliability and security. First, we will show how "software repository mining" via machine learning and statistics can reveal common classes of errors, e.g., concurrency errors, in mobile apps. We will then describe VALERA, a record-and-replay approach that helps developers and users reproduce executions hence find and fix bugs, including concurrency errors. Next, we will present a static analysis that has found a new class of errors named "resume/restart errors" in popular apps. Finally, we will describe a proactive and quantifiable approach to app security that continually changes the attack surface to defend against known and unknown attacks; our approach increases the observable time series entropy of a potential victim app by 85% on average, which makes the victim app's behavior more difficult to predict and the attacker''s job harder.