Title: Reversing and auditing of android malicious applications using sandboxing environment

Authors: V. Joseph Raymond; R. Jeberson Retna Raj

Addresses: Faculty of Computer Science and Engineering, Sathyabama Institute of Science and Technology, Chennai, 600119, India ' Faculty of Computer Science and Engineering, Sathyabama Institute of Science and Technology, Chennai, 600119, India

Abstract: The android market has gained lot of popularity in the past recent years. The operating system stack is open source, many security analysts and hacker's has the platform to perform research on digital forensics and further enhance their exploiting in finding weakness and modifying the software attack. Our goal in this paper is to perform reversing android malicious applications henceforth audit the vulnerabilities. We reverse using the tools like apktool, dex2jar and jd-gui. Static and dynamic analysis is done with the help of sandboxing environment achieving the goal of reverse engineering. We monitor the activities, services, broadcast receiver's, shared preferences, intents and content providers. Many vulnerable apps uses content provider leakage to store and query data within the phone helpful in auditing purpose. Mobile forensics is about acquisition of information about app installed in platform. In the paper, we perform attack surface and analysis malicious features inside application by exporting its features.

Keywords: static analysis; dynamic analysis; app reversing; attack surface; mobile forensics.

DOI: 10.1504/IJESDF.2020.110674

International Journal of Electronic Security and Digital Forensics, 2020 Vol.12 No.4, pp.386 - 396

Received: 24 Oct 2019
Accepted: 13 Nov 2019

Published online: 23 Jul 2020 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article