Android MRI Interpreter: Taking Pictures of App Code for Vulnerability Analysis

Explore an innovative approach to Android app security analysis through a conference talk on the development of an Android MRI Interpreter. Dive into the creation of a new OS based on Android 12 that performs MRI-like functions on app code, allowing for non-invasive vulnerability detection. Learn about the three key components developed: a custom MRI interpreter for inspecting Dalvik instructions and register values, modifications to the Android Runtime (ART) to ensure all code passes through the interpreter, and a new Android kernel designed to bypass Runtime Application Self-Protection (RASP) techniques. Gain insights from SungHyoun Song, a principal security researcher, on how this technology can revolutionize mobile app security analysis and vulnerability discovery.