Mobile applications are monitored for performance check or tested for error correctness in respect of particular security properties. The more sensitive the information such as credit card, personal medical and private information processed by mobile app, the more important to observe and check the flow of the information during mobile app execution. Monitoring untrusted mobile app to verify there is no information flow during the runtime of mobile app in an environment, where critical information are existed, are very difficult. This paper concerned with the observation of information flow of untrusted mobile app at runtime. The paper presents first part (Observe points) of framework called observing untrusted app execution to control information flow with the aim of supporting user interaction to change app behaviour. This paper presents all necessary instrumentation algorithms of Java bytecode and discusses the prototype implementation of new bytecode instrumentation mechanism for observing information flow during runtime.
- Information flow
- Java bytecode
- Mobile apps
ASJC Scopus subject areas
- Electrical and Electronic Engineering
- Computer Networks and Communications
- Safety, Risk, Reliability and Quality