Policy Enforcement with Proactive Libraries
Oliviero Riganelli, Daniela Micucci, and Leonardo Mariani

TL;DR
This paper introduces proactive libraries that enhance traditional libraries with runtime detection and healing of API misuse, demonstrated effectively within the Android ecosystem with minimal overhead.
Contribution
It presents the novel concept of proactive libraries capable of detecting and healing API misuses at runtime without modifying original libraries or application code.
Findings
Proactive libraries can automatically detect API misuse.
They can heal misuses at runtime with minimal performance overhead.
Effective in Android for resource management issues.
Abstract
Software libraries implement APIs that deliver reusable functionalities. To correctly use these functionalities, software applications must satisfy certain correctness policies, for instance policies about the order some API methods can be invoked and about the values that can be used for the parameters. If these policies are violated, applications may produce misbehaviors and failures at runtime. Although this problem is general, applications that incorrectly use API methods are more frequent in certain contexts. For instance, Android provides a rich and rapidly evolving set of APIs that might be used incorrectly by app developers who often implement and publish faulty apps in the marketplaces. To mitigate this problem, we introduce the novel notion of proactive library, which augments classic libraries with the capability of proactively detecting and healing misuses at run- time.…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
See pages 1-last of main.pdf
