Hello David, Thank you very much for your extremely helpful advice. I appreciate it very much.
Fal On Sep 16, 4:15 am, David Herges <[email protected]> wrote: > Hi, can't give you answers for all questions, but from what I know: > > 2. I must create a service component running in the background.> This > must periodically poll every running App and compare its function > > call flow against my rule set RDB. > > > Ouh...don't think so. The Android maxime is a bit of "all applications are > > equal" and I can't imagine how an application could be capable of reading > another application's programmatic control flow; would basically need to > analyse the DVM call stack?! But the VMs are sandboxed from each other...so > even if it was possible in theory, android's security architecture would not > allow this. > > > 3. Can I achieve all this with just the Android SDK? Or will I > > have to use the Android NDK as well? I don't want to use the NDK > > unless I have to. > > > I doubt that it is possible by any kind of monitoring application. > > Probably, you need to modify the framework itself. But I don't know exactly. > > > 4. I went through the very helpful tutorial "Understanding > > Android's Security Framework" by William Enck and Patrick McDaniel. > > Is this a new Framework introduced into the Android Libraries layer? > > > That's just a description how Android's security architecture works. > > There's also some papers from Shabtai et al. that focus on Android's > security model. > > Cheers, > David -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
