Qualys opens Android app analysis framework

Powered by SC Magazine
 

Keeps tabs on Android apps.

Qualys has launched an open-source framework to allow users to find out what their Android apps are doing.

Named the Android Security Evaluation Framework (ASEF), the company said that it allows researchers to harvest behavioural data from hundreds of installed application on a device, analyse their run pattern and assess whether they are doing more than what they are supposed to and if personal information is exposed.

According to a blog by Parth Patel, vulnerability signature engineer at Qualys, he created ASEF to perform Android app analysis, while alerting the user about other possible problems.

“[You should] use it to become aware of unusual activities of your apps, expose vulnerable components and help narrow down suspicious apps for further manual research,” he said.

He said that ASEF takes a set of apps, either pre-installed on a device or as individual APK files, and migrates them to the test suite that runs through test cycles on a pre-configured Android Virtual Device (AVD).

This will simulate the entire lifecycle of an Android app on an Android device, triggering behavioural aspects of it and collecting data using ADB (Android debug bridge utility, which is available as a part of an Android SDK) and network traffic using Tcpdump.

Patel said: “During such a simple yet thorough approach of performing a behavioural analysis for various apps, interesting results were found about apps leaking sensitive information such as IMEI, IMSI, SIM card or a phone number of a device.

“Some malicious apps might just send this data in clear text over the internet, and are much easier to be caught by analysing collected behavioural data. However some malicious apps can be sophisticated enough to detect the default settings of a virtual Android device and might behave differently in such settings.”

Patel also said that ASEF is available as open source so users can gain access to security aspects of Android apps by using this tool with its default settings.

“ASEF will provide automated application testing and facilitate a plug and play kind of environment to keep up with the dynamic field of Android security,” he said.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


Tags
 
 
 
Top Stories
IBM, NEC picked for major NSW Transport deals
Final contract negotiations begin.
 
Govt proposes crackdown on ISPs over piracy
Wants new legal powers for copyright industry.
 
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  30%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1013

Vote