Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications

In the last decade, smartphones have gained widespread usage. Since the advent of online application stores, hundreds of thousands of applications have become instantly available to millions of smart-phone users. Within the Android ecosystem, application security is governed by digital signatures and a list of coarse-grained permissions. However, this mechanism is not fine-grained enough to provide the user with a sufficient means of control of the applications' activities. Abuse of highly sensible private information such as phone numbers without users' notice is the result. We show that there is a high frequency of privacy leaks even among widely popular applications. Together with the fact that the majority of the users are not proficient in computer security, this presents a challenge to the engineers developing security solutions for the platform. Our contribution is twofold: first, we propose a service which is able to assess Android Market applications via static analysis and provide detailed, but readable reports to the user. Second, we describe a means to mitigate security and privacy threats by automated reverse-engineering and refactoring binary application packages according to the users' security preferences.

A trusted ecosystem for Android applications based on context-aware access control

Private data stored on smartphones is a precious target for malware attacks. A constantly changing environment, e.g. switching network connections, can cause unpredictable threats, and require an adaptive approach to access control. Context-based access control is using dynamic environmental information, including it into access decisions. We propose an "ecosystem-in-an-ecosystem" which acts as a secure container for trusted software aiming at enterprise scenarios where users are allowed to use private devices. We have implemented a proof-of-concept prototype for an access control framework that processes changes to low-level sensors and semantically enriches them, adapting access control policies to the current context. This allows the user or the administrator to maintain fine-grained control over resource usage by compliant applications. Hence, resources local to the trusted container remain under control of the enterprise policy. Our results show that context-based access control can be done on smartphones without major performance impact.

Developing and benchmarking native Linux applications on Android

Smartphones get increasingly popular where more and more smartphone platforms emerge. Special attention was gained by the open source platform Android which was presented by the Open Handset Alliance (OHA) hosting members like Google, Motorola, and HTC. Android uses a Linux kernel and a stripped-down userland with a custom Java VM set on top. The resulting system joins the advantages of both environments, while third-parties are intended to develop only Java applications at the moment. In this work, we present the benefit of using native applications in Android. Android includes a fully functional Linux, and using it for heavy computational tasks when developing applications can bring in substantional performance increase. We present how to develop native applications and software components, as well as how to let Linux applications and components communicate with Java programs. Additionally, we present performance measurements of native and Java applications executing identical tasks. The results show that native C applications can be up to 30 times as fast as an identical algorithm running in Dalvik VM. Java applications can become a speed-up of up to 10 times if utilizing JNI.

Monitoring android for collaborative anomaly detection : a first architectural draft

Our daily lives become more and more dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways, e.g. for payment systems or assisting the lives of elderly or disabled people. Security threats for these devices become more and more dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level and where third-party developers first time have the opportunity to develop kernel-based low-level security tools. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open" Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs. Symbian OS, holding the greatest market share among all smartphone OSs, was even closing critical APIs to common developers and introduced application certification. This was done since this OS was the main target for smartphone malwares in the past. In fact, more than 290 malwares designed for Symbian OS appeared from July 2004 to July 2008. Android, in turn, promises to be completely open source. Together with the Linux-based smartphone OS OpenMoko, open smartphone platforms may attract malware writers for creating malicious applications endangering the critical smartphone applications and owners privacy. Since signature-based approaches mainly detect known malwares, anomaly-based approaches can be a valuable addition to these systems. They base on mathematical algorithms processing data that describe the state of a certain device. For gaining this data, a monitoring client is needed that has to extract usable information (features) from the monitored system. Our approach follows a dual system for analyzing these features. On the one hand, functionality for on-device light-weight detection is provided. But since most algorithms are resource exhaustive, remote feature analysis is provided on the other hand. Having this dual system enables event-based detection that can react to the current detection need. In our ongoing research we aim to investigates the feasibility of light-weight on-device detection for certain occasions. On other occasions, whenever significant changes are detected on the device, the system can trigger remote detection with heavy-weight algorithms for better detection results. In the absence of the server respectively as a supplementary approach, we also consider a collaborative scenario. Here, mobile devices sharing a common objective are enabled by a collaboration module to share information, such as intrusion detection data and results. This is based on an ad-hoc network mode that can be provided by a WiFi or Bluetooth adapter nearly every smartphone possesses.

Google Android : a comprehensive introduction

Google Android, Google's new product and its first attempt to enter the mobile market, might have an equal impact on mobile users like Apple's hyped product, the iPhone. In this Technical report we are going to present the Google Android platform, what Android is, describe why it might be considered as a worthy rival to Apple's iPhone. We will describe parts of its internals, take a look "under the hood" while explaining components of the underlying operating system. We will show how to develop applications for this platform, which difficulties a developer might have to face, and how developers can possibly use other programming languages to develop for Android than the propagated language Java.

