Toward Efficient Dynamic Analysis and Testing for Android Ying-Chih Shen1, Roger Chien2 and Shih-Hao Hung1, 2* 1Academia
Sinica, Taiwan.
2National
Taiwan University, Taiwan.
Nowadays, Android-based mobile
devices, such as smartphones and tablets, have become increasingly popular,
and the number of Android applications is growing dramatically. To examine
and validate such a high volume of applications, an automated testing and
analysis environment is needed. Such an environment is particularly useful
for the detection of malicious applications which steal the users' personal
information and incur additional charges. In this paper, we present a testing
and analysis framework for detecting such malicious applications. Our
framework provides an automatic testing flow with minimal user interventions
and is enhanced with heuristics to generate stimuli for speeding up the testing
process. Compared to the built-in MonkeyRunner toolkit provided by Google,
our framework delivered better efficiency in testing and detected more
malicious applications with the added heuristics, according to our
experimental results. Keywords: Android, smartphone, information security, malware detection, automatic testing *Corresponding Author: Shih-Hao Hung Sec. 4, Roosevelt Rd., Taipei 10617, Taiwan, Tel :
+886-2-33664888 x320, Email: hungsh@csie.ntu.edu.tw, Web: http://www.csie.ntu.edu.tw/~hungsh/ IT
Convergence Practice (INPRA), Vol. 2, No. 3, pp. 14-23, September 2014 [pdf] |