Static Analysis of Android Applications

  1. [PDF]

    Language-Based Security on Android

    www.cs.umd.edu/~avik/papers/lbsa.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by A Chaudhuri – 2009 – Cited by 17Related articles
    ing existing static analysis tools [10, 12, 7]. As envisioned above, certified installation ofAndroid applications based on such an implementation should help both

  2. [PDF]

    Using static analysis on Android applications to identify private

    people.cis.ksu.edu/~kuiluo/RPE1.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    16 Feb 2011 – Using static analysis on Android applications to identify private information leaks. 1st RPE presentation by Kui Luo computing and information

  3. Static Analysis Tool for Android Released | Dr Dobb’s Journal

    drdobbs.com/mobility/212001732 – Cached
    11 Nov 2008 – Klocwork Insight Java static source code analysis tool have been extended to support the Android platform, Google’s software stack for mobile

  4. Use of Static Analysis on Android Code? – Android Security

    groups.google.com/group/android-security…/0f5d616784d879f0 – Cached
    5 posts – 4 authors – Last post: 8 Sep 2010
    I was wondering if Google runs automated static analysis tools and or vulnerability …. that is suitable for scanning Android app code. > On Wed

  5. Making Your Android App Better With Static Analysis

    www.projectjourneyman.com/making-android-app-better… – Cached

    24 Aug 2011 – Any way to get free testing and bugfixing for your Android app is a good thing. Here are three tools that can help make your Android app be as
  6. ProjectJourneyman on Android Income

    www.projectjourneyman.com/Cached
    Find the best ways to earn money from your Android apps and games with ProjectJourneyman’s research Making Your Android App Better With Static Analysis

  7. [Owasp-mobile-security-project] static analysis of Android

    https://lists.owasp.org/pipermail/owasp-mobile…/000136.htmlCached
    17 Jun 2011 – Previous message: [Owasp-mobile-security-project] static analysis of Android applications for security vulnerabilities

  8. New Free Tools Simplify Analysis Of Android Malware – Dark Reading

    www.darkreading.com/…/new-free-tools-simplify-analysis-of-android-…
    14 hours ago – The IDA Pro product recently added a static analysis component for the only free and open-source tool that does this for Android applications.

  9. Midterm Report: Project.6 Static Analysis of Android Malware | The

    www.honeynet.org/node/735Cached
    8 Jul 2011 – What’s more, Qt supports cross platform applications. Figure 1: The mainAndroid Static Analysis UI window. The above Figure 1 is the main

  10. Project 6 – Static Analysis of Android Malware | The Honeynet Project

    www.honeynet.org/gsoc/slot6Cached
    In this project, we will provide a powerful tool for analyzers to analyze

  11. RoT-1 Chapter Status Report – 2011 | The Honeynet Project

    www.honeynet.org/node/718Cached
    3 Jul 2011 – The goal of this framework was to provide large-scale static analysis forAndroid applications, to provide high level analytics, statistics and

  12. Google Summer of Code 2011 Project Ideas | The Honeynet Project

    www.honeynet.org/gsoc/ideasCached
    Jump to Project 7 – Static Analysis of Android Malware‎: to aide static analysis of Android malware the analyst a deeper insight into the application,

  13. Using Static Analysis to Review File Access in Android Apps

    denimgroup.posterous.com/using-static-analysis-to-revie… – Cached

    20 Apr 2011 – Because applications often misuse these platform protections, assessing the security of an Android application should include checks to verify
  14. [PDF]

    Static Analysis of Android Programs

    www.juliasoft.com/public/Biblioteca/cade11.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by É Payet – Related articles
    A static analyzer for Android programs must consider such features, for correctness Static analysis of Android applications is important because quality and re-

  15. Julia Srl – software verification made easy

    www.juliasoft.com/Cached
    A Static Analyzer for Java & Android. Try our Julia analyzer and find bugs in Java andAndroid programs well before they are run. Our tool is not just another

  16. [PDF]

    Software Verification for Java and Android

    www.juliasoft.com/public/Biblioteca/julia-en.pdf
    File Format: PDF/Adobe Acrobat – View as HTML
    in two open-source Android applications. We have ana- lyzed the same programs with FINDBUGS, the most down- loaded static analysis tool of the world, used

