[PDF] [PDF] Bachelor Thesis Project Evaluation of the Android - DiVA portal

[PDF] Practical Android Projects

Practical Android Projects mpanion eBook Available Practical Android Projects Building cool scripts, apps, and games for Android Smartphones

[PDF] Practical Android Projects

Practical Android Projects Lucas Jordan Pieter Greyling Apre •Chapter 5: Introducing SL4A: The Scripting Layer for Android 193 •Chapter 6: Creating a 

[PDF] ANDROID MOBILE APPLICATION A Project Presented to the faculty

In this project, the ZeroQ Android application helps people avoid having to stand in a long queue by: (1) allowing them to scan (the barcode) on the items they 

[PDF] Annexe Android Studio (33)

https://developer android com/studio/tools/sdk/eclipse-adt ADT Plugin and this is the JDK version we recommend you use for your Android projects

[PDF] HISTORY AROUND ME - AN ANDROID MOBILE APPLICATIONpdf

6 déc 2017 · Tajjedine Rachidi, first for agreeing to be my capstone supervisor, for his assistance and counsel throughout the project lifespan from the 

[PDF] Mobile Learning Application for AUI Students - Al Akhawayn University

The mobile learning application presented in this project will have several advantages which is Android Studio since it is the most commonly used for Android 

Practical Android

Practical Android: 14 Complete Projects on Advanced Techniques and Approaches Mark Wickham Dallas, Texas, USA ISBN-13 (pbk): 978-1-4842- 3332-0

[PDF] Download Arduino Android Projects For The Evil Genius - Ankr

Get Arduino Android Projects For The Evil Genius Control Arduino PDF Book on PDF Bank with Freely For Arduino Android Projects For The Evil Genius 

[PDF] Bachelor Thesis Project Evaluation of the Android - DiVA portal

Fur- thermore, this paper analyzes the result of risks how to affect the applications Keywords: Android application, Android Stores, APK files, Risk Page 3 

[PDF] Android Application Development - Theseus

phase were Eclipse with the ADT plug-in, the Android SDK and the Parse SDK The result of this thesis project was a working Android application which can 

[PDF] android sdk version compatibility

[PDF] android security features

[PDF] android security model pdf

[PDF] android source code browse

[PDF] android source code download

[PDF] android studio language kotlin

[PDF] android x86 hardware requirements

[PDF] android cts

[PDF] angelina paris 75001 paris france

[PDF] angle symbol on macbook

[PDF] angle symbol shortcut mac

[PDF] angle symbol word mac

[PDF] angular 7 tutorial 2019

[PDF] angular 7 tutorial pdf download

[PDF] angular acceleration

Author:Huan Rong

Supervisor:Ola Flygt

Semester:VT 2016

Subject:Computer ScienceBachelor Thesis Project

Evaluation of the Android

Third-party stores

- Specifically on the risks of Android application

Abstract

Android is an open source mobile operating system contributed by Google. In gen- eral, Google Play is the most secure place to download the mobile applications for Android system. [1] Products from this website are surely safe promised by Google Company. But there are many other third-party app stores around the world offering similar software. One incentive for them is that the security policy on different plat- forms varies a lot, and Android developers are free to distribute apps in any intended ways, which leads to a certain risk in the assorted stores such as malware. There- fore, it is crucial to know which application store can be trusted from the various app stores. [2] To support our research, a tool named APK Safety Test is developed to compare the APK files from different application stores with the version on Google Play. In this study, nine stores around the world are chosen and 20 various applications from them are checked in real-time by using the tool. From this research, people can learn the different risk how can be detected. Fur- thermore, this paper analyzes the result of risks how to affect the applications. Keywords:Android application, Android Stores, APK files, Risk

Contents

1 Introduction

1

1.1 Background

1

1.2 Previous research

1

1.3 Problem formulation

2

1.4 Motivation

2

1.5 Research Question

3

1.6 Scope/Limitation

3

1.7 Target group

4

1.8 Outline

4

2 Method

5

2.1 Scientific approach

5

2.2 Method description

5

2.3 Reliability and Validity

7

3 An Overview of Android

9

3.1 Android system

9

3.2 Android applications

9

3.3 Google Play VS Third-party stores

9

3.4 APK File

10

3.5 Malware attack

11

3.6 APK Downloader

11

4 Design and Implementation

13

4.1 Description and flow graph of operation

13

4.2 Design of tool

14

4.3 APK Downloader Virus detection

16

4.4 Graphic illustration operation

17

5 Stores Detection

20

5.1 Selected application stores

20

5.2 Applications Selection

21

5.3 Experiment environment

21

5.4 Dealing with the data of results

21

5.5 Reliability of APK Safety Test

22

5.6 Unavoidable affection of this experiment

22

6 Results

23

7 Analysis and Discussion

26

8 Conclusions

28

8.1 Answers to research questions

28

8.2 Future Research

29

References

30
A Appendix A Result tables for each store of each application A

1 Introduction

Android is the most popular system for mobile devices and the corresponding applications are used a lot by users to serve their daily life. With the increasing numbers of Android applications and stores, the potential risks cannot be ignored as they may lead to the malicious invasion which will affect the whole system. In this research, these third-party stores compared to Google Play, which is the standard at this time, the content includes risks? definition and analysis of Android applications and comparison process to get the trusted application stores.

