MULTIPLE ANDROID PACKAGE FILES EXTRACTOR IN MINING REQUEST PERMISSIONS AND API CALLS

摘要

Android smartphone has the highest demand in the world due to the ability of the devices and the open source software concept. Numbers of Android applications are increasing as to fulfill users and businesses’ needs. Not only Android gains huge business return but its applications has also become the target of attackers. One of the approaches to investigate and detect malware is through a reverse engineering technique where the profile parameters are extracted. The process of reversing Android execute file (.apk) individually takes a long time. Other than having used several tools, the approach leaves open the possibility of misconduct during the mining of necessary source codes. Therefore, an Android permissions and Application Programming Interface (API) calls extractor tool were developed for Android mobile devices apps. This tool had the capability to record all request permissions and required API calls inside the AndroidManifest.xml and classes.dex made to App executable file. In addition, the automatic feature of the tool allowed for the recording of the permission and API calls more than one Android Package Kit (APK) files at a time. MAPE (Multiple Android Package Extractor) was developed using Node.js. Currently, researchers either disclose mining techniques or use existing tools manually. MAPE used a sequential search in Depth First Search (DFS) technique to accomplish the operation. This tool can shorten the researchers’ processing time on retrieving request permissions and targeting API calls. The output produced by MAPE can be used for several purposes such as Apps categorization and malware detection.