  17. Static Analysis | >kloctalk

    www.klocwork.com/blog/tag/static-analysis/ – United States – Cached
    Static analysis, source code analysis, software validation blog The Evolution of Static Code Analysis – Part 3: The Present Day. Posted by Todd Landry June

  18. Android Development | Klocwork

    www.klocwork.com/solutions/android…/index.php – United States – Cached
    Android Application Development. Klocwork has built a robust Java static

  19. Code Analysis for Mobile, Android Software | Klocwork Solo

    www.klocwork.com/products/solo/android…/index.php – United States – Cached
    Klocwork Solo is a stand-alone source code analysis tool for individual Java developers focused on mobile and Android software Product Features – Android ApplicationDevelopment WHITE PAPER: Static Analysis: When, Why and How

  20. Klocwork Solo for Java | Klocwork

    www.klocwork.com/products/solo/index.php – United States – Cached
    Klocwork Solo is a stand-alone source code analysis tool for individual Java enterprise-ready, static source code analysis technology and packages it for the developers focused on Android app development or web app development can

  21. android – Are there any multithreading static analysis eclipse plugins

    stackoverflow.com/…/are-there-any-multithreading-static-analysis-e… – Cached
    2 answers – 21 Jan
    Are there any multithreading static analysis eclipse plugins? multi-threaded app is developed in..as some plugins target specific languages

  22. static – code analysis tools for Android – Stack Overflow

    stackoverflow.com/questions/…/code-analysis-tools-for-androidCached
    2 answers – 30 Jun
    Is there any static code analysis tools for android that would pick up simple like resharper and support developing Android applications.

  23. Static Analysis for Java: Java static analysis for security, mobile

    www.parasoft.com/jsp/capabilities/static_analysis_java.jsp – Cached
    Preconfigured for application security (OWASP, PCI, CWE/SANS), mobile/Android Static code analysis, data flow static analysis, code metrics analysis Targets Google Android, Spring, Hibernate, Eclipse plug-ins, TDD, JSF, Struts, JDBC,

  24. Java testing tools: Static code analysis, code review, unit testing

    www.parasoft.com/jtestCached
    A complete Java developer’s quality suite for static code analysis (for

    Show more results from parasoft.com

  25. [PDF]

    AndroidLeaks: Detecting Privacy Leaks In Android Applications

    www.cs.ucdavis.edu/research/tech-reports/2011/CSE-2011-10.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by CGJCJ Erickson – 2011
    9 Aug 2011 – To combat this problem, we present. AndroidLeaks, a static analysisframework for finding leaks of personal information in Android applications.

  26. [PDF]

    TaintDroid: An Information-Flow Tracking System for Realtime

    appanalysis.org/tdroid10.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by W Enck – Cited by 58Related articles
    30 popular third-party Android applications, we found. 68 instances of …. static codeanalysis [14, 46] as we discuss in Section 8. The rest of this paper is

  27. Building Android apps with Maven – Devoxx 2011 – Devoxx

    www.devoxx.com/display/…/Building+Android+apps+with+Maven – Cached
    Building Android apps with Maven Abstract Android has got its own “official” softwarefactory practices, such as Continuous Integration, static analysis, test

  28. [PDF]

    Using static analysis on Android applications to identify private

    people.cis.ksu.edu/~kuiluo/RPE2.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    5 Apr 2011 – Using static analysis on Android applications to identify private information leaks progress report. 2nd RPE presentation by Kui Luo computing

  29. Secure Programming With Static AnalysisAndroid Market

    https://market.android.com/details?id=book-GL8AeTCu1WAC – Cached
    The First Expert Guide to Static Analysis for Software Security! January 2007; Publisher: Pearson Education; Pages: 439; Requires Android: 2.1 and up

  30. Static AnalysisAndroid Market

    https://market.android.com/details?id=book-om_CCSJzyT4C – Cached
    Android Market · Android Apps $50.36. Static Analysis: 12Th

    Show more results from android.com

  31. Static Analysis For Improved Application Performance And Quality

    androidopen.com/android2011/public/schedule/detail/21058 – Cached
    Tue, Oct 11, 2011 – Grand Ballroom BC

    This session will show the types of problems that compilers, debuggers, and test suites can’t solve. Items that often only show up in real-world situations for

