際際滷

際際滷Share a Scribd company logo

Web-based Security Analysis Tool for Android Applications

Tandhy Simanjuntak
Tandhy Simanjuntak

a web-based security analysis tool for android applications poster session at Advanced Cyber Security Center Annual Conference 2014, Boston, Nov 5th, 2014.

1 of 1
Download to read offline
WebVbasedhSecurityhAnalysishToolh forhAndroidhApplications ComputerhSciencehDepartmentPhMetropolitanhCollege NebiyuhFelekePhTandhyhSimanjuntakPhWenjiehShiPhYutinghZhangPhLouhChitkushevhh naberraPhtandhyPhwjshiPhdanazhPhltc@bu.edu Architecture OnNgoingIWork OurITool EveryhfifthhAndroidVbasedhdevicehwithhKasperskyhsolutionshwash attackedhbyhmalwarehduringhreportedhperiod OtherIWebNbasedIAnalysisITools Motivation www.idc.com www.kaspersky.com www.kaspersky.com Anubis AIwebIportalIofIandroidIapplicationsIsecurity ApplicationISecurityIAnalysisIbasedIonICategory ImplicitIOpenIomponentsIinIFinanceIandIMedicalIApplications PercentageIofITotalIOverIPrivilegeIApplicationsIbasedIonICategory ProposedIWork AIframeworkItoIanalyzeItheIsecurityIofIandroidIapplicationsIthroughIstaticIanalysis ProposeIandIimplementIaInumberIofImetricsIcomplementaryItoIthoseIinImanyIexistingIwebNbasedIanalysisItools: IdentifyIOverIPrivilege IdentifyIReNDelegation IdentifyIDangerousIPermissionsICombinationI IdentifyIOpenIComponents IdentifyIHiddenIFileIandICodeILoading IdentifyIRootIExploitIandIMaliciousIDomain AnalysishToolhPage SearchhToolhPage ApplicationISecurityIEvolutionIAnalysis IdentifyIandIclassifyIapplicationsIwithIsimilar functionalityIbasedIonIapplicationsEIdescriptionsIusingI keywordIanalysis InvestigateItheIassociationIbetweenIkeywordsIand otherIsecurityImetricsIsuchIasIpermissions PerformIbothIindividualIandIcollectiveIanalysis ReNdelegation OpenIComponents OverNprivilege DangerousIPermissionsICombination HiddenIFiles MaliciousIDomains RootIExploit CodeILoading TypesIofIMetricsIChangedI DistributionhofhAddedhVulnerabilities DistributionhofhDeletedhVulnerabilities ProposedIWork IdentifyImoreIsecurityImetricsIthatIcanIbe usedIforIevolutionIanalysis,IincludingIthose usedIinIotherIexistingItools InvestigateItheIpossibleIsecurityIevolution patternsIofIapplications InvestigateItheIpossibleIsecurityIpatternsIofI applicationsIwithIsimilarIfunctionality NumberIofITypesIofIMetricsIChangedI PercentageIofIDatasetI MetricsIinclude: DetailsIofIThreeIMetricsI TypeIofIMetricsI PercentageIofIDatasetI NumberIofIAddedIVulnerabilitiesI PercentageIofIApplicableIDatasetI PercentageIofIApplicableIDatasetI NumberIofIDeletedIVulnerabilitiesI TotalIDownloadedIApplicationsIbasedIonICategory IPercentageIofIRootIExploitIApplicationsIbasedIonICategory TotalINumberI Category TotalIPercentageI Category TotalIPercentageI Category InvestigateIpossibleIupdateIattacks, particularlyIthroughIanomalyIdetection

More Related Content

Web-based Security Analysis Tool for Android Applications

  • 1. WebVbasedhSecurityhAnalysishToolh forhAndroidhApplications ComputerhSciencehDepartmentPhMetropolitanhCollege NebiyuhFelekePhTandhyhSimanjuntakPhWenjiehShiPhYutinghZhangPhLouhChitkushevhh naberraPhtandhyPhwjshiPhdanazhPhltc@bu.edu Architecture OnNgoingIWork OurITool EveryhfifthhAndroidVbasedhdevicehwithhKasperskyhsolutionshwash attackedhbyhmalwarehduringhreportedhperiod OtherIWebNbasedIAnalysisITools Motivation www.idc.com www.kaspersky.com www.kaspersky.com Anubis AIwebIportalIofIandroidIapplicationsIsecurity ApplicationISecurityIAnalysisIbasedIonICategory ImplicitIOpenIomponentsIinIFinanceIandIMedicalIApplications PercentageIofITotalIOverIPrivilegeIApplicationsIbasedIonICategory ProposedIWork AIframeworkItoIanalyzeItheIsecurityIofIandroidIapplicationsIthroughIstaticIanalysis ProposeIandIimplementIaInumberIofImetricsIcomplementaryItoIthoseIinImanyIexistingIwebNbasedIanalysisItools: IdentifyIOverIPrivilege IdentifyIReNDelegation IdentifyIDangerousIPermissionsICombinationI IdentifyIOpenIComponents IdentifyIHiddenIFileIandICodeILoading IdentifyIRootIExploitIandIMaliciousIDomain AnalysishToolhPage SearchhToolhPage ApplicationISecurityIEvolutionIAnalysis IdentifyIandIclassifyIapplicationsIwithIsimilar functionalityIbasedIonIapplicationsEIdescriptionsIusingI keywordIanalysis InvestigateItheIassociationIbetweenIkeywordsIand otherIsecurityImetricsIsuchIasIpermissions PerformIbothIindividualIandIcollectiveIanalysis ReNdelegation OpenIComponents OverNprivilege DangerousIPermissionsICombination HiddenIFiles MaliciousIDomains RootIExploit CodeILoading TypesIofIMetricsIChangedI DistributionhofhAddedhVulnerabilities DistributionhofhDeletedhVulnerabilities ProposedIWork IdentifyImoreIsecurityImetricsIthatIcanIbe usedIforIevolutionIanalysis,IincludingIthose usedIinIotherIexistingItools InvestigateItheIpossibleIsecurityIevolution patternsIofIapplications InvestigateItheIpossibleIsecurityIpatternsIofI applicationsIwithIsimilarIfunctionality NumberIofITypesIofIMetricsIChangedI PercentageIofIDatasetI MetricsIinclude: DetailsIofIThreeIMetricsI TypeIofIMetricsI PercentageIofIDatasetI NumberIofIAddedIVulnerabilitiesI PercentageIofIApplicableIDatasetI PercentageIofIApplicableIDatasetI NumberIofIDeletedIVulnerabilitiesI TotalIDownloadedIApplicationsIbasedIonICategory IPercentageIofIRootIExploitIApplicationsIbasedIonICategory TotalINumberI Category TotalIPercentageI Category TotalIPercentageI Category InvestigateIpossibleIupdateIattacks, particularlyIthroughIanomalyIdetection