1.1 Background

Most of the Android users prefer to use Google Play, which is the official store of Android system. Meanwhile, it has many other third-party app stores for Android, and they are more commonly being used in regions where the access to Google Play is restricted. Dif- ferent Android third-party stores have various methods to attract users, for example, by providing free or discounted apps of the day. Besides, there are some stores that specif- ically cater to different countries and offer localized apps, which could only be found and downloaded within a particular region. Therefore, it remains difficulty to choose an Android third-party store with safety and trust, but it is the most basic and important standard. [1] In addition, security policies vary on different Android app stores, and Android de- velopers are able to upload their apps in any intended approaches without limitation. Therefore, the risks certainly exist such as malware while using a third party app store. In spite of the recommendations on the internet, some of them are out of date and not meet the current standards. Simply testing the safety factors of APK files will never be enough. Along with the rapid progress of technology, different factors become more com- prehensive than safety, such as the outdated version or ratio of modified third-party stores. What?s more, not all modifications to original APK files are malevolent. Some changes aiming to improve user"s experience should be acceptable. For example, when users have no access or intention to use Google Play, it is necessary to find out which third-party store is easier to use on the premise of safety. According to the report from AV-Comparatives, from November of 2012 to May of

2013, there are totally 7175 sorts of malware in around 20 Android third-party app stores.

Most of them come from the markets in Asia, especially China that accounts for 95% malware transmission in the whole Android app stores. [4] The annual report of Google in 2015 indicates that problems exist in security mechanism of Android system and the risk is much higher than ever before. [5] With the increment of Android users, malware?s targets have also grown. In comparison with the data in 2014, the number of malicious data collection software has tripled and times of downloading malicious software increase by forty-two times. [6]

1.2 Previous research

The inspiration for this study comes from the article"Which Android App Store Can be Trusted in China?"[3] It focused on the secure of those third-party stores in China by dividing them into groups like pre-installed, Android device manufacturers, mobile oper- ators, search engine companies, e-commerce providers, pure stores, and internet forums to analyze. In that article, the authors created a calculation tool to get an evaluation score 1 for each app store by running different tests on applications. The APK files from third- party stores and the correspond APK files from their official websites were compared to generate the analysis report which based on the data collected from the Android app stores in China, aims to find out one of the most secure app stores. In previous research, the safety signs were sorted into three levels, which are safe, warning and critical. In safe level the APK file needs the same sha256, higher version and non-change installation package. For warning level, it means package was damaged or unrecognized, lower version, and mounting error. The last level critical is included the files were changed from AndroidManifest.xml, classes.dex, /lib folder, MANIFEST.MF, res/folder, assets/folder and CERT.RSA. They used the aapt which is a resource packag- ing tool for information retrieval, it includes the name and version of the package. For CERT.RSA, they create X509 which is a kind of certificate to identify. Java MessageDi- gest worked for sha256 detection. To compare the resource catalog of APK file, they use the fc command of Windows. As for detecting the damage to package and installation error, they use the installation testing by the manual. For comparing the difference of APK file between the third-party stores and the offi- cial application sites. They did a comprehensive detection for APK files, which include almost all parts of APK file. However, for this paper, it has been discovered in a further study of this research that every test was done manually one by one with relatively low efficiency. In accordance with one of these situation means the package was damaged. Firstly, the object file is not APK file, if the file is not APK file, it cannot be reorganized. Lack of the key files, such as AndroidManifest.xml, MANIFEST.MF or CERT.RSA. The sha1 of MANIFEST.MA is different from the actual file. Signature is not the same. The approach is not convenient but complex for package damage detection. It also has some redundant detection, because these factors do not need manual installation and not all these parts need to be checked. The mounting error of package is similar to the damage of package. Do not have to make a signature resolution for comparing the signature, detecting sha256 is easier. More details of methods for this research will be presented in the next section.

1.3 Problem formulation

This study will investigate the reasons to make the chang of APK files and the risks of these changes. All the stores in this paper compare with Google Play, especially focus APK file of the same applications. The previous research brings the inspiration of assis- tant tool-TransRank, but it is not suitable for this research, so a new approach exists in this paper. There are several requirements of this tool as follow: Detection process will avoid time error, they can be tested together and compare with Google Play at the same time. To prevent manual testing and decrease the artificial error rate. This tool can detect all the elements which will influence the deference and risks.

It also shows detail information for each item.

Thorough evaluation mechanism for difference detection.

1.4 Motivation

It is evident that great risks exist in Android market. Although users may get a safe result by directing virus detection, such actions are not able to achieve our expected results. 2 Anti-virus software can only tell whether the app is virus free but without detecting the differences in APK files. If the users do not want to use Google Play or they cannot use Google Play, especially the Android Market in China, which application store can be trusted of the rest? With the development of Android market, stores and applications have the tendency of universality. For Chinese users they can choose both the Chinese store and other stores that offer the applications from China. The diversity of Android market offers many choices. For Chinese users, how they can choose a suitable application store and which store should be trusted are still problematic. From this research, users of Android applications can get the advice of choosing the stores when it is necessary to download Android applications on Google Play. This study will discuss the efforts of application updating and the risks? rate of each store if the store action for these risks. Users could not know if the stores change the content of the applications or add new logic. The consistent of APK files will not be the only standard, and the extra functions of the store should also be considered.

