Android Malware Detection Tool Using Dynamic Taint Analysis

Abstract

Code analysis and Malwares detection for Android applications are considered as an serious problem; there are many researches to apply new and creative techniques that can detect Malwares at scan time before run the application then compare the similarity between them and the old malwares that archived on some malwares databases and some scanning website like VirusTotal. These researches are being rapidly grown because of wide using and a huge number of new applications. This thesis tries to take the lead of the way of detection malwares using dynamic analysis in specific dynamic taint analysis this method based on android application analysis at run time then monitoring and logging the information flow out of the device from any port like wireless card interface or Bluetooth, specially private data and secure info such as credit card info, SMS, contacts, IMEI . etc, Our malware dataset consist of 50 Android applications for this research 50% of them benign and the rest malwares. Finally we feed the machine learning algorithm with data to classify it and we measure the accuracy and detection ratio it reach 74.7% this result being satisfied and good enough because of variety of malwares in real life and difficulties on classifying them such like Trojans, spywares, exploits and viruses application. Thesis is considered as one of little researches on malwares detection using dynamic analysis, this because of huge difficulties faced by the way of monitoring and logging the information flow, it also take from us a huge effort on prepare and initialize the testing environment, downloading android OS source code and making some modifications then build a customize version that been compatible with some special devices types.