Scribd
Upload
7 views19 pages

Android Malware Analysis

The project focuses on analyzing Android malware using machine learning techniques to improve detection accuracy over traditional checksum methods. It aims to develop a user-friendly GUI that can scan APK files for malware before installation, utilizing various tools for dynamic and static analysis. The team has collected a dataset of 1000 APKs and is in the process of automating analysis tools and applying machine learning algorithms to enhance detection capabilities.

Uploaded by

palaksharma70188
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
7 views19 pages

Android Malware Analysis

The project focuses on analyzing Android malware using machine learning techniques to improve detection accuracy over traditional checksum methods. It aims to develop a user-friendly GUI that can scan APK files for malware before installation, utilizing various tools for dynamic and static analysis. The team has collected a dataset of 1000 APKs and is in the process of automating analysis tools and applying machine learning algorithms to enhance detection capabilities.

Uploaded by

palaksharma70188
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Final Year Project

(Endterm) July2022-
December2022
ANDROID MALWARE ANALYSIS

Supervisor (s): • Team Member(s): 4


DR. RITA • Name (Roll no's) :
DR. PRACHI ⮚ Ayush Sharma – 19csu058
⮚ Ayush Rana – 19csu056
⮚ Shruti Verma – 19csu301
⮚ Yogesh Aggarwal – 19csu361

Department of Computer Science and Engineering


Description of the Broad Topic
• There has been observed rise in Android malware crimes and difficulty in
analyzing new Android malware with using the outdated methodology of
checking through checksums.

• Thus we came up with an idea where our software will analyze zero day malware
with the highest degree of accuracy possible using machine learning (ML)-based
methods that have been shown to be effective in detecting the malware.

• To assess if an apk is dangerous or not, we will use the most recent malware apk
datasets and the most effective machine learning techniques.
Existing Solutions/Literature Review
• One of the mainstream methods which is being used today is analyzing the apk
using checksum method which basically means converting an apk file into a hash
and comparing it with a malicious hash database which stores all the hashes of the
malicious files and if that malicious apk hash is found in that database it is
declared as malicious.

• With our software the apk is being analyzed not only statically but even
dynamically as its api’s and syscall are also being analyzed and using AI ML its
being detected that whether the apk is malicious or not. Even though this method
is in use, it’s still in research for the android apk’s as different ML algorithm.
Problem Statement
• With more people using mobile devices, malware attacks are increasing,
particularly against Android phones. Hackers use a range of techniques to attack
smartphones, including credentials that have been stolen, monitoring, and
malicious advertising.

• It is very essential to detect whether a particular apk is safe or not or it can be said
whether an apk is benign or malicious.

• Thus we need to build a user-friendly GUI that can scan an apk before
downloading it into the android devices and detect whether it contains malware or
not, and if it does then what kind of malware.
[Link]
Objectives
The objectives of this project are as follows:

• Collect the dataset containing different apks.


• Extract the features from the apks.
• Use of feature selection techniques to select the top features.
• Choosing the best machine learning technique that gives higher accuracy for
detection.
• Design a user friendly GUI for malware detection.
Project Flow
Tools Used

GenyMotion –
For deploying APK’s for
dynamic analysis
Tools Used

MobSf –
For static and dynamic
analysis of apk’s
Tools Used

Strace –
Strace is a tool that comes
with genymotion, it is
used to capture the syscall
of the apk.
Tools Used

Strace –
Captured syscalls
Tools Used

Droidbot –
A simple test input generator
for Android is called
DroidBot. It can build a UI
transition graph (UTG) after
testing, achieve larger test
coverage more rapidly, and
provide random or
programmed input events to
an Android app.
Tools Used

Frida Scripts –
Frida is an toolkit that allows us to run
or execute different scripts as well as
some basic commands on the android
devices. It even uses java script code to
execute the scripts and the best part of
Frida is that we can modify the script
as we want.
Tools Used

Frida-
Captured APICALL
GANTT Chart
Responsibility Chart
Our progress so far
• Literature review for dynamic and hybrid analysis.
• We have successfully automated:
Mobsf-static analysis,
Strace-syscalls,
Droidbot.
• We are able to generate the dataset in the form of binary(0&1)
• if any syscall is present then 1
• otherwise 0

• We have collected Apk’s:


• 1000 apk’s
What we will do next
• Automate more tools for the api and sys calls data.

• Generate the whole dataset from the text files in the form of 0 and 1.

• Apply machine learning algorithms on the dataset and find the algorithm with
highest accuracy.

• Build a GUI for the problem statement.


Thank You ☺

You might also like