1.5 Research Question

The research questions I will answer as following:RQ1How to tell if there are any risks in an Android application?

RQ2Which part of an APK file (the core of an Android application) may be attacked?RQ3Which Android third-party store can be trusted in this research? The above questions represent different aspects. I expect the risks need to be defined accurately and roundly. The results could be diversity to inspire this research.

1.6 Scope/Limitation

The research dimension is across the application stores which means the comparison is between the third-party store and Google Play. It is different from the previous study which focuses on the APK files comparison, they use the applications from the official sites and third-party stores. In this study, the test works with a Java program designed specifically for Android applications and stores. It will test different Android applications from various Android third-party stores. Although as many applications as possible have been tested for this research, it is still not probable to cover all the Android third-party stores or applications. The test program runs on Windows platform and compares APK file of Android application which is a file format for downloading software in Android system. The comparison standard will be the same application chosen from Google Play, where it offers the most official version. [7] In the detection process, due to the lim- ited condition to be compared with the corresponding prototype in Google store, only parts of the stores and apps are selected as samples which will be eventually used to get the answers to the proposed questions. Google Play is regarded as the standard of our research. The third-party stores for detection will be selected from Mobile Advertising Marketplace, a guide website for mobile advertising and app marketing [8]. These appli- cations have been combined with ANDROIDRANK and others are from Baidu, which is the largest online search engine in China [9]. However, a large number of Chinese users cannot access to some applications because of the network limitation. [10] The stores should satisfy the follows: Installed rate, stores are implanted from the beginning 3

Visits, higher than 2 million per month

Downloads, greater than 2 billion

The selection of applications depends on the functions that in includes browser, video playing, e-mail, online shopping, payment, social media, trip booking, office, education, entertainment and music. Each function was selected random 1-3 different apparitions from the Top 15 of the ranking list which is same as application stores. In the meantime, due to the difficulty in getting comprehensive information on APK files from Google Play, APK downloaders are used here as an auxiliary tool to support the download. [11] These APK downloaders need to meet the following requirements to guarantee the data?s reliability:

The speed should not be less than 100kb/s.

The version of APK files needs to be the same as that from Google Play. For the fifty randomly chosen APK files, their code of SHA 256 needs to be coin- cident with that from Google Play.

The time range of network delay should be10-30s.

As Chinese government has some special requirements for online searching engines which limit the functions, Google could not pass the review and offer the best service for users, so it exits from the Chinese market in 2010. Meanwhile, the Chinese government starts using the firewall to disturb the access to Google in China. Accordingly, some Chinese application stores have the limitation of servers; not all the stores can be viewed outside China. In our research we use VPN (Virtual Private Network) [14] to access to these stores by creating a secure network connection over a public network if the internet is owned by private or service provider. When we use VPN, it is simple and stable, just sometimes with some mistakes of IP judgment.

1.7 Target group

The target user groups are made up of those who have some basic knowledge of Android applications and some other softcore users and moreover, someone who need to get infor- mation from apps to serve the help for their working, and daily life as well. Especially, the users who do not want to use Google Play or the Android users in China are the target group in this paper.

1.8 Outline

There are totally eight sections in this thesis proceeded as follows. The method section illustrates how to start the research and what approaches are used. Section 3 brings a brief introduction of the Android system and related staffs; it also explicates the different techniques used in this research. Section of implementation focuses on how to design the tool, and what technique is used. The way to use the designed tool for the final results will also be discussed. The testing chapter shows the problems and limitations during the test process. The results of the experiments are presented in Section 6, and analysis and discussions in Section 7. The final part contains the conclusions of this thesis. Additional tables and code are given in the Appendix. 4

2 Method

This section will describe the methods used in our research.

2.1 Scientific approach

The APKfiles fromthird-party stores havebeen compared with the originalone according to their features in previous work and a reverse detection has been carried out with the uti- lization of the designed auxiliary tool, on-premise to which some modifications are made to satisfy our investigation. The approaches include empirical and deductive research. Empirical research, namely, is a method to summarize conclusions containing the general meanings and laws from a lot of experimental facts, and obtain the nature of items and the internal rules of development through scientific inferential ways. [12] Another approach is deductive research, which means some unknown information deduced from the known part according to theories representing objective laws are worked out by the investigators. This method of scientific thought contains the observation process, mode searching, and [13] The result is resolved based on the acquired data in terms of positivism. To obtain all the information required, the auxiliary tool is used to search each part of the APK file. There are two methods used in the entire process. The first one sorts the contents in APK files which are involved in comparison and defined the risks level qualitatively. The work is conducted for each APK files. Then using the second method: quantitative collecting which operates on the data statistics for all stores, for example, the number of applica-quotesdbs_dbs17.pdfusesText_23