Enforcing Java Run-Time Properties Using Bytecode Rewriting

Authors

Algis Rudys
Dan S. Wallach

Abstract

Bytecode rewriting is a portable way of altering Java's behavior by changing Java classes themselves as they are loaded. This mechanism allows us to modify the semantics of Java while making no changes to the Java virtual machine itself. While this gives us portability and power, there are numerous pitfalls, mostly stemming from the limitations imposed upon Java bytecode by the Java virtual machine. We reflect on our experience building three security systems with bytecode rewriting, presenting observations on where we succeeded and failed, as well as observing areas where future JVMs might present improved interfaces to Java bytecode rewriting systems.

Published

International Symposium on Software Security (Tokyo, Japan), November 2002.

Text

PDF (94 kbytes)