How to play Hooker: A solution for automated analysis of markets Android presented at SSTIC 2014

by Georges Bossert, Dimitri Kirchner,

Summary : Android is now the operating system on most common mobile market, which has made it a prime target for malicious applications. To counter these, the Google OS is based primarily on a system of permissions: a user must validate the permissions requested by an application before installation. However, this model has a particularly troublesome weakness: the need of the user. Indeed, it is difficult to deny the installation of an application from the time the user needs it, even if the request unjustified rights.
There is therefore a priori the need for public knowledge base to understand if the application you wish to install a problem of security. In this paper, we propose an automated analysis of markets solution Android: Hooker. This helps identify critical events stakeholders on an Android system and centralize in a dedicated database. The processing of this information and the presentation of results performed intelligently allows ultimately realize that both macroscopic microscopic analyzes. The first focuses on the operation of a particular application; the second on finding similar behavior to a set of applications and therefore potentially an entire market.