Reversing and auditing of android malicious applications using sandboxing environment

摘要

The android market has gained lot of popularity in the past recent years. The operating system stack is open source, many security analysts and hacker's has the platform to perform research on digital forensics and further enhance their exploiting in finding weakness and modifying the software attack. Our goal in this paper is to perform reversing android malicious applications henceforth audit the vulnerabilities. We reverse using the tools like apktool, dex2jar and jd-gui. Static and dynamic analysis is done with the help of sandboxing environment achieving the goal of reverse engineering. We monitor the activities, services, broadcast receiver's, shared preferences, intents and content providers. Many vulnerable apps uses content provider leakage to store and query data within the phone helpful in auditing purpose. Mobile forensics is about acquisition of information about app installed in platform. In the paper, we perform attack surface and analysis malicious features inside application by exporting its features.