An Application Profiler for Android
Project Proposal
CSC 714 Real Time Systems - FALL 2011
Arash Rezaei, Gopikannan Venugopalsamy
arezaei2@ncsu.edu, gvenugo@ncsu.edu
Problem Statement
With the advent of smart phones, mobile computing has been revolutionized and many new opportunities have been introduced into the world of research. A challenge with today's smart phones is their security issue with regards to third party applications [1]. The way a given malicious application uses the phone resources like CPU, battery, network and private data is different from the others. The Android market is getting to a considerably large share and screening that for malicious applications becoming so hard, if not impossible. In addition, the platform providers, hardware manufacturers and application markets are not under the same hood. These pose a unique security challenge on the Android based smart phone area. In this project, we propose to aid in identification of malicious application and in attack forensics after identifying that a malicious application is running in the system. This can be achieved by implementing a profiling application which gathers the formation related to the usage of system resources like computing, battery, network and other sensing resources/information related to each application. We believe that this data may help to identify behavior patterns which in turn provide assist to differentiate the applications that consume suspicious level/patterns of resources. Finally, in case of finding an application with suspicious usage by services and activities, appropriate action like warning the user or flagging the application can be taken.
Documents
· Progress Report (11.11.11)
Source Code
Project Status
Task |
Status |
Install Eclipse + SDK (both - due OCT 27)
|
completed |
Background reading - profiler applications (both - due OCT 30)
|
completed |
Find the classes to get the monitoring data
Daemon, monitoring: Network, files (creation/deletion/change) (Arash)
Monitoring: CPU, Battery, Sensors (Gopi)
|
completed |
Design the profiler(due NOV 10)
|
completed |
Profiler Implementation (due NOV 23)
|
completed |
Analysis of gathered data (due NOV 25)
|
completed |
Final project report (due NOV 29)
|
completed |
Links
· P. Gilbert, B. G. Chun, L. Cox, and J. Jung. Automating privacy testing of smartphone applications. Technical Report CS-2011-02, Duke University, 2011.
· Android SDK http://code.google.com/android/
[UPDATE] This does not work in Android! The supported shell only supports primitive commands(e.g. does not have awk, grep,...)% ps -U root -u root -N | awk '{ print $1 }'
[C3] File changes for a process% ls -l /proc/{pid}/fd
[C4] Find out whether a file "Y" in dir "{dir}" has been modified in the last "X" minutes% diff {pid}/fd_old <(ls -l /proc/{pid}/fd)
[UPDATE] You need to have root privilege to get result from running the above commands inside an application% find {dir} -mmin -X -name Y | wc -l
[link1] How to run linux shell script inside java code.private void top() { BufferedReader in = null; try { Process p = null; p = Runtime.getRuntime().exec("top -n 1 -d 1"); in = new BufferedReader(new InputStreamReader(process.getInputStream())); String l =""; String content = ""; while((l = in.readLine()) != null) content += l + "\n"; Log.d(TAG, "content:"+content); }catch (IOException e) { e.printStackTrace(); } }