Qualys opens Android app analysis framework

By

Keeps tabs on Android apps.

Qualys has launched an open-source framework to allow users to find out what their Android apps are doing.


Named the Android Security Evaluation Framework (ASEF), the company said that it allows researchers to harvest behavioural data from hundreds of installed application on a device, analyse their run pattern and assess whether they are doing more than what they are supposed to and if personal information is exposed.

According to a blog by Parth Patel, vulnerability signature engineer at Qualys, he created ASEF to perform Android app analysis, while alerting the user about other possible problems.

“[You should] use it to become aware of unusual activities of your apps, expose vulnerable components and help narrow down suspicious apps for further manual research,” he said.

He said that ASEF takes a set of apps, either pre-installed on a device or as individual APK files, and migrates them to the test suite that runs through test cycles on a pre-configured Android Virtual Device (AVD).

This will simulate the entire lifecycle of an Android app on an Android device, triggering behavioural aspects of it and collecting data using ADB (Android debug bridge utility, which is available as a part of an Android SDK) and network traffic using Tcpdump.

Patel said: “During such a simple yet thorough approach of performing a behavioural analysis for various apps, interesting results were found about apps leaking sensitive information such as IMEI, IMSI, SIM card or a phone number of a device.

“Some malicious apps might just send this data in clear text over the internet, and are much easier to be caught by analysing collected behavioural data. However some malicious apps can be sophisticated enough to detect the default settings of a virtual Android device and might behave differently in such settings.”

Patel also said that ASEF is available as open source so users can gain access to security aspects of Android apps by using this tool with its default settings.

“ASEF will provide automated application testing and facilitate a plug and play kind of environment to keep up with the dynamic field of Android security,” he said.

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:
androidqualyssecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?