Automated security certification of Android application

Android is a popular mobile-device platform developed by Google. Android’s application model is designed to encourage applications(app) to share their code and data with other applications. While such sharing can be tightly controlled with permissions, in general users cannot determine what applications will do with their data, and thereby cannot decide what permissions such applications should run with. Thus with the increasing sales Android powered devices, better security is required to keep up with the growing trend. The first part of the report examines the structure and characteristic of some common malwares found in Android applications and provides findings on these malware. Analysis were made by either researching on the works of other researchers in the field or decompiling the malware file to study its source codes and structure. Using these knowledge, new findings were inferred and are mainly focusing on the trigger of attacks and impacts that these malware have on the infected Android device and their owner. The second part of the report describes the concept of a collaborative environment for detection of malicious application and gathering data for analysis of malicious activities or emerging threats. The concept of identifying malicious activities from Hyper-Text Transfer Protocol(HTTP) traces can be done by creating a dependency graph to visualize the relations between the traces and using this graph, analysis can be made to identify any malicious activities that could have existed based on the relationship among them. This report is useful for other researchers to learn about the trigger of attacks and impact of the malwares analyzed in this project. This report also demonstrate the concept of collaborative environment on its efficiency and the type of attacks that this kind of environment can help to discovers.