Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Software Security

ISSS 2002: Software Security — Theories and Systems pp 185–200Cite as

Enforcing Java Run-Time Properties Using Bytecode Rewriting

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2609))

Abstract

Bytecode rewriting is a portable way of altering Java’s behavior by changing Java classes themselves as they are loaded. This mechanism allows us to modify the semantics of Java while making no changes to the Java virtual machine itself. While this gives us portability and power, there are numerous pitfalls, mostly stemming from the limitations imposed upon Java bytecode by the Java virtual machine. We reflect on our experience building three security systems with bytecode rewriting, presenting observations on where we succeeded and failed, as well as observing areas where future JVMs might present improved interfaces to Java bytecode rewriting systems.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. Addison-Wesley, Reading, Massachusetts (1996)

    Google Scholar 

  2. Wallach, D.S., Felten, E.W., Appel, A.W.: The security architecture formerly known as stack inspection: A security mechanism for language-based systems. ACM Transactions on Software Engineering and Methodology 9 (2000) 341–378

    Article  Google Scholar 

  3. Rudys, A., Wallach, D.S.: Termination in language-based systems. ACM Transactions on Information and System Security 5 (2002) 138–168

    Article  Google Scholar 

  4. Rudys, A., Wallach, D.S.: Transactional rollback for language-based systems. In: Proceedings of the 2002 International Conference on Dependable Systems and Networks,Washington, DC (2002)

    Google Scholar 

  5. Pandey, R., Hashii, B.: Providing fine-grained access control for Java programs. In Guerraoui, R., ed.: 13th Conference on Object-Oriented Programming (ECOOP’99). Number 1628 in Lecture Notes in Computer Science, Lisbon, Portugal, Springer-Verlag (1999)

    Google Scholar 

  6. Erlingsson, U., Schneider, F.B.: IRM enforcement of Java stack inspection. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, Berkeley, California (2000) 246–255

    Google Scholar 

  7. Chander, A., Mitchell, J.C., Shin, I.: Mobile code security by Java bytecode instrumentation. In: 2001DARPAInformation Survivability Conferenceamp;Exposition (DISCEX II),Anaheim, CA, USA (2001)

    Google Scholar 

  8. Hawblitzel, C., Chang, C.C., Czajkowski, G., Hu, D., von Eicken, T.: Implementing multiple protection domains in Java. In: USENIX Annual Technical Conference, New Orleans, Louisiana, USENIX (1998)

    Google Scholar 

  9. Binder, W.: Design and implementation of the J-SEAL2 mobile agent kernel. In: 2001 Symposium on Applications and the Internet, San Diego, CA, USA (2001)

    Google Scholar 

  10. Czajkowski, G., von Eicken, T.: JRes:A resource accounting interface for Java. In: Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, Vancouver, British Columbia (1998) 21–35

    Google Scholar 

  11. Clausen, L.R.: A Java bytecode optimizer using side-effect analysis. Concurrency: Practice and Experience 9 (1997) 1031–1045

    Article  Google Scholar 

  12. Nystrom, N.J.: Bytecode level analysis and optimization of Java classes. Master’s thesis, Purdue University (1998)

    Google Scholar 

  13. Cytron, R., Ferrante, J., Rosen, B.K., Wegman, M.N., Zadeck, F.K.: Efficiently computing static single assignment form and the control dependence graph. ACM Transactions on Programming Languages and Systems 13 (1991) 451–490

    Article  Google Scholar 

  14. Lee, H.B., Zorn, B.G.: BIT:Atool for instrumenting java bytecodes. In: USENIX Symposium on Internet Technologies and Systems, Monterey, California, USA (1997)

    Google Scholar 

  15. Cohen, G., Chase, J., Kaminsky, D.: Automatic program transformation with JOIE. In: Proceedings of the 1998 Usenix Annual Technical Symposium, New Orleans, Louisiana (1998) 167–178

