PARAVIRT: Userland Containers for Mobile Systems
Document Type
Article
Publication Date
11-4-2025
Pages
75-80
Publisher Name
IEEE
Abstract
Modern mobile operating systems like Android and iOS enhance security by isolating applications within specialized programming languages and runtime libraries. While this approach effectively secures apps, it severely restricts their portability and maintainability due to rapidly evolving and proprietary interfaces. In this paper, we introduce PARAVIRT, a novel userland containerization framework designed to securely isolate applications within a standard runtime environment without requiring root privileges. Our empirical analysis reveals that traditional userland containerization techniques, such as User Mode Linux (UML), incur significant performance penalties for I/O-intensive operations like networking and disk access due to inefficient system call handling. To overcome these limitations, PARAVIRT utilizes an optimized paravirtualizationinspired system call interface, significantly reducing overhead. Our benchmarks show that PARAVIRT improves I/O-bound workload performance by up to 2.5× compared to UML for disk write operations, achieves 4−5.9× greater network throughput, and delivers disk write speeds that closely approach those of commercial virtualization platforms like VMware Workstation. These results position PARAVIRT as a practical solution enabling cross-platform compatibility for mobile applications without sacrificing performance or security.
Identifier
10.1109/MobileCloud66020.2025.00015
Recommended Citation
I. Ahlgren, Y. N. Silva, E. Chan-Tin, G. K. Thiruvathukal, K. I. Lee and N. Klingensmith, "PARAVIRT: Userland Containers for Mobile Systems," 2025 IEEE Intelligent Mobile Computing (MobileCloud), Tucson, AZ, USA, 2025, pp. 75-80, doi: 10.1109/MobileCloud66020.2025.00015.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.
