Presentation is loading. Please wait.

Presentation is loading. Please wait.

APKInspector -Static Analysis of Android Applications Student: Yuan Tian Mentor: Cong Zheng Backup Mentor: Anthony Kara Jianwei 08/22/2012.

Published byMeryl Tate Modified over 9 years ago

Similar presentations

Presentation on theme: "APKInspector -Static Analysis of Android Applications Student: Yuan Tian Mentor: Cong Zheng Backup Mentor: Anthony Kara Jianwei 08/22/2012."— Presentation transcript:

1 APKInspector -Static Analysis of Android Applications Student: Yuan Tian Mentor: Cong Zheng Backup Mentor: Anthony Kara Jianwei 08/22/2012

2 Background of Android Security APKInspecctor - Overview - Features - Demo Introduction

3 Background

4 Android Security Scheme Linux process sandbox Permission based component interaction Permission labels defined in AndroidManifest.xml Applications need to be signed Install time security decisions

5 Permissions Normal android.permission.VIBRATE com.android.alarm.permission.SET_ ALARM Dangerous android.permission.SEND_SMS android.permission.CALL_PHONE Signature android.permission.FORCE_STOP_PAC KAGES android.permission.INJECT_EVENTS SignatureOrSystem android.permission.ACCESS_USB android.permission.SET_TIME

6 Component Interaction Intents : IPC Android Manifest.xml: Application’s policy file Component Activity: Define screens Service: Background processing Broadcast Receiver: Mailbox for messages from other applications Content Provider: Relational database for sharing information

7 Application Signature Applications are self-signed; no CA required Signature define persistence –Detect if the application has changed –Application update Signatures define authorship –Establish trust between applications –Run in same Linux ID

8 Malware Type Abuse of Telephony Services Root Exploitation Sensitive Information Exposure Package Repacking Update attack

9 Analysis Techniques Ded smali/baksmali Apktool androguard

10 APKInspector Overview Integrate the previous static analysis tools and provides graphic features which bring convenience to the malware analysis Features: CFG Call Graph Static Instrumentation Permission Analysis Dalvik codes Smali codes Java codes APK Information

11 Improved Features Improvement of UI Adding of more features to assist the analysis of malware Bug Fix Easy to use Powerful Analysis Flexible

12 UI Improvement Automatically installation Fine-grained Graph View to Source View Call Graph Navigation Better display of Control Flow Graph

13 New Analysis Features Reverse the Code with Ded for Java Analysis Static Instrumentation Combine Permission Analysis Add Support for odex

14 17.09.2015 Bug Fix

15 Usage of APKInspector Installation with Shell Script Analysis of APK

16 Usage of APKInspector Filter of Malicious behavior by permission analysis

17 Usage of APKInspector Smali code

18 17.09.2015 Usage of APKInspector Static Code Instrumentation

19 Usage of APKInspector Dalvik Bytecode

20 Usage of APKInspector Control Flow Graph

21 Usage of APKInspector Java

22 17.09.2015 Usage of APKInspector Navigation Back & Forward Current Method displayed

23 17.09.2015 Call Graph Usage of APKInspector

24 Q&A Thanks! tianyuan186@gmail.com

Download ppt "APKInspector -Static Analysis of Android Applications Student: Yuan Tian Mentor: Cong Zheng Backup Mentor: Anthony Kara Jianwei 08/22/2012."

Similar presentations

Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.

Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.

Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Aurasium: Practical Policy Enforcement for Android Applications

Aurasium: Practical Policy Enforcement for Android Applications
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.

Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.

Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.

Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED

ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
S MARTPHONE A PPLICATION D EVELOPMENT Sam Palmer.

S MARTPHONE A PPLICATION D EVELOPMENT Sam Palmer.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
William Enck, Machigar Ongtang, and Patrick McDaniel.

William Enck, Machigar Ongtang, and Patrick McDaniel.
IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.

IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.
Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.

Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Android Introduction Platform Overview.

Android Introduction Platform Overview.

Similar presentations

Ads by Google