    Google Scholar 

  16. Vallée-Rai, R., Hendren, L., Sundaresan, V., Lam, P., Gagnon, E., Co, P: Soot-a Java bytecode optimization framework. In: Proceedings of CASCON 1999, Mississauga, Ontario, Canada (1999) 125–135

    Google Scholar 

  17. Sakamoto, T., Sekiguchi, T., Yonezawa, A.: Bytecode transformation for portable thread migration in Java. In: Proceedings of the Joint Symposium on Agent Systems and Applications / Mobile Agents (ASA/MA). (2000) 16–28

    Google Scholar 

  18. Marquez, A., Zigman, J.N., Blackburn, S.M.: A fast portable orthogonally persistent Java. Software: Practice and Experience Special Issue: Persistent Object Systems 30 (2000) 449–479

    MATH  Google Scholar 

  19. Welch, I., Stroud, R.: Kava-a reflective Java based on bytecode rewriting. In: Lecture Notes in Computer Science 1826. Springer-Verlag (2000)

    Google Scholar 

  20. Deutsch, P., Grant, C.A.: A flexible measurement tool for software systems. In: Information Processing 71: Proceedings of the IFIP Congress. Volume 1., Ljubljana,Yugoslavia (1971)

    Google Scholar 

  21. Gong, L.: Inside Java 2 Platform Security: Architecture, API Design, and Implementation. Addison-Wesley, Reading, Massachusetts (1999)

    Google Scholar 

  22. NaturalBridge, LLC: BulletTrain Java Compiler. (1998) http://www.naturalbridge.-com.

  23. Gosling, J., Joy, B., Steele, G.: The Java Language Specification. Addison-Wesley, Reading, Massachusetts (1996)

    MATH  Google Scholar 

  24. Alpern, B., Attanasio, C.R., Barton, J.J., Burke, M.G., Cheng, P., Choi, J.D., Cocchi, A., Fink, S.J., Grove, D., Hind, M., Hummel, S.F., Lieber, D., Litvinov, V., Mergen, M.F., Ngo, T., Russell, J.R., Sarkar, V., Serrano, M.J., Shepherd, J.C., Smith, S.E., Sreedhar, V.C., Srinivasan, H., Whaley, J.: The Jalapeño virtual machine. IBM System Journal 39 (2000)

    Google Scholar 

  25. Price, D., Rudys, A., Wallach, D.S.: Garbage collector memory accounting in language-based systems. Technical Report TR02-407, Department of Computer Science, Rice University, Houston, TX (2002)

    Google Scholar 

  26. Blackburn, S.M., Singhai, S., Hertz, M., McKinley, K.S., Moss, J.E.B.: Pretenuring for Java. In: OOPSLA 2001: Conference on Object-Oriented Programming Systems, Languages, and Applications. Volume 36 of ACM SIGPLAN Notices., Tampa Bay, Florida (2001) 342–352

    Google Scholar 

  27. Dean, J., Grove, D., Chambers, C.: Optimization of object-oriented programs using static class hierarchy analysis. In: Proceedings of the European Conference on Object-Oriented Programming (ECOOP’ 95), Århus, Denmark (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Rice University, 77005, Houston, TX, USA

    Algis Rudys & Dan S. Wallach

Authors
  1. Algis Rudys
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dan S. Wallach
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Keio University, 2-15-45 Mita, Minatoku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  2. University of Pennsylvania, 200 South 33rd St., 19104, Philadelphia, PA, USA

    Benjamin C. Pierce

  3. University of Pennsylvania, 209 South 33rd St., 19104-6395, Philadelphia, PA, USA

    Andre Scedrov

  4. Keio University, 5322 Endoh, 252-8520, Fujisawa, Japan

    Hideyuki Tokuda

  5. University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113, Tokyo, Japan

    Akinori Yonezawa

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rudys, A., Wallach, D.S. (2003). Enforcing Java Run-Time Properties Using Bytecode Rewriting. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_12

Download citation

  • DOI: https://doi.org/10.1007/3-540-36532-X_12

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00708-1

  • Online ISBN: 978-3-540-36532-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation