Web-based Security Analysis Tool for Android Applications
-
Upload
tandhy-simanjuntak -
Category
Technology
-
view
70 -
download
1
description
Transcript of Web-based Security Analysis Tool for Android Applications
![Page 1: Web-based Security Analysis Tool for Android Applications](https://reader036.fdocuments.in/reader036/viewer/2022081404/5584c6f7d8b42aeb138b490d/html5/thumbnails/1.jpg)
WebVbasedhSecurityhAnalysishToolhforhAndroidhApplicationsComputerhSciencehDepartmentPhMetropolitanhCollege
NebiyuhFelekePhTandhyhSimanjuntakPhWenjiehShiPhYutinghZhangPhLouhChitkushevhhnaberraPhtandhyPhwjshiPhdanazhPhltc@bu.edu
OnNgoingIWork
Architecture
OurITool
OtherIWebNbasedIAnalysisITools
Motivation
www.idc.com
www.kaspersky.com
EveryhfifthhAndroidVbasedhdevicehwithhKasperskyhsolutionshwashattackedhbyhmalwarehduringhreportedhperiod
www.kaspersky.com
Anubis
AIwebIportalIofIandroidIapplicationsIsecurity
ApplicationISecurityIAnalysisIbasedIonICategory
ProposedIWork
ImplicitIOpenIomponentsIinIFinanceIandIMedicalIApplications
AIframeworkItoIanalyzeItheIsecurityIofIandroidIapplicationsIthroughIstaticIanalysis
ProposeIandIimplementIaInumberIofImetricsIcomplementaryItoIthoseIinImanyIexistingIwebNbasedIanalysisItools:
IdentifyIRootIExploitIandIMaliciousIDomain
IdentifyIHiddenIFileIandICodeILoading
IdentifyIOpenIComponents
IdentifyIDangerousIPermissionsICombinationI
IdentifyIReNDelegation
IdentifyIOverIPrivilege
AnalysishToolhPage
SearchhToolhPage
ApplicationISecurityIEvolutionIAnalysis
IdentifyIandIclassifyIapplicationsIwithIsimilarfunctionalityIbasedIonIapplicationsEIdescriptionsIusingIkeywordIanalysis
InvestigateItheIassociationIbetweenIkeywordsIandotherIsecurityImetricsIsuchIasIpermissions
PerformIbothIindividualIandIcollectiveIanalysis
ReNdelegationOpenIComponentsOverNprivilegeDangerousIPermissionsICombinationHiddenIFilesMaliciousIDomainsRootIExploitCodeILoading
TypesIofIMetricsIChangedI
ProposedIWorkIdentifyImoreIsecurityImetricsIthatIcanIbeusedIforIevolutionIanalysis,IincludingIthoseusedIinIotherIexistingItools
InvestigateItheIpossibleIsecurityIevolutionpatternsIofIapplications
DistributionhofhAddedhVulnerabilities DistributionhofhDeletedhVulnerabilities
InvestigateItheIpossibleIsecurityIpatternsIofIapplicationsIwithIsimilarIfunctionality
NumberIofITypesIofIMetricsIChangedI
Per
cen
tage
IofI
Dat
aset
I
MetricsIinclude:
DetailsIofIThreeIMetricsI
TypeIofIMetricsI
Per
cen
tage
IofI
Dat
aset
I
NumberIofIAddedIVulnerabilitiesI
Per
cen
tage
IofI
Ap
plic
able
IDat
aset
I
Per
cen
tage
IofI
Ap
plic
able
IDat
aset
I
NumberIofIDeletedIVulnerabilitiesI
TotalIDownloadedIApplicationsIbasedIonICategory
IPercentageIofIRootIExploitIApplicationsIbasedIonICategory
Tota
lINu
mb
erI
Category
Tota
lIPer
cen
tage
I
Category
Tota
lIPer
cen
tage
I
PercentageIofITotalIOverIPrivilegeIApplicationsIbasedIonICategory
Category
InvestigateIpossibleIupdateIattacks,particularlyIthroughIanomalyIdetection