Runtime analysis of Android apps based on their behaviour

More Info
expand_more

Abstract

In the modern world, Smartphones are everywhere and Android is the most used operating system. 
To protect these devices against malicious actions, the behaviour of Android apps needs to be studied.

Current tooling does not provide complete insight into the behaviour of an Android app.
A tool was built to observe what goes on inside an Android app.
The tool can hook all functions and change the outcome of a function call.
It is possible to log all method calls to observe when a method is called, with their arguments and return values. 
Every call the app makes inside the JVM can be shown and a complete picture of the application can be obtained.
During this process the app stays responsive and will not slow down significantly.
The information provided can be used for building a call graph, finding vulnerabilities or checking for app detection mechanisms.

Files

Final_report_eanker.pdf
(pdf | 1.5 Mb)
Unknown license