Today's Android developers tend to include numerous features to accommodate diverse user requirements, which inevitably leads to bloated apps. Yet more often than not, only a fraction of these features are frequently utilized by users, thus a bloated app costs dearly in potential vulnerabilities, expanded attack surfaces, and additional resource consumption. Especially in the event of severe security incidents, users have the need to block vulnerable functionalities immediately. Existing works have proposed various code debloating approaches for identifying and removing features of executable components. However, they typically involve static modification of files (and, for Android apps, repackaging of APKs, too), which lacks user convenience let alone undermining the security model of Android due to the compromising of public key verification and code integrity checks. This paper introduces 3DNDroid, a Dynamic Debloating approach targeting both DEX and Native methods in AnDroid apps. Using an unprivileged management app in tandem with a customized Android OS, 3DNDroid dynamically reduces unnecessary code loading during app execution based on a pre-generated debloating schema from static or dynamic analyses. It intercepts invocations of debloated bytecode methods to prevent their interpretation, compilation, and execution, while zero-filling memory spaces of debloated native methods during code loading. Evaluation demonstrates 3DNDroid's ability to debloat 187 DEX methods and 30 native methods across 55 real-world apps, removing over 10K Return-Oriented Programming (ROP) gadgets. Case studies confirm its effectiveness in mitigating vulnerabilities, and performance assessments highlight its resource-saving advantages over non-debloated apps.
翻译:当今Android开发者倾向于集成众多功能以满足多样化的用户需求,这不可避免地导致应用臃肿。然而用户实际频繁使用的功能往往只占其中一小部分,臃肿的应用会带来潜在漏洞、扩大攻击面并增加资源消耗等显著代价。尤其在发生严重安全事件时,用户需要立即禁用存在漏洞的功能模块。现有研究已提出多种代码精简方案,用于识别并移除可执行组件的冗余功能。然而,这些方案通常涉及对文件进行静态修改(对于Android应用还需重新打包APK),不仅缺乏用户便利性,更因破坏公钥验证与代码完整性检查而损害Android安全模型。本文提出3DNDroid——一种针对Android应用中DEX与原生方法的动态精简方案。通过结合无权限管理应用与定制化Android操作系统,3DNDroid基于静态或动态分析生成的精简方案,在应用运行时动态减少不必要的代码加载。该方案通过拦截精简字节码方法的调用来阻止其解释、编译与执行,同时在代码加载阶段对精简原生方法的内存空间进行零填充。实验评估表明,3DNDroid能在55个真实应用中成功精简187个DEX方法与30个原生方法,消除超过1万个面向返回编程(ROP)攻击链片段。案例研究证实了该方案在漏洞缓解方面的有效性,性能评估则凸显了其相较于未精简应用在资源节约方面的优势。