Android applications are executed on smartphones equipped with a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively affected. For example, apps must properly acquire, use, and release microphones, cameras, and other multimedia devices otherwise the behaviour of the apps that use the same resources might be compromised.Unfortunately, several apps do not use resources correctly, for instance due to faults and inaccurate design decisions. By interacting with these apps users may experience unexpected behaviours, which in turn may cause instability and sporadic failures, especially when resources are accessed.In this paper, we present an approach that lets users protect their environment from the apps that use resources improperly by enforcing the correct usage protocol. This is achieved by using software enforcers that can observe executions and change them when necessary. For instance, enforcers can detect that a resource has been acquired but not released, and automatically perform the release operation, thus giving the possibility to use that same resource to the other apps.The main idea is that software libraries, in particular the ones controlling access to resources, can be augmented with enforcers that can be activated and deactivated on demand by users to protect their environment from unwanted app behaviours. We call the software libraries augmented with one or more enforcers proactive libraries because the activation of the enforcer decorates the library with proactive behaviours that can guarantee the correctness of the execution despite the invocation of the operations implemented by the library. For example, enforcers can detect that a resource has not been released on time and proactively release it.Our experimental results with 27 possible misuses of resources in real Android apps reveal that proactive libraries are able to effectively correct library misuses with negligible runtime overheads.
Controlling Interactions with Libraries in Android Apps Through Runtime Enforcement • :3to fix a detected problem). For example, when the onStop() callback is generated, the enforcer associated with the library for audio recording is triggered to check if the microphone has been released. If not, the enforcer may force the release of the microphone, and automatically reassign it to the activity once the activity becomes visible to the user again.Since a regular library does not need to be modified to be turned into a proactive library, enforcers can be easily added to existing libraries, without the need of designing libraries as proactive libraries from the very beginning. This eases the incremental adoption of the technology. Moreover, any party may contribute to the definition of the enforcers for a given library and not only the developers of the library. This aspect may facilitate the proliferation of the enforcers. App developers can keep using the usual testing and analysis methods ...