Zero permission android applications - attacks and defenses

Google advertises the Android permission framework as one of the core security features present on its innovative and flexible mobile platform. The permissions are a means to control access to restricted AP/s and system resources. However, there are Android applications which do not request permissions at all.In this paper, we analyze the repercussions of installing an Android application that does not include any permission and the types of sensitive information that can be accessed by such an application. We found that even app/icaaons with no permissions are able to access sensitive information (such the device ID) and transmit it to third-parties.

Detecting SMS-based control commands in a Botnet from infected android devices

An increasing number of Android devices are being infected and at risk of becoming part of a botnet. Among all types of botnets, control and cornmand based botnets are very popular. In this paper we introduce an effective and efficient method to ddect SMS-based control commands ftvm infected Android devices. Specifically, we rely on the important radio activities recorded in Android log files. These radio activities are currently overlooked by researchers. We show the effectiveness of our rnethod by using the examples frorn published literature. Our method requires much less user knowledge but is more generic than traditional approaches.

Contrasting permission patterns between clean and malicious android applications

The Android platform uses a permission system model to allow users and developers to regulate access to private information and system resources required by applications. Permissions have been proved to be useful for inferring behaviors and characteristics of an application. In this paper, a novel method to extract contrasting permission patterns for clean and malicious applications is proposed. Contrary to existing work, both required and used permissions were considered when discovering the patterns. We evaluated our methodology on a clean and a malware dataset, each comprising of 1227 applications. Our empirical results suggest that our permission patterns can capture key differences between clean and malicious applications, which can assist in characterizing these two types of applications.

Security testing in Android networks : a practical case study

Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.

Android applications : Data leaks via advertising libraries

Recent studies have determined that many Android applications in both official and non-official online markets expose details of the users' smartphones without user consent. In this paper, we explain why such applications leak, how they leak and where the data is leaked to. In order to achieve this, we combine static and dynamic analysis to examine Java classes and application behaviour for a set of popular, clean applications from the Finance and Games categories. We observed that all the applications in our data set which leaked information (10%) had third-party advertising libraries embedded in their respective Java packages.

6 things I know about Geminoid F, or what I think about when I think about android theatre

On Friday evening I saw one of the finest theatre performances from an actor. Her subtle movements, her natural cadence, her ability to portray her character in a way that demonstrated diligent devotion, careful analysis and measured construction, was simply awe-inspiring. Which actor gave this fine performance? It was an android.

Mining permission patterns for contrasting clean and malicious android applications

An Android application uses a permission system to regulate the access to system resources and users' privacy-relevant information. Existing works have demonstrated several techniques to study the required permissions declared by the developers, but little attention has been paid towards used permissions. Besides, no specific permission combination is identified to be effective for malware detection. To fill these gaps, we have proposed a novel pattern mining algorithm to identify a set of contrast permission patterns that aim to detect the difference between clean and malicious applications. A benchmark malware dataset and a dataset of 1227 clean applications has been collected by us to evaluate the performance of the proposed algorithm. Valuable findings are obtained by analyzing the returned contrast permission patterns. © 2013 Elsevier B.V. All rights reserved.

Android malware detection with contrasting permission patterns

As the risk of malware is sharply increasing in Android platform, Android malware detection has become an important research topic. Existing works have demonstrated that required permissions of Android applications are valuable for malware analysis, but how to exploit those permission patterns for malware detection remains an open issue. In this paper, we introduce the contrasting permission patterns to characterize the essential differences between malwares and clean applications from the permission aspect. Then a framework based on contrasting permission patterns is presented for Android malware detection. According to the proposed framework, an ensemble classifier, Enclamald, is further developed to detect whether an application is potentially malicious. Every contrasting permission pattern is acting as a weak classifier in Enclamald, and the weighted predictions of involved weak classifiers are aggregated to the final result. Experiments on real-world applications validate that the proposed Enclamald classifier outperforms commonly used classifiers for Android Malware Detection.

