Automated security certification of Android applications based on real time monitoring

Smartphones have taken an important role in the current society that many found it impossible to do without. With ever-changing and improving technology, smartphones have become more sophisticated in its features. As such, smartphones are now capable of doing online transactions or Global Positionin...

Full description

Saved in:
Bibliographic Details
Main Author: Yuen, Bernard Ming Hui
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: 2015
Subjects:
Online Access:http://hdl.handle.net/10356/63068
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Smartphones have taken an important role in the current society that many found it impossible to do without. With ever-changing and improving technology, smartphones have become more sophisticated in its features. As such, smartphones are now capable of doing online transactions or Global Positioning System (GPS) and many others. Smartphone security have been an important topic as many spent more time with the smartphones. Exploits have been made possible through different means of vulnerability of smartphone devices. With advancement in technology, surveillance and tracking of such exploits are also made possible. This project aims to design a system which is able to provide real-time tracking system using modifications in the Android Operating System. An Android application will then pick up the traces, conducts analysis and provides a user interface. Users will be able to view and access a display of all the HTTP requests, features and result analysis through the User Interface of the Android application. With this ability, users are able to immediately view which of the applications in the device are possibly malicious. The system picks up Hypertext Transfer Protocol (HTTP) traces from both malicious and benign Android applications. This logging is done within methods of the Android Operating System. All captured traces will be logged into log files for processing by the Android application. Each HTTP request conducted by any Android application will be broken down into dimension features. These features will be used for analysis on whether an Application is malicious or not. Naïve Bayes is being used for data analysis due to its known efficiency and effectiveness in data mining. [1] The evaluation results of the experiment will be performed by the Naïve Bayes algorithm. K-Fold cross validation is conducted to evaluate the effectiveness on the algorithm based on various metrics of accuracy. The system achieved an accuracy result of 69.6% based on a total of 874 HTTP messages. Out of these 874 messages, 608 messages were classified correctly. The results also reached a precision rate of 86.8% and a recall rate of 33.6%. Cross-Validation was conducted on the classifier. An accuracy rate of 99.47%, precision of 99.64% and recall rate of 99.76% was achieved during the validation phase. The base application had been successfully developed and is capable of providing user with a tracking system on intrusions of any HTTP based malicious Android applications. The current system is expandable to target SMS and Phone attacks from malwares. Further implementations of other classification models can also be integrated into the system. In the future, more devices can benefit from this system with further development to scale the system.