  32. Julia | CrunchBase Profile

    www.crunchbase.comCompaniesCached
    Julia is a spin-off company of the University of Verona, Italy, whose goal is to to producesoftware tools for static analysis of Java and Android programs. Its main

  33. Analysis of Android applications with Julia

    julia.scienze.univr.it/runs/android/results.html – Cached
    Analysis of Android applications with Julia version (August 11, 2011) time, eq, cast,static, uncalled, others, time, warnings, precision, time, warnings, precision

  34. Mining Interactions of Android Applications – Bibsonomy

    www.bibsonomy.org/bibtex/…/ebieCached
    %0 Report %1 dienst.ea:2011:android %A Steffen Dienst %A Thorsten Berger %D 2011 %K %T Mining Interactions of Android ApplicationsStatic Analysis of

  35. Mining Interactions of Android Applications – Bibsonomy

    www.bibsonomy.org/bibtex/…/bergerCached
    %0 Report %1 dienst.ea:2011:android %A Steffen Dienst %A Thorsten Berger

  36. BibSonomy :: publication :: Mining Interactions of Android

    www.bibsonomy.org/bibtex/1150bfee5311993ed183ae63986fdd6e2Cached
    7 Jun 2011 – Mining Interactions of Android ApplicationsStatic Analysis

    Show more results from bibsonomy.org

  37. Denim Group, Ltd. Blog: Static Analysis

    blog.denimgroup.com/denim_group/static_analysis/ – Cached
    20 Apr 2011 – In this blog post we have walked through one way of using static analysis to look at how Android apps are accessing files. This could also be

  38. [PDF]

    Static Analysis of Executables for Collaborative Malware Detection

    www.dai-labor.de/fileadmin/files/publications/android.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by AD Schmidt – Cited by 7Related articles
    applications, extended malware detection mechanisms are neces- sary complying with the static analysis on the executables to extract their function calls in. Android mechanisms for detecting malware presence on Android de- vices.

  39. [PDF]

    An Android Application Sandbox System for Suspicious Software

    www.dai-labor.de/fileadmin/Files/…/Thomas_AAS_Malware2010.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by T Bläsing – Cited by 3Related articles
    dynamic analysis on Android programs to automatically de- tect suspicious

  40. An Android Application Sandbox System for Suspicious – DAI-Labor

    www.dai-labor.de/publikationen/541Cached
    In this paper, we propose an Android Application Sandbox (AASandbox) which

    Show more results from dai-labor.de

  41. Dasient to Release New Research on Emerging Mobile Threats in

    www.prnewswire.com/…/dasient-to-release-new-research-on-emergi… – Cached
    21 Jul 2011 – This is the largest study of Android applications to-date to use behavioral analysis – in addition to normal static analysis. In behavioral analysis

  42. [PDF]

    Android Permissions Demystified

    www.cs.berkeley.edu/~afelt/android_permissions.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by AP Felt – Cited by 2Related articles
    in compiled Android applications. Stowaway is composed of two parts: a static analysistool that determines what. API calls an application makes, and a

  43. Android Permissions Demystified

    www.android-permissions.org/ – Cached
    We built Stowaway, a static analysis tool that detects overprivilege in compiled Android applications. Stowaway determines the set of API calls that an

  44. Seven Ways to Hang Yourself with Google Android – Fortify

    https://www.fortify.com/fortify/…/Google_Android_WaystoHang – Cached
    According to Google, Android was designed to give mobile developers “an experienced when applying static analysis to real-world Android applications.

  45. Analyzing Android Malware | securitybananas.com

    securitybananas.com/?p=574 – Cached

    17 May 2011 – Each Android application is compiled and packaged in a single file that but we know from our static analysis that after activating this app it will
  46. Android向 クラッキング防止セキュリティソフト Crack Proof for Android

    en.crackproofand.biz/ – Cached
    CrackProof for Android strongly protects Android applications from cracking by static analysis and dynamic analysis based on tamper resistant technology

  47. Android Malware, Permissions, and Side Channels – On the road to

    javacard.vetilles.com/…/android-malware-permissions-and-side-cha… – Cached
    29 Jan 2011 – In that particular case, the use of two collaborating applications is a way to I have worked on information flow static analysis, and we haven’t

