Enforcing Java Run-Time Properties Using Bytecode Rewriting

Algis Rudys
Dan S. Wallach
Bytecode rewriting is a portable way of altering Java's behavior by changing Java classes themselves as they are loaded. This mechanism allows us to modify the semantics of Java while making no changes to the Java virtual machine itself. While this gives us portability and power, there are numerous pitfalls, mostly stemming from the limitations imposed upon Java bytecode by the Java virtual machine. We reflect on our experience building three security systems with bytecode rewriting, presenting observations on where we succeeded and failed, as well as observing areas where future JVMs might present improved interfaces to Java bytecode rewriting systems.
International Symposium on Software Security (Tokyo, Japan), November 2002.
PDF (94 kbytes)

Dan Wallach, CS Department, Rice University
Last modified: Mon 10-Feb-2003 15:32