Total views : 194

Detecting Blacklisted IP Access from Android Phone

Affiliations

  • Institute of Forensic Science, Gujarat Forensic Sciences University,Gandhinagar –382007,Gujarat, India

Abstract


Objectives: To develop a method to detect access of blacklisted IP from Android. Methods/Statistical Analysis: Android Operating System source code under AOSP was modified and customized to achieve objective of the work. Work was tested on various simulators with variety of black listed and whitel listed IP to confirm outcome. Findings: A well-defined method was derived and verified based on the results of tests carried out during the work. Outcome of the work is an implementation on Android operating system, which customizes the way device connects to an IP through internet. The customization done on operating system helps in identifying interaction of any black listed IP to or from an android device. A supporting python script is also written to automate steps related to interception and interpretation. As being open source, the solution is also extendable to accommodate more features in the same domain. Application / Improvements: The method developed during this research can be used in behavioral analysis of android malware.

Keywords

Android, Android Malware, Black Listed IP, Malicious Website, Malware, Malware Analysis.

Full Text:

 |  (PDF views: 155)

References


  • Unuchek R, Chebyshev V. Mobile malware evolution in Securlist from Kaspersky Lab, 2016.
  • Banerjee U, Vashishtha A, Saxena M. Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection.International Journal of Computer Applications. 2010; 6(7):1–7.
  • Miettinen M, Halonen P, Hätönen K. Host-based intrusion detection for advanced mobile devices in Proceedings - International Conference on Advanced Information Networking and Applications, AINA. 2006; 2: p. 72–6.
  • Saudi M, Ridzuan F, Basir N, Nabila N, Pitchay S, Ahmad I.Android Mobile Malware Surveillance Exploitation Via Call Logs: Proof of Concept in 17th UKSIM-AMSS International Conference on Modelling and Simulation.2015;176–81.
  • Jang J, Kim H. Function-Oriented Mobile Malware Analysis as First Aid in Mobile Information Systems. 2016;1–11.
  • Muttik I, Yerima S, Sezer S. High Accuracy Android Malware Detection Using Ensemble Learning in IET Information Security. 2015; 9(6):313–20
  • Enck W, Gilbert P, Chun B, Cox L, Jung J, McDaniel P, Sheth A. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones in ACM Transactions on Computer Systems (TOCS). 2014; 32(2): 5.
  • Kaur S, Kaur A. Detection of Malware of Code Clone using String Pattern Back Propagation Neural Network Algorithm.Indian Journal of Science and Technology. 2016; 9(33):1–12.
  • Malik S, Khatter K. System Call Analysis of Android Malware Families. Indian Journal of Science and Technology. 2016; 9(21).
  • Jeyaseelan W, Hariharan S. Malware Detection and Elimination using Bayesian Technique and Nymble Algorithm. Indian Journal of Science and Technology.2015; 8(34):1–7
  • Spreitzenbarth M, Freiling F, Echtler F, Schreck T, Hoffmann J. Mobile-Sandbox: Having a Deeper Look into Android Applications in Proceedings of the 28th Annual ACM Symposium on Applied Computing. 2013; 1808–15.
  • Asing T, Batyuk L, Schmidt A, Camtepe S, Albayrak S.An Android Application Sandbox System for Suspicious Software Detection in proceedings of Malicious and Unwanted Software (MALWARE). 2010;–55–62.
  • Neuner S, Veen V, Lindorfer M, Huber M, Merzdovnik G, Mulazzani M, Weippl E, Enter Sandbox : Android Sandbox Comparison in 3rd IEEE Mobile Security Technologies Workshop. 2014.
  • Droidbox website. 2015 September 25. Available from: https://github.com/pjlantz/droidbox
  • OfficialAndroid Source Code Website. http://source.android.com/.
  • Official OpenBL Project website. 2009 Dec 26. Available from: http://www.openbl.org/lists/base.txt

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.