Android malware analysis using application permissions

• Main Author: Hamadi, Zaid Khalid
• Format: Thesis
• Language: English; English
• Published: 2015
• Subjects: T Technology (General); TK Electrical engineering. Electronics Nuclear engineering
• Online Access: http://eprints.utem.edu.my/id/eprint/15895/; https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=96210

Smartphones are the most useful devices nowadays because they offer a lot of useful services besides the aspect of mobility that benefit the user even more. In addition, the most popular platform is Android, because it offers verity of thousands free applications and also because the platform is open source. In this case anybody can develop an application and then publishing it on the store. In this research, we are aiming to analyze 400 Android application samples taken from Google’s play store, in order to determine the percentage of having the malware behavior within the collected samples. A confirmed malware dataset will be collected as well and the analysis will be done in order to derive malware patterns (permissions) and then comparing the 400 application samples with the malware derived malware patterns based upon the permissions requested. However, a certain combination of some Android user permissions could create a malware behavior such as the ability to read user contacts and the permission of using the web browser. At this point we can determine that this application has a malware behavior, which can send the user contacts to a third-party server without the knowledge of the user, but this is needed to be confirmed by analyzing the application’s source code. After doing the analysis, we will be able to propose a framework to protect the user private data that will benefit the users and the application developers to avoid designing an application that request such dangerous permissions combination if possible.