China
Africa
Explore chapters and articles related to this topic
AndroSet: An Automated Tool to Create Datasets for Android Malware Detection and Functioning with WoT
Published in Aarti Jain, Rubén González Crespo, Manju Khari, Smart Innovation of Web of Things, 2020
Manju Khari, Renu Dalal, Udit Misra, Ashish Kumar
In 2008, the Android freeware operating system was released and was known as Android. It is built on the topmost layer of a Linux kernel. Mostly, Android applications are based on the Java programming language and also on the recently released Kotlin language by JetBrains. The source code for these applications is run on Dalvik Virtual Machines. The Android architecture as shown in Figure 11.1 can be divided into six major layers: the kernel at the bottom layer, low-level tools, the hardware abstraction layer, C/C++ libraries, the Android Runtime and the framework of Java API and all applications on the top layer. For core system utilities like management of memory and process, security, network stack and driver model, Linux version 2.6 is used for Android. Between the hardware and software stack, the kernel layer works as an abstraction layer [15]. A standard interface provides the hardware abstraction layer (HAL) which reveals the capabilities of a hardware device to the upper-level Java API framework. Each application works in their own process and their own instance of Android Runtime (ART), when running in Android version 5.0 with API level 21 or above. DEX files are executed on virtual machines with minimum memory devices; these files use a byte code format for the Android which optimized the minimum memory footprint. Services and components, like ART and HAL, are used in the core Android system; they are created from novel code which needs native libraries that are using in C and C++ language. Java framework APIs provide the Android platform to reveal the utility of a few native libraries to applications. Due to the Java language, the Android OS is easy to access for end users by using API. Android has the features of core application for SMS end users, email, internet browsing, calendars, contacts and many more. The platform included many apps which have no significance between the apps the end user chooses to install. These are the six layers which form the core of Android.
FloVasion: Towards Detection of non-sensitive Variable Based Evasive Information-Flow in Android Apps
Published in IETE Journal of Research, 2022
Bharat Buddhadev, Parvez Faruki, Manoj Singh Gaur, Shubham Kharche, Akka Zemmari
We evaluated FlowDroid on simple reflective apps of DroidBench test-suite. Further, we inserted nested reflective methods. FlowDroid failed to detect implicit flow between any given source and the sink. We analyzed that neutral data-passing conditions (non-sensitive variables) among tainted variables failed the existing analysis techniques. DroidSafe does not handle dynamic code loading; hence, the apps containing native code libraries (C/C++) from the dataset. Further, we evaluated FloVasive apps on TaintDroid, a dynamic analysis based tainting system. Our findings revealed that TaintDroid detected sensitive sources and sinks, but failed to identify data leakage. Since TaintDroid supports only legacy Dalvik systems, it was deemed incapable for evaluating Android RunTime (ART) apps.