An Application Profiler for Android

Project Proposal

 

CSC 714 Real Time Systems - FALL 2011

Arash Rezaei, Gopikannan Venugopalsamy

arezaei2@ncsu.edu, gvenugo@ncsu.edu

 

 

Problem Statement

 

With the advent of smart phones, mobile computing has been revolutionized and many new opportunities have been introduced into the world of research. A challenge with today's smart phones is their security issue with regards to third party applications [1]. The way a given malicious application uses the phone resources like CPU, battery, network and private data is different from the others. The Android market is getting to a considerably large share and screening that for malicious applications becoming so hard, if not impossible. In addition, the platform providers, hardware manufacturers and application markets are not under the same hood. These pose a unique security challenge on the Android based smart phone area. In this project, we propose to aid in identification of malicious application and in attack forensics after identifying that a malicious application is running in the system. This can be achieved by implementing a profiling application which gathers the formation related to the usage of system resources like computing, battery, network and other sensing resources/information related to each application. We believe that this data may help to identify behavior patterns which in turn provide assist to differentiate the applications that consume suspicious level/patterns of resources. Finally, in case of finding an application with suspicious usage by services and activities, appropriate action like warning the user or flagging the application can be taken.

 

Documents

·         Initial Proposal

·         Progress Report (11.11.11)

·         Presentation

·         Final Report

 

Source Code

·         source.zip

 

Project Status

 

Task

Status

Install Eclipse + SDK (both - due OCT 27)

completed

Background reading - profiler applications (both - due OCT 30)

completed

Find the classes to get the monitoring data
Daemon, monitoring: Network, files (creation/deletion/change) (Arash)
Monitoring: CPU, Battery, Sensors (Gopi)

completed

Design the profiler(due NOV 10)

completed

Profiler Implementation (due NOV 23)

completed

Analysis of gathered data (due NOV 25)

completed

Final project report (due NOV 29)

completed

 

 

Links

·         P. Gilbert, B. G. Chun, L. Cox, and J. Jung. Automating privacy testing of smartphone applications. Technical Report CS-2011-02, Duke University, 2011.

·         Android SDK http://code.google.com/android/

 

[Arash]: useful Linux commands and links
[C1] Get PID of every process except those running as root:
% ps -U root -u root -N | awk '{ print $1 }'
[UPDATE] This does not work in Android! The supported shell only supports primitive commands(e.g. does not have awk, grep,...)
[C2] List open files for a process
% ls -l /proc/{pid}/fd
[C3] File changes for a process 
%  diff {pid}/fd_old <(ls -l /proc/{pid}/fd)
[C4] Find out whether a file "Y" in dir "{dir}" has been modified in the last "X" minutes 
%  find {dir} -mmin -X -name Y | wc -l
[UPDATE] You need to have root privilege to get result from running the above commands inside an application
[Code1] Run "top" command inside Android 
private void top()
{
	BufferedReader in = null;
       try {
		Process p = null;
		p = Runtime.getRuntime().exec("top -n 1 -d 1");
         	in = new BufferedReader(new InputStreamReader(process.getInputStream()));

	       String l ="";
	       String content = "";
	
		while((l = in.readLine()) != null)
            		content += l + "\n";

              Log.d(TAG, "content:"+content);
	}catch (IOException e) 
	{
		e.printStackTrace();
	}
}
[link1] How to run linux shell script inside java code.

[link2] Anrdroid Services

[link3] Linux file permissions