Android security solutions through ad library detection and analysis
Date of Issue2016
School of Electrical and Electronic Engineering
With Android activations reaching a million devices per day, it is of no surprise that security threats against the favourite mobile platform have been on the rise. Android is also heavily being used in various enterprise applications; hence security on the Android platform has become one of the biggest concerns. Android Applications use in-app advertisement libraries for monetization. Recent research reveals that many ad libraries, including popular ones, pose threats to user privacy. Some aggressive ad libraries involve in active privacy leaks with the intention of providing targeted ads. Some intrusive ad libraries are classified as adware by commercial mobile anti-virus apps. This report presents various ways of detecting Ad Libraries from Android Apps. A detailed study on the different characteristics of different families of Ad Libraries was made. For the analysis purpose, a crawler is developed to obtain the list of applications present in the Google Play Store across various categories and later download them. Two datasets were made for the analysis purpose. The AdDetect framework which performs automatic semantic detection of in-app ad libraries using semantic analysis and machine learning was studied in detail. A front end prototype GUI is developed for the Ad-Detect framework to automate the Software Architecture Recovery and Ad Library Detection. This report also presents a detailed analysis of the various module decoupling techniques including AppSplit; which is the module decoupling technique used in the AdDetect framework. A module decoupling technique based on hierarchical clustering is used to identify and recover the primary and non-primary modules of apps. Four different machine learning classifiers was used for Ad Library Detection and their performance was evaluated and the best model classifier, which is SVM is used in the AdDetect Framework. A detailed study on the behaviours of different ad libraries was also studied in the course of this project, along with the permissions and APIs used by each of them.
DRNTU::Engineering::Electrical and electronic engineering