Race Detection for Android Applications

Programming environments for smartphones expose a concurrency model that combines multi-threading and asynchronous event-based dispatch. While this enables the development of efficient and feature-rich applications, unforeseen thread interleavings coupled with non-deterministic reorderings of asynchronous tasks can lead to subtle concurrency errors in the applications. In this paper, we formalize the concurrency semantics of the Android programming model. We further define the happens-before relation for Android applications, and develop a dynamic race detection technique based on this relation. Our relation generalizes the so far independently studied happens-before relations for multi-threaded programs and single-threaded event-driven programs. Additionally, our race detection technique uses a model of the Android runtime environment to reduce false positives. We have implemented a tool called DROIDRACER. It generates execution traces by systematically testing Android applications and detects data races by computing the happens-before relation on the traces. We analyzed 1 5 Android applications including popular applications such as Facebook, Twitter and K-9 Mail. Our results indicate that data races are prevalent in Android applications, and that DROIDRACER is an effective tool to identify data races.

Cliente UCH para smartphones sobre Android

El objetivo del proyecto consiste en la creación de una aplicación cliente de UCH para Android, capaz de controlar “dispositivos objetivos”. Teniendo como base el PFC de Borja Gamecho, titulado “Estudio del estándar URC y su aplicación a sistemas embebidos usando una implementación Java del UCH”, proyecto que pertenece al campo de la inteligencia ambiental (AmI). La construcción de un sistema capaz de controlar dispositivos de manera sencilla y ubicua fue la motivación para la realización de este proyecto, ya que con él, se puede conseguir un control universal de nuestro entorno, permitiendo eliminar barreras por ejemplo, para personas con discapacidad. En este proyecto se ha estudiado el centro de control universal (UCH) junto con el protocolo URC-HTTP. También se ha investigado sobre la plataforma Android, para posteriormente usarlo como base para el desarrollo de un URC (cliente para el control del UCH y del entorno). Como principal conclusión, el presente trabajo permite avanzar en la propuesta de encontrar un estándar capaz de controlar nuestro entorno desde cualquier smartphone, tablet,... de forma ubicua y sencilla.

Desarrollo en Android para aplicaciones de realidad aumentada

El presente proyecto tiene como finalidad realizar aplicaciones de realidad aumentada en Android. Como al desarrollar dichas aplicaciones se han reutilizado librerías existentes implementadas en C++, también se ha realizado un estudio de las alternativas para poder incluirlas en una aplicación Android.

Parada en boxes: juego Formula 1 para Android

Juego de reflejos y habilidad para dispositivos con SO Android. Este proyecto consiste en la creación de un juego utilizando todas las herramientas posibles proporcionadas por Android. El juego se diseñará en 2 dimensiones, contará de un menú inicial donde se podrá elegir entre las opciones; Jugar, Puntuaciones y Ayuda. La parte de jugar llevará todo el peso de la aplicación y es donde se desarrollará toda la acción. Habrá que hacer transiciones entre distintas pantallas para cada uno de los distintos mini juegos. Además, llevará la cuenta del tiempo transcurrido con un preciso cronometro. El reloj de parará cuando se hayan terminado todas las pruebas. Si ha superado alguno de los mejores tiempos, guardaremos el record en el lugar que le corresponde. La parte de las puntuaciones mostrará los cinco mejores tiempos realizados en el juego. Estos tiempos seguirán guardados aún reiniciando la aplicación. La parte de ayuda mostrará las instrucciones de cada prueba; donde, cuándo, y de qué manera tienes que pulsar en cada momento. Hay que tener en cuenta que esta aplicación de desarrollará para versiones de Android 2.1 o superiores, así que es necesario basarse en API’s para estas versiones, y que no se debe necesitar nada más que el archivo de instalación (.apk) para poder disfrutar de el juego en cualquier terminal.

Análisis del desarrollo de aplicaciones accesibles sobre el sistema operativo Android. Implementación de un sistema de barrido.

El objetivo principal de este proyecto es facilitar a aquellos usuarios con diversidades motrices el uso de sus dispositivos móviles con sistema Android a través de un barrido sobre la pantalla. Este barrido se realiza con dos ejes cartesianos que el usuario controla mediante cualquier periférico adaptado que posea y le permite decidir las coordenadas de la pantalla sobre las que desea interactuar.

Acceso a catálogo de biblioteca desde móviles Android y navegadores mediante servicios web

Este PFC trata la construcción de un sistema de acceso al catálogo de una biblioteca doméstica a través de distintas interfaces de usuario que hacen uso de unos mismos servicios web REST expuestos en un servidor Java EE. Su desarrollo implica la integración de múltiples tecnologías open source a varios niveles.

Aplicación nativa en Android del Festival de cine de San Sebastián – Donostia Zinemaldia

Proyecto realizado en colaboración con el Festival de cine de San Sebastián, en el que se ha desarrollado una aplicación nativa Android para la visualización de los contenidos propios del Festival como noticias, imágenes, vídeos y programación entre otros.

Diseño e implementación de un sistema de seguridad para el hogar con interfaz en Android.

En este proyecto se desarrolla un sistema capaz de garantizar la seguridad en un hogar o establecimiento, detectando cualquier acceso no deseado con sensores. También dispone de detectores de humo y otros gases. Como sistema disuasorio, cuenta con simulación de presencia para evitar intrusiones, por lo que también permite el control de luces y otros electrodomésticos. Todo el sistema se controla desde una aplicación en Android.