Dynamic analysis of Android applications to extract spam caller IDs
C.C. van Luik (TU Delft - Electrical Engineering, Mathematics and Computer Science)
A. Zarras – Mentor (TU Delft - Cyber Security)
Y. Zhauniarovich – Mentor (TU Delft - Organisation & Governance)
G.J.P.M. Houben – Graduation committee member (TU Delft - Web Information Systems)
More Info
expand_more
GitHub repository with source code of this research
https://github.com/cvl01/spam-call-analysisOther than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Spam calls are becoming an increasing problem, with people receiving multiple spam calls per month on average. Multiple Android applications exist that are able to detect spam calls and display a warning or block such calls. Little is known however on how these applications work and what numbers they block.
In this research, the following question is investigated: Can we do a brute force dynamic analysis on Android spam call blocking apps, to extract caller ID information from apps that cannot be or is not extracted through static analysis? A tool is created that is capable of doing such a dynamic analysis, by installing such an app on an emulator, sending emulated phone calls to the emulator, and using screenshot comparison techniques to determine whether the call is classified as allowed or blocked by the respective app. The tool developed in this research can, fully automated, test caller IDs on 8 different Android apps. Apart from a number of initial setup steps to install and configure the apps in the emulator, the tool takes about 1.5 seconds on average to analyze 1 caller IDs on one app.