Behavioral Analysis of Android Applications Using Automated Instrumentation

摘要

Google's Android operating system has become one the most popular operating system for hand-held devices. Dueto its ubiquitous use, open source nature and wide-spread popularity, it has become the target of recent mobile malware. In this paper, we present our efforts on effective security inspection mechanisms for identification of malicious applications for Android mobile applications. To achieve that, we developed a comprehensive software inspection framework. Moreover, to identify potential software reliability flaws and to triggermalware, we develop a transparent instrumentation system for automating user interactions with an Android application that does not require source code. Additionally, for run-time behavior analysis of an application, we monitor the I/O system calls generated the by application under monitoring to the underlying Linux kernel. As a case study, we present two Android malware samples found in the wild to experimentally evaluate the applicability of our proposed system for uncovering potential malicious activities.