Analysis and identification of Android vulnerabilities and exploits

Android malware is a problem which users of the mobile operating system had to contend with. This project analysed 16 vulnerabilities from the Android framework to learn how to exploit them and developed proof-of-concept exploits for each of the vulnerabilities. The exploits were reverse engineered...

Full description

Saved in:
Bibliographic Details
Main Author: Che, Calvin Zi Yi
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: 2018
Subjects:
Online Access:http://hdl.handle.net/10356/76171
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Android malware is a problem which users of the mobile operating system had to contend with. This project analysed 16 vulnerabilities from the Android framework to learn how to exploit them and developed proof-of-concept exploits for each of the vulnerabilities. The exploits were reverse engineered into Smali code using Apktool, and YARA rules were created based on unique patterns in Smali code to identify similar exploits. 82,389 published Android packages in the Google Play Store were then reverse engineered and scanned using Apktool and YARA using the rules created. The results from this project would be used for future Android vulnerability research.