  48. Mobile Apps Invading Your Privacy

    www.veracode.com/blog/2011/…/mobile-apps-invading-your-priva… – Cached
    5 Apr 2011 – We followed up the automated static analysis with a manual analysis of The Pandora for Android application appears to be integrated with a

  49. Automated Static Code Analysis for Classifying Android – IEEE

    ieeexplore.ieee.org › BrowseConferencesComputational Intelligence and
    20 Jan 2011 – Automated Static Code Analysis for Classifying Android Applications Using Machine Learning. 5696292 abstract; Download Citations; Email

  50. Code Development and Software Quality Assurance | Coverity

    www.coverity.com/Cached
    Source code analysis leader – Coverity Inc Over 65% say software defects impact customer satisfaction A Closer Look at the Android Kernel and Nuances; 2011-07-19 Electronic Design – Can Static Analysis Address Security Issues?

  51. Coverity Scan Site : Accelerating Open Source Software Integrity

    scan.coverity.com/ – Cached
    “Coverity’s static source code analysis has proven to be an effective step

    Show more results from coverity.com

  52. Publications

    siis.cse.psu.edu/ded/publications.html – Cached
    We introduce the ded decompiler, which recovers Android application source code applications based on static analysis of 21 million lines of recovered code.

  53. bib – Pennsylvania State University

    siis.cse.psu.edu/ded/ded_bib.html – Cached
    Built for the Android mobile phone platform, we reverse engineer downloaded

    Show more results from psu.edu

  54. appsec – Any useful tools for Android source code review? – IT

    security.stackexchange.com/…/any-useful-tools-for-android-source-… – Cached
    3 answers – 5 Jun
    Be sure to check out The Denim Group’s blog post on Using static analysis to review file access in android apps, which includes some tools

  55. [PDF]

    Curbing Android Permission Creep

    w2spconf.com/2011/papers/curbingPermissionCreep.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by T Vidas – Cited by 2Related articles
    Abstract—The Android platform has about 130 application The tool analyzes applicationsource …. After the static analysis completes, both permissions that

  56. Use of Static Analysis on Android Code – android-discuss

    androiddiscuss.com/1-android-discuss/40801.html – Cached
    18 Aug 2010 – I would love to have access to a Findbugs configuration that is suitable for scanning Android app code. > Use of Static Analysis on Android

  57. Python, JRuby on the Android Platform in 10 Steps » By Matthew

    www.thebitsource.com/software…/android/python-jruby-on-the-a… – Cached
    19 Feb 2011 – Web Development | Mobile | Software Design | Los Angeles How will this affect code security and static analysis that Google most likely does

  58. [PDF]

    Mobile Malware Madness and How to Cap the Mad Hatters

    https://media.blackhat.com/…/BH_US_11_Daswani_Mobile_Malware_Slide
    File Format: PDF/Adobe Acrobat – Quick View
    Android Applications Requesting/Leaking IMEI. Percent. Source: Dasient (n=10000). •Static analysis approaches would only identify that IMEI was requested

  59. Development Tips When Looking For Android App Developers

    www.androidappdeveloper.net/android-app…/development-tips-wh… – Cached
    24 Jun 2011 – Java, which is the basis of all Android apps, imparts itself to compiler warnings that in turn are based on static analysis. And any bug or error

  60. [PDF]

    Putting the Smart in Smartphones: Security Testing Mobile

    www.appseceu.org/…/Dan%20Cornell%20-…
    File Format: PDF/Adobe Acrobat – Quick View
    Let’s Take Apart Some Apps: Android. • Example of static binary analysis. • Applicationstructure. – AndroidManifest.xml. – assets/. – res/. – classes.dex

  61. [PDF]

    A Study of Android Application Security

    www.enck.org/pubs/enck-sec11.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by W Enck – Cited by 9Related articles
    piler, which recovers Android application source code directly from its on static analysisof 21 million lines of recovered code. Our analysis uncovered

  62. Android Code at Risk? – eSecurity Planet

    www.esecurityplanet.com/news/article…/Android-Code-at-Risk.htm – Cached
    1 Nov 2010 – New report from static analysis vendor Coverity scans the Android code base and finds a pile of common software defects, though the defect

  63. Using Static Analysis to Review File Access in Android Apps

    digg.com/…/using_static_analysis_to_review_file_access_in_android_apps
    By Dan Cornell The Android platform does some clever things to firewall apps off from one another. One of the important protections the platform provides is

  64. Using Static Analysis to Review File Access in Android Apps

    www.stumbleupon.com/…/using-static-analysis-to-review-file-access… – Cached
    20 Apr 2011 – Using Static Analysis to Review File Access in Android Apps – Denim Group, Ltd. Blog – StumbleUpon.

