Analysis of malicious and benign Android applications

Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.

Zero permission android applications - attacks and defenses

Google advertises the Android permission framework as one of the core security features present on its innovative and flexible mobile platform. The permissions are a means to control access to restricted AP/s and system resources. However, there are Android applications which do not request permissions at all.In this paper, we analyze the repercussions of installing an Android application that does not include any permission and the types of sensitive information that can be accessed by such an application. We found that even app/icaaons with no permissions are able to access sensitive information (such the device ID) and transmit it to third-parties.

Web service to deliver filtered RSS items to a mobile application

In the past decade there has been massive growth of data on the internet. Many people rely on XML based RSS feeds to receive updates from websites. In this paper, we propose a method for managing the RSS feeds from various news websites. A web service is developed to deliver filtered news items from RSS feeds to a mobile client. Each news item is indexed, subsequently, the indexes are used for filtering news items. Indexing is done in two steps. First, classical text categorization algorithms are used to assign a category to each news item, second, geoparsing is used to assign geolocation data to each news item. An android application is developed to access filtered news items by consuming the proposed web service. A prototype is implemented using Rapid miner 5.0 as the data mining tool and SVM as the classification algorithm. Geoparsing and geocoding web services, and Android API are used to implement location-based access to news items. Experimental results prove that the proposed approach is effective and saves a significant amount of information overload processing time.

Security testing in Android networks : a practical case study

Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.

Comparative mobile platforms security solutions

 Mobile platform security solution has become especially important for mobile computing paradigms, due to the fact that increasing amounts of private and sensitive information are being stored on the smartphones' on-device memory or MicroSD/SD cards. This paper aims to consider a comparative approach to the security aspects of the current smartphone systems, including: iOS, Android, BlackBerry (QNX), and Windows Phone.

Mobile phone app aimed at improving iron intake and bioavailability in premenopausal women: a qualitative evaluation

BACKGROUND: Low iron intake can lead to iron deficiency, which can result in impaired health and iron-deficiency anemia. A mobile phone app, combining successful dietary strategies to increase bioavailable iron with strategies for behavior change, such as goal setting, monitoring, feedback, and resources for knowledge acquisition, was developed with the aim to increase bioavailable iron intake in premenopausal women.

OBJECTIVE: To evaluate the content, usability, and acceptability of a mobile phone app designed to improve intake of bioavailable dietary iron.

METHODS: Women aged 18-50 years with an Android mobile phone were invited to participate. Over a 2-week period women were asked to interact with the app. Following this period, semistructured focus groups with participants were conducted. Focus groups were audio recorded and analyzed via an inductive open-coding method using the qualitative analysis software NVivo 10. Themes were identified and frequency of code occurrence was calculated.

RESULTS: Four focus groups (n=26) were conducted (age range 19-36 years, mean 24.7, SD 5.2). Two themes about the app's functionality were identified (frequency of occurrence in brackets): interface and design (134) and usability (86). Four themes about the app's components were identified: goal tracker (121), facts (78), photo diary (40), and games (46). A number of suggestions to improve the interface and design of the app were provided and will inform the ongoing development of the app.

CONCLUSIONS: This research indicates that participants are interested in iron and their health and are willing to use an app utilizing behavior change strategies to increase intake of bioavailable iron. The inclusion of information about the link between diet and health, monitoring and tracking of the achievement of dietary goals, and weekly reviews of goals were also seen as valuable components of the app and should be considered in mobile health apps aimed at adult women.

Mobile phone-based electrochemiluminescence sensing exploiting the 'USB On-The-Go' protocol

A low-cost system to generate, control and detect electrochemiluminescence using a mobile smartphone is described. A simple tone-detection integrated circuit is used to switch power sourced from the phone's Universal Serial Bus (USB) 'On-The-Go' (OTG) port, using audible tone pulses played over the device's audio jack. We have successfully applied this approach to smartphones from different manufacturers and with different operating system versions. ECL calibrations of a common luminophore, tris(2,2′-bipyridine)ruthenium(II) ([Ru(bpy)3]²⁺), with 2-(dibutylamino)ethanol (DBAE) as a co-reactant, showed no significant difference in light intensities when an electrochemical cell was controlled by a mobile phone in this manner, compared to the same calibration generated using a conventional potentiostat. Combining this novel approach to control the applied potential with the measurement of the emitted light through the smart phone camera (using an in-house built Android app), we explored the ECL properties of a water-soluble iridium(III) complex that emits in the blue region of the spectrum. The iridium(III) complex exhibited superior co-reactant ECL intensities and limits of detection to that of the conventional [Ru(bpy)3]²⁺ luminophore.

A lightweight virtualization solution for android devices

Mobile virtualization has emerged fairly recently and is considered a valuable way to mitigate security risks on Android devices. However, major challenges in mobile virtualization include runtime, hardware, resource overhead, and compatibility. In this paper, we propose a lightweight Android virtualization solution named Condroid, which is based on container technology. Condroid utilizes resource isolation based on namespaces feature and resource control based on cgroups feature. By leveraging them, Condroid can host multiple independent Android virtual machines on a single kernel to support mutilple Android containers. Furthermore, our implementation presents both a system service sharing mechanism to reduce memory utilization and a filesystem sharing mechanism to reduce storage usage. The evaluation results on Google Nexus 5 demonstrate that Condroid is feasible in terms of runtime, hardware resource overhead, and compatibility. Therefore, we find that Condroid has a higher performance than other virtualization solutions.

Diabetic Mario: designing and evaluating mobile games for diabetes education

Traditionally, diabetes education has relied on written materials, with limited resources available for children with diabetes. Mobile games can be effective and motivating tools for the promotion of children's health. In our earlier work, we proposed a novel approach for designing computer games aimed at educating children with diabetes. In this article, we apply our game design to a mobile Android game (Mario Brothers). We also introduce four heuristics that are specifically designed for evaluating the mobile game, by adapting traditional usability heuristics. Results of a pilot study (n = 12) to evaluate gameplay over 1-week showed that the children found the game engaging and improved their knowledge of healthy diet and lifestyle.

Taming transitive permission attack via bytecode rewriting on Android application

Google Android is popular for mobile devices in recent years. The openness and popularity of Android make it a primary target for malware. Even though Android's security mechanisms could defend most malware, its permission model is vulnerable to transitive permission attack, a type of privilege escalation attacks. Many approaches have been proposed to detect this attack by modifying the Android OS. However, the Android's fragmentation problem and requiring rooting Android device hinder those approaches large-scale adoption. In this paper, we present an instrumentation framework, called SEAPP, for Android applications (or “apps”) to detect the transitive permission attack on unmodified Android. SEAPP automatically rewrites an app without requiring its source codes and produces a security-harden app. At runtime, call-chains are built among these apps and detection process is executed before a privileged API is invoked. Our experimental results show that SEAPP could work on a large number of benign apps from the official Android market and malicious apps, with a repackaged success rate of over 99.8%. We also show that our framework effectively tracks call-chains among apps and detects known transitive permission attack with low overhead. Copyright © 2016 John Wiley & Sons, Ltd.