A Practical Approach to Android Mobile Application Security

International Journal of Applied Mathematics Electronics and Computers, Dec 2018

In parallel to rapid developments in computer technology, the number of mobile applications developed for the devices also increases. Mobile applications make life easier, but also bring some risks. These applications may create some weaknesses due to mistakes in the app development or use phase. In this study, a sample security test was performed for mobile application security awareness. This paper related to phising attacks to Android mobile users and data storage security on Android device. The sample mobile application has been decompiled. The malicious code was injected into the sample app. After the code was injected into the sample banking application developed, the user interface was modified. In addition, when the application is open, the user's credit card information is requested. After the user fills information, the credit card information is sent to a different phone number (attacker’s phone number) through an SMS. The mobile user is at risk of stealing sensitive information. This study also shows that the data stored in the device can be accessed through the Android Debug Bridge (ADB) shell commands. As a result, this paper shows that the application developer should be more careful during the development phase and the device user should be more careful during the use phase.

Article PDF cannot be displayed. You can download it here:

http://dergipark.org.tr/download/article-file/609607

A Practical Approach to Android Mobile Application Security

International Journal of Applied Mathematics Electronics and Computers ISSN:2147-82282147-6799 http://dergipark.gov.tr/ijamec Original Research Paper A Practical Approach to Android Mobile Application Security Ahmet Caliskan 1, Sakir Tasdemir2,* Accepted : 18/11/2018 Published: 27/12/2018 DOI: 10.18100/ ijamec.2018447400 Abstract: In parallel to rapid developments in computer technology, the number of mobile applications developed for the devices also increases. Mobile applications make life easier, but also bring some risks. These applications may create some weaknesses due to mistakes in the app development or use phase. In this study, a sample security test was performed for mobile application security awareness. This paper related to phising attacks to Android mobile users and data storage security on Android device. The sample mobile application has been decompiled. The malicious code was injected into the sample app. After the code was injected into the sample banking application developed, the user interface was modified. In addition, when the application is open, the user's credit card information is requested. After the user fills information, the credit card information is sent to a different phone number (attacker’s phone number) through an SMS. The mobile user is at risk of stealing sensitive information. This study also shows that the data stored in the device can be accessed through the Android Debug Bridge (ADB) shell commands. As a result, this paper shows that the application developer should be more careful during the development phase and the device user should be more careful during the use phase. Keywords: Android, Spyware, Reverse Engineering, Vulnerability, Phishing, Security 1. Introduction Depending on the advancement of technology, the use of smart devices such as phones and tablets is rapidly increasing. Digital marketing agency We Are Social provides detailed information about mobile device usage. The report states that more than five billion people use mobile devices in the world [1]. The usage rates of operating systems can be displayed interactively on the official website of Kantar Worldpanel [2]. As seen in the reports, the most used operating system is the Android operating system. Therefore, in this study, the Android mobile operating system was preferred. In the study "Android Applications and Security Breach" [3] some types of cyber attacks and mobile threats that attackers perform to steal user information are described. In addition, the Remote Access Trojan example that called Dendroid was analyzed. In the study “Android Malware Detection & Protection: A Survey” [4], malware applications on Android are described. In the paper that called “An Enhanced Security Framework for Reliable Android Operating System” [5], an increase in the number of applications installed as malware in the Android operating system has been mentioned. The study, titled “An Android-based Trojan Spyware to Study the NotificationListener Service Vulnerability” [6], a trojan application, known as SMS backup, is developed to spy the notifications of other applications. The study, “Mobil Kötücül Yazılımlar ve Güvenlik Çözümleri Üzerine Bir İnceleme” [7], it was targeted some researches on security solutions for mobile devices to present a comprehensive view. The study, titled “Android Security” [8], this thesis shows the security-relevant structures of Android’s system and application architecture. In order to provide infrastructure-independent _______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ Kuveyt Türk Participation Bank Research & Development Center, Kocaeli – 41420, TURKEY 2 Computer Engg., Selcuk University, Konya – 42002, TURKEY * Corresponding Author: Email: 1 International Journal of Applied Mathematics, Electronics and Computers education, the exercises are based on Android Virtual Devices (AVDs). The paper, titled “Mobile Security Testing Approaches and Challenges” [9] presents four security testing approaches for mobile security. The study, “An effective behavior-based Android malware detection system” [10] proposes a behavior-based malware detection system. The study titled “Keyboard or Keylogger?: a security analysis of third-party keyboards on Android” [11] is shown that third-party keyboard applications can work as keylogger. The study titled “Android Zararlı Yazılımlarını Tespit Etme, İmza Oluşturma ve Sınıflandırma” [12], a new malware detection infrastructure, developed for the Android operating system, signature algorithms, correlation with other malware families and evaluation of proposed system are discussed. In the studies, titled “Mobil Yaşamda Siber Güvenlik Yaklaşımı” [13] and titled “Android Keylogging Threat” [14], mobile security risks and measures are described. The study, “Mobil Bankacılıkta Güvenlik Sorunlarının Analizi” [15] mobile application security methods are described and presented. In the studies, “Android Kötücül Yazılım Tespit Sistemleri İncelemesi” [16], “An Android Malware Detection Method Based on AndroidManifest File” [17] “Permission-Based Android Malware Detection” [18] and “MAMA: Manifest Analysis for Malware Detection in Android” [19], AndroidManifest.xml file has been seen that how important it is for application security. As seen in the literature, if there is not enough security on mobile devices, personal information of the users can be stolen, their privacy can be violated and the applications of the users can be disabled. In this study has been shown that malicious code can be injected into some applications because of the sensitive data obtained after reviewing the AndroidManifest.xml file. Some mobile applications on the non-rooted device have been reverse IJAMEC, 2018, 6(4), 53–58 | 53 engineered. In addition, some applications were analyzed through ADB terminal commands and it was shown that important information stored on the device can be access. After injecting new codes into the application in this study; • Some UI changes (color changes, text changes etc.). • The Toast message will be displayed every time the application is opened. • Dialog screen will be displayed. After users fill their credit cards information and the users click the OK button, user's credit cards information will be sent as SMS to the attacker’s phone. As a result of the changes, there is no malfunction in the application. Some risks arise as a result of carelessness during application development and use. In order to draw attention to these risks, this study was carried out entirely ethically. Also in the figures in this study, information that is thought to remind any original application has been modified and censored. Very importantly, this study (...truncated)


This is a preview of a remote PDF: http://dergipark.org.tr/download/article-file/609607
Article home page: http://dergipark.org.tr/ijamec/issue/41654/467450

Sakir Tasdemir, Ahmet Caliskan. A Practical Approach to Android Mobile Application Security, International Journal of Applied Mathematics Electronics and Computers, 2018, pp. 53-58, Volume 4, Issue 6,