  65. Agnitio and Mobile Apps | Security Ninja

    www.securityninja.co.uk/application…/agnitio-and-mobile-apps/ – Cached
    16 Aug 2011 – Dan has given several mobile application security presentations over the /04/using-static-analysis-to-review-file-access-in-android-apps.html

  66. Android Developers Blog: Memory Analysis for Android Applications

    android-developers.blogspot.com/…/memory-analysis-for-android.h… – Cached
    24 Mar 2011 – Memory Analysis for Android Applications · Application Stats on AndroidMarket …. At the top of the class, let’s add a new static variable:

  67. android-assault – Android APK-Specific Static Analysis UI

    code.google.com/p/android-assault/
    Android APK-Specific Static Analysis UI Leveraging Tool :: GSOC 2011 Because PyQT provides a complete interface to QT applications and python can

  68. Automated Static Code Analysis for Classifying Android Applications

    www.computer.org/portal/web/csdl/doi/10.1109/CIS.2010.77Cached
    by A Shabtai – 2010 – Related articles
    In this paper we apply Machine Learning (ML) techniques on static features that are extracted from Android’s application files for the classification of the files.

  69. [PDF]

    A Study of Android Application Security

    www.usenix.org/events/sec11/tech/slides/enck.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by W Enck – 2011 – Cited by 9Related articles
    Studying Apps. • Decompiled top 1100 free apps from Android market: over 21 million lines of source code. • We use static analysis to identify both dangerous

  70. [PDF]

    Crowdroid: Behavior-Based Malware Detection System for Android

    www.ida.liu.se/~rtslab/publications/2011/spsm11-burguera.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by I Burguera – 2011
    analysis on Android applications. Static analysis scans Android source code to detect Malware patterns. Dynamic analysis executes and monitors Android

  71. Static Analysis of Android Programs

    www.springerlink.com/index/8878K95474W6Q65Q.pdf
    by É Payet – 2011 – Related articles
    Static Analysis of Android Programs. Étienne Payet1 and Fausto Spoto2. 1. LIM-IREMIA, Université de la Réunion, France. 2. Dipartimento di Informatica

  72. Android Dalvik VM performance is a threat to the iPhone | java rants

    www.javarants.com/…/android-dalvik-vm-performance-is-a-threat-t… – Cached
    26 May 2010 – This wouldn’t be that big a deal if Android software wasn’t already ….. A dispatch that passes static analysis and can be inlined IS inlined.

  73. See you at Devoxx with Android and Maven | Java.net

    www.java.net/blog/…/2011/…/see-you-devoxx-android-and-maven – Cached
    6 days ago – My proposal for a Devoxx talk about the powerful Maven Android Plugin, practices, such as Continuous Integration, static analysis, test coverage? whatever you need for creating and testing Android apps – and you’ll be

  74. Midterm Report: Project.6 Static Analysis of Android Malware | 中国

    – [ Translate this page ] www.honeynet.org.cn/?p=147Cached
    2011年7月 8日 – What’s more, Qt supports cross platform applications. Figure 1: The mainAndroid Static Analysis UI window. The above Figure 1 is the main

  75. Static Analysis of Executables for Collaborative Malware Detection

    academic.research.microsoft.com/…/static-analysis-of-executables-fo… – Cached
    First, we perform static analysis on the executables to extract their function calls and library functions for comparing malware with benign software on Android.

