Toward Efficient Dynamic Analysis and Testing for Android

Ying-Chih Shen¹, Roger Chien²and Shih-Hao Hung^{1, 2*}

¹Academia Sinica, Taiwan.

²National Taiwan University, Taiwan.

Abstract

Nowadays, Android-based mobile devices, such as smartphones and tablets, have become increasingly popular, and the number of Android applications is growing dramatically. To examine and validate such a high volume of applications, an automated testing and analysis environment is needed. Such an environment is particularly useful for the detection of malicious applications which steal the users' personal information and incur additional charges. In this paper, we present a testing and analysis framework for detecting such malicious applications. Our framework provides an automatic testing flow with minimal user interventions and is enhanced with heuristics to generate stimuli for speeding up the testing process. Compared to the built-in MonkeyRunner toolkit provided by Google, our framework delivered better efficiency in testing and detected more malicious applications with the added heuristics, according to our experimental results.

Keywords: Android, smartphone, information security, malware detection, automatic testing

*Corresponding Author: Shih-Hao Hung
Dept. of Computer Science and Information Engineering, National Taiwan University, No. 1,

Sec. 4, Roosevelt Rd., Taipei 10617, Taiwan, Tel : +886-2-33664888 x320, Email: hungsh@csie.ntu.edu.tw,

Web: http://www.csie.ntu.edu.tw/~hungsh/

IT Convergence Practice (INPRA), Vol. 2, No. 3, pp. 14-23, September 2014 [pdf]