Coder Social home page Coder Social logo

scandroid's Introduction

SCAnDroid

This is the Proof-of-Concept implementation of SCAnDroid, a tool published at WiSec 2018. See the "SCAnDroid" paper by Spreitzer, Palfinger, and Mangard for more details.

This repository contains a tool to analyze the Android API for possible information leaks. SCAnDroid relies on the concept of template attacks. Thus, it works without prior knowledge about possible information leaks.

Design of SCAnDroid

The following figure illustrates the design of SCAnDroid, which consists of an Android app (SCAnDroid) and the Backend. The Backend consists of a tool to fetch and parse packages of the Android API, a tool to control the Android app as well as the Android device via the Android Debug Bridge (ADB), and a tool to analyze the gathered information. The Analyzer and the Controller component are based on the "ProcHarvester" framework.

SCAnDroid Design

The basic work flow is as follows:

  1. Fetch packages: The Parser component fetches a list of available constructors, and methods from the Android Developers website.
  2. Parse: The Parser component parses the information to extract a list of methods to be profiled.
  3. Trigger event: The Controller component triggers events, such as website launches, Google Maps search queries, or app starts, on the device.
  4. Log: The Android app (SCAnDroid) relies on Java Reflections to create all objects and profiles/invokes Android APIs, while events are being triggered.
  5. Fetch data: After the profiling phase, the log files are fetched to the Backend.
  6. Analyze: The log files are analyzed to identify information leaks that allow inferring the triggered events.

Evaluation

We used SCAnDroid to analyze information leaks that allow inferring the following events from Android APIs:

  • Website launches
  • Google Maps search queries
  • App starts

One note before starting

Warning: This code is provided as-is. You are responsible for protecting yourself, your property and data, and others from any risks caused by this code. This code may not detect vulnerabilities in your application/OS or device. This code is only for testing purposes. Use it only on test systems which contain no sensitive data.

scandroid's People

Contributors

rspreitzer avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.