Countermeasures for security vulnerability in Androids - Embedded.com

Countermeasures for security vulnerability in Androids

With the advancement in technology, the Smartphone market is growing by leaps and bounds but there is one O.S that has been enjoying the best of all (i.e. Google’s Android) which contributes 75 % of Smartphone’s shipped in Q1 2013 according to IDC stats. The reason for this rise is open source which gives a complete new freedom to developers as well as users.

As Android is open source, developers can upload their application without any certificate check whereas they can upload self signed applications which can be done without any help or assistance. Smartphone’s are becoming ubiquitous and entities ranging from a university student to big organizations rely on them for their personal and private information.

All these above reasons make the malware analysis an immense part of today’s Android security world. In this paper we describe the design and implementation of permission based analysis to detect the vulnerability for the malware attack.

Our analysis is able to automatically describe low level OS specific and high level Android –specific behavior of Android malware by observing and analyzing system call invocations including IPC and RPC interactions..

In our project, based on the observation of different permissions and classes which can cause vulnerability, an array list is created which contains all the permissions and names of the classes. Then after in depth observation, we create the second level of the array list which contains the list of files which we want to scan because we think them vulnerable for the attack

We then use a tool we have named patternDroid to anaylze a maximum of 25 malware samples belonging to different Android malware families. PatternDroid is able to automatically and faithfully check the different files for the vulnerability and creates the list of the vulnerable files sets. The same is done manually for the vulnerability check.

We have also developed a web interface through .NET framework which is written in C# similarly named which breaks the applications (.apk) into the number of files stored in the destination folder.

Then each of the file is scanned using patternDroid & checks for the permission. .The ratio is calculated, using the formula NO. OF PERMISSIONS MATCHED/NO. OF FILES. The number of permissions matched are then tested manually in static and dynamic analysis, hence we get the percentage of vulnerability in the malware sample.

To read this external content in full, download the complete paper from the author archives at IJTEE.org.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.