Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/63068
Title: Automated security certification of Android applications based on real time monitoring
Authors: Yuen, Bernard Ming Hui
Keywords: DRNTU::Engineering::Computer science and engineering::Data::Coding and information theory
Issue Date: 2015
Abstract: Smartphones have taken an important role in the current society that many found it impossible to do without. With ever-changing and improving technology, smartphones have become more sophisticated in its features. As such, smartphones are now capable of doing online transactions or Global Positioning System (GPS) and many others. Smartphone security have been an important topic as many spent more time with the smartphones. Exploits have been made possible through different means of vulnerability of smartphone devices. With advancement in technology, surveillance and tracking of such exploits are also made possible. This project aims to design a system which is able to provide real-time tracking system using modifications in the Android Operating System. An Android application will then pick up the traces, conducts analysis and provides a user interface. Users will be able to view and access a display of all the HTTP requests, features and result analysis through the User Interface of the Android application. With this ability, users are able to immediately view which of the applications in the device are possibly malicious. The system picks up Hypertext Transfer Protocol (HTTP) traces from both malicious and benign Android applications. This logging is done within methods of the Android Operating System. All captured traces will be logged into log files for processing by the Android application. Each HTTP request conducted by any Android application will be broken down into dimension features. These features will be used for analysis on whether an Application is malicious or not. Naïve Bayes is being used for data analysis due to its known efficiency and effectiveness in data mining. [1] The evaluation results of the experiment will be performed by the Naïve Bayes algorithm. K-Fold cross validation is conducted to evaluate the effectiveness on the algorithm based on various metrics of accuracy. The system achieved an accuracy result of 69.6% based on a total of 874 HTTP messages. Out of these 874 messages, 608 messages were classified correctly. The results also reached a precision rate of 86.8% and a recall rate of 33.6%. Cross-Validation was conducted on the classifier. An accuracy rate of 99.47%, precision of 99.64% and recall rate of 99.76% was achieved during the validation phase. The base application had been successfully developed and is capable of providing user with a tracking system on intrusions of any HTTP based malicious Android applications. The current system is expandable to target SMS and Phone attacks from malwares. Further implementations of other classification models can also be integrated into the system. In the future, more devices can benefit from this system with further development to scale the system.
URI: http://hdl.handle.net/10356/63068
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
SCE14 - 0226 - FYP_Report_Yuen_Ming_Hui_Bernard.pdf
  Restricted Access
2.39 MBAdobe PDFView/Open

Page view(s) 20

109
checked on Oct 26, 2020

Download(s) 20

7
checked on Oct 26, 2020

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.