Runtime analysis of Android apps based on their behaviour
More Info
expand_more
Abstract
In the modern world, Smartphones are everywhere and Android is the most used operating system.
To protect these devices against malicious actions, the behaviour of Android apps needs to be studied.
Current tooling does not provide complete insight into the behaviour of an Android app.
A tool was built to observe what goes on inside an Android app.
The tool can hook all functions and change the outcome of a function call.
It is possible to log all method calls to observe when a method is called, with their arguments and return values.
Every call the app makes inside the JVM can be shown and a complete picture of the application can be obtained.
During this process the app stays responsive and will not slow down significantly.
The information provided can be used for building a call graph, finding vulnerabilities or checking for app detection mechanisms.