Automated security certification of Android applications based on real time monitoring
Smartphones have taken an important role in the current society that many found it impossible to do without. With ever-changing and improving technology, smartphones have become more sophisticated in its features. As such, smartphones are now capable of doing online transactions or Global Positionin...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Final Year Project |
Language: | English |
Published: |
2015
|
Subjects: | |
Online Access: | http://hdl.handle.net/10356/63068 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-63068 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-630682023-03-03T20:23:40Z Automated security certification of Android applications based on real time monitoring Yuen, Bernard Ming Hui Liu Yang School of Computer Engineering Forensics and Security Lab DRNTU::Engineering::Computer science and engineering::Data::Coding and information theory Smartphones have taken an important role in the current society that many found it impossible to do without. With ever-changing and improving technology, smartphones have become more sophisticated in its features. As such, smartphones are now capable of doing online transactions or Global Positioning System (GPS) and many others. Smartphone security have been an important topic as many spent more time with the smartphones. Exploits have been made possible through different means of vulnerability of smartphone devices. With advancement in technology, surveillance and tracking of such exploits are also made possible. This project aims to design a system which is able to provide real-time tracking system using modifications in the Android Operating System. An Android application will then pick up the traces, conducts analysis and provides a user interface. Users will be able to view and access a display of all the HTTP requests, features and result analysis through the User Interface of the Android application. With this ability, users are able to immediately view which of the applications in the device are possibly malicious. The system picks up Hypertext Transfer Protocol (HTTP) traces from both malicious and benign Android applications. This logging is done within methods of the Android Operating System. All captured traces will be logged into log files for processing by the Android application. Each HTTP request conducted by any Android application will be broken down into dimension features. These features will be used for analysis on whether an Application is malicious or not. Naïve Bayes is being used for data analysis due to its known efficiency and effectiveness in data mining. [1] The evaluation results of the experiment will be performed by the Naïve Bayes algorithm. K-Fold cross validation is conducted to evaluate the effectiveness on the algorithm based on various metrics of accuracy. The system achieved an accuracy result of 69.6% based on a total of 874 HTTP messages. Out of these 874 messages, 608 messages were classified correctly. The results also reached a precision rate of 86.8% and a recall rate of 33.6%. Cross-Validation was conducted on the classifier. An accuracy rate of 99.47%, precision of 99.64% and recall rate of 99.76% was achieved during the validation phase. The base application had been successfully developed and is capable of providing user with a tracking system on intrusions of any HTTP based malicious Android applications. The current system is expandable to target SMS and Phone attacks from malwares. Further implementations of other classification models can also be integrated into the system. In the future, more devices can benefit from this system with further development to scale the system. Bachelor of Engineering (Computer Science) 2015-05-05T08:26:02Z 2015-05-05T08:26:02Z 2015 2015 Final Year Project (FYP) http://hdl.handle.net/10356/63068 en Nanyang Technological University 65 p. application/pdf |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
DRNTU::Engineering::Computer science and engineering::Data::Coding and information theory |
spellingShingle |
DRNTU::Engineering::Computer science and engineering::Data::Coding and information theory Yuen, Bernard Ming Hui Automated security certification of Android applications based on real time monitoring |
description |
Smartphones have taken an important role in the current society that many found it impossible to do without. With ever-changing and improving technology, smartphones have become more sophisticated in its features. As such, smartphones are now capable of doing online transactions or Global Positioning System (GPS) and many others. Smartphone security have been an important topic as many spent more time with the smartphones. Exploits have been made possible through different means of vulnerability of smartphone devices. With advancement in technology, surveillance and tracking of such exploits are also made possible. This project aims to design a system which is able to provide real-time tracking system using modifications in the Android Operating System. An Android application will then pick up the traces, conducts analysis and provides a user interface. Users will be able to view and access a display of all the HTTP requests, features and result analysis through the User Interface of the Android application. With this ability, users are able to immediately view which of the applications in the device are possibly malicious. The system picks up Hypertext Transfer Protocol (HTTP) traces from both malicious and benign Android applications. This logging is done within methods of the Android Operating System. All captured traces will be logged into log files for processing by the Android application. Each HTTP request conducted by any Android application will be broken down into dimension features. These features will be used for analysis on whether an Application is malicious or not. Naïve Bayes is being used for data analysis due to its known efficiency and effectiveness in data mining. [1] The evaluation results of the experiment will be performed by the Naïve Bayes algorithm. K-Fold cross validation is conducted to evaluate the effectiveness on the algorithm based on various metrics of accuracy. The system achieved an accuracy result of 69.6% based on a total of 874 HTTP messages. Out of these 874 messages, 608 messages were classified correctly. The results also reached a precision rate of 86.8% and a recall rate of 33.6%. Cross-Validation was conducted on the classifier. An accuracy rate of 99.47%, precision of 99.64% and recall rate of 99.76% was achieved during the validation phase. The base application had been successfully developed and is capable of providing user with a tracking system on intrusions of any HTTP based malicious Android applications. The current system is expandable to target SMS and Phone attacks from malwares. Further implementations of other classification models can also be integrated into the system. In the future, more devices can benefit from this system with further development to scale the system. |
author2 |
Liu Yang |
author_facet |
Liu Yang Yuen, Bernard Ming Hui |
format |
Final Year Project |
author |
Yuen, Bernard Ming Hui |
author_sort |
Yuen, Bernard Ming Hui |
title |
Automated security certification of Android applications based on real time monitoring |
title_short |
Automated security certification of Android applications based on real time monitoring |
title_full |
Automated security certification of Android applications based on real time monitoring |
title_fullStr |
Automated security certification of Android applications based on real time monitoring |
title_full_unstemmed |
Automated security certification of Android applications based on real time monitoring |
title_sort |
automated security certification of android applications based on real time monitoring |
publishDate |
2015 |
url |
http://hdl.handle.net/10356/63068 |
_version_ |
1759855169624866816 |