Design, Implementation and Evaluation of Security Analysis of Android Applications in Third-party Marketplaces

Chiale, S. (2017). Design, Implementation and Evaluation of Security Analysis of Android Applications in Third-party Marketplaces (MSc ASDF Dissertation). Edinburgh Napier University (Buchanan, B., Macfarlane, R.).



Android is becoming a popular OS and is increasingly targeted by malware threats. This dissertation aims to analyse an overall situation of currents unofficial Android marketplaces, geo-localizing malware distribution over three main regions: China; Europe; and Russia. It will provide a comprehensive review of existing academic literature about security in Android focusing especially on malware detection systems and existing malware databases. Similar noteworthy projects, like DroidRanger and DroidMOSS, will be analysed and compared throughout the literature review revealing strengths and weaknesses of both past studies and recent ones. A description of three recent Android malware threats provides a current understanding of the threat landscape.
Contents from the literature review will be used then to design and implement a tool which provides to crawl application URLs online using a Python script supported by noteworthy libraries like BeautifulSoup and Lxml. A second Python script will be implemented in order to scan downloaded file, taking advantage of VirusTotal and the related API, storing malware detection results within a local SQLite DataBase. A third part of the tool will analyse downloaded files which has never been scanned via VirusTotal and it will try to evaluate them through both uploading them via VirusTotal, comparing permission with the most similar Google Play version, and using a dynamic data leak tool.
Data collected using the described tool throughout third-party marketplaces have been then statistically analysed and revealed a 5% of malicious applications in an overall scenario. A second separate statistic has been performed within Europe, Russia and China, revealing China as the most dangerous location for Android marketplaces with 248 potential malicious APKs found in them. Furthermore, histograms showed Russia and Europe with a preponderance of generic detections and adware, while graphs referring to China revealed it targeted mainly by riskware and malware. All the files that has never been scanned via VirusTotal were analysed later, revealing again the highest rate of potential malware inside China’s marketplaces.
[Read More]


Areas of Expertise

Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.

Associated Projects