Sayonara interviews: android-human theatre

Featuring a life-like humanoid robot, Seinendan Theatre Company (Japan) brought their performance Sayonara: Android-Human Theatre to Melbourne in August 2012. Geminoid F, an android, starred alongside Canadian actress Bryerly Long, in a performance that asks the question: What does life and death mean for humans as opposed to robots?

A lightweight virtualization solution for android devices

Mobile virtualization has emerged fairly recently and is considered a valuable way to mitigate security risks on Android devices. However, major challenges in mobile virtualization include runtime, hardware, resource overhead, and compatibility. In this paper, we propose a lightweight Android virtualization solution named Condroid, which is based on container technology. Condroid utilizes resource isolation based on namespaces feature and resource control based on cgroups feature. By leveraging them, Condroid can host multiple independent Android virtual machines on a single kernel to support mutilple Android containers. Furthermore, our implementation presents both a system service sharing mechanism to reduce memory utilization and a filesystem sharing mechanism to reduce storage usage. The evaluation results on Google Nexus 5 demonstrate that Condroid is feasible in terms of runtime, hardware resource overhead, and compatibility. Therefore, we find that Condroid has a higher performance than other virtualization solutions.

Sistema de divulgação dos serviços e produtos da Porto Santo Line na plataforma Android

A Porto Santo Line é a empresa responsável pela ligação marítima entre as ilhas Madeira e Porto Santo, oferecendo, para além do transporte, um conjunto de serviços e produtos que estão associado à sua actividade principal. A sua base de clientes inclui não só os residentes de ambas as ilhas, mas também muitos dos turistas que visitam o arquipélago. O posicionamento desta empresa no mercado é feito das formas tradicionais, onde se inclui uma rede de balcões e um site através do qual os clientes podem aceder aos produtos e serviços que constitui a oferta da Porto Santo Line. Num esforço de reforçar a sua presença no mercado e de intensificar a sua aposta na inovação, a empresa tem procurado encontrar novas formas e novos canais para chegar aos seus clientes. Este projecto visa dotar a Porto Santo Line de uma aplicação que estenda a sua presença no mercado, oferecendo aos seus clientes a possibilidade de aceder aos seus produtos e serviços através de equipamentos móveis. Este relatório documenta a realização deste projecto, dando principal enfase ao processo adoptado, assim como ao desenho do sistema e sua avaliação. Procurou-se igualmente evidenciar ao longo do relatório, as considerações mais relevantes na elaboração de um projecto com estas características.

Sistema de gestão de rondas: aplicação android para empresas de segurança privada

Este é um relatório submetido como requisito parcial, para obtenção de grau de mestre em Engenharia Informática pela universidade da Madeira, em parceria com o Miti (Madeira Interactive Technologies Institute) e teve como base, o desenvolvimento de uma aplicação para equipamentos móveis com sistema operativo android. O objetivo principal foi, criar uma aplicação alternativa aos atuais sistemas existentes, para gestão e controlo de inspeções de segurança, efetuadas por funcionários de empresas de segurança privada (vigilantes) a instalações de clientes, atividade denominada por rondas. O principal problema encontrado e para o qual pretendia ser encontrada uma solução, não foi a falta de um sistema deste tipo, pois existem vários no mercado, mas sim, o elevado custo de aquisição dos atuais sistemas, aliado ao facto das suas limitações em termos de funcionalidades disponibilizadas tendo em conta esse elevado custo, e ainda a utilização de um equipamento dedicado e limitado exclusivamente a essa função. Conseguiu ser encontrada uma alternativa viável, versátil e prática, que para além de ser mais users friendly (termo utilizado para aplicações desenvolvidas tendo como foco o seu utilizador), disponibiliza aos seus utilizadores uma variedade de novas funcionalidades. Trata-se de uma alternativa muito mais económica mas igualmente eficaz, cumprindo assim o seu objetivo principal. Dadas as restrições temporais para o desenvolvimento deste projeto, são dadas no final deste documento, algumas ideias para uma possível evolução deste sistema, no sentido de o tornar ainda mais inovador.