  76. [PDF]

    Smartphones (Android) in Wars: Software Assurance Challenges

    csrc.nist.gov/groups/SMA/…/NIST-Mobile-App-Security-Voas-081111.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    Application Static Analysis does not cover. Program Functionality. Fortify, Coverity, and other application testing tools cover regular, non-Android specific Bugs:

  77. CiteULike: An Android Application Sandbox system for suspicious

    www.citeulike.org/user/zafkazmi/article/8480528Cached
    In this paper, we propose an Android Application Sandbox (AASandbox) which is able to perform both static and dynamic analysis on Android programs to

  78. [PDF]

    Analyzing and Dissecting Android Applications for Security defects

    www.net-security.org/dl/articles/Blueinfy_Rushil_ScanDroid_Paper.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    operation along with applying static code analysis on both object and source code. This article introduces ScanDroid for Android applications, using Ruby code

  79. [PDF]

    Applying Assurance Techniques to a Mobile Phone Application

    www.avantssar.eu/sectest2011/pdfs/Krishnan.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by P Krishnan – Related articles
    spection and static analysis. This process is illustrated using an application for the Androidplatform. 1. Motivation. Modern mobile phones are not very different

  80. application security : SOURCE Conference Blog

    www.sourceconference.com/blog/?cat=88Cached

    Hacking Androids for Profit – Riley Hassell & Shane Macaulay: A discussion on Is it possible to apply static analysis to the wide range of software assurance
  81. [PDF]

    REMEDY OPEN API JAR FILE ANALYSIS WITH OBJECTIVE OF

    www.touchar.me/…/android/TECHNICAL_NOTE_BMC_Jar_Analysis_for…
    File Format: PDF/Adobe Acrobat – View as HTML
    on an Android mobile device within a test App. This partially successful work is described below. Formal Static Analysis and “Shrinking” Using ProGuard

  82. Mobile Application Security Code Reviews

    www.slideshare.net/…/mobile-application-security-code… – United States – Cached
    Slides from the Mobile Application Security Code Review short course at the Android Static Analysis for Storage Issues • Android-specific functions for file

  83. Static code analysis with Rational Software Analyzer « Scottyab’s blog

    www.alexander-bown.com/…/static-code-analysis-with-rat… – Cached

    17 Feb 2011 – Static code analysis with Rational Software Analyzer. I struggled to find time Clean Code in Android Applications | SpringSource Team Blog
  84. Angel Alonso (Angelill0) on Twitter

    twitter.com/angelill0 – Cached
    tool for static analysis of Android malware is ready for… http://bit.ly/pA94NC 8:00 PM Jul It keeps all the data/applications/configuration 11:29 AM Jul 24th via

  85. On Target: Embedded Systems: Android

    blog.vdcresearch.com/embedded_sw/android/ – Cached
    Currently, the commercial market for Android related software solutions is still in its ….Static analysis tool vendor GrammaTech announced a new sophisticated

  86. New Free Tools Simplify Analysis Of Android Malware

    virusfreephone.com/…/new-free-tools-simplify-analysis-of-android-malwar…
    7 minutes ago – The IDA Pro product recently added a static analysis component for the only free and open-source tool that does this for Android applications.

  87. FUSE: Inter-Application Security for Android | SBIR.gov

    www.sbir.gov/sbirsearch/detail/4753Cached
    FUSE will operate by performing a static analysis of each application’s configuration and byte code before that application is installed on an Android platform.

  88. AndTruss2D – Android app on AppBrain

    www.appbrain.comAll appsProductivityCached
    AndTruss2D: Android app (★★★★★, 500 downloads) ⇒ AndTruss2D is a useful mechanical engineers, architects etc) It is used for linear static analysis of

  89. Google: Spyware Found, Removed from Android Market | threatpost

    https://threatpost.com/…/google-spyware-found-removed-android-… – Cached
    13 Jun 2011 – Ten Android apps in the Official Android Market are known to infected, In this way, the payload evades static analysis and is difficult to detect.

  90. SecurityXploit: Android

    securityxploit.blogger.de/topics/AndroidCached
    The GUI tool for static analysis of Android malware is ready for an alpha release. Once installed, the trojan masquerades as an online banking activation app.

  91. [PDF]

    Mining Interactions of Android Applications

    www.informatik.uni-leipzig.de/~berger/tr/2011-dienst-android.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by S Dienst – Related articles
    Android Applications. Static Analysis of Dalvik Bytecode. -Technical Note- preliminary version. Steffen Dienst1 and Thorsten Berger1. University of Leipzig

  92. RPISEC presents: Stephen Ridley on Android Malware | Facebook

    www.facebook.com/event.php?eid=120866814659390Cached
    From there the talk will go into tools and techniques for decompiling Android applications. I will also discuss some static analysis techniques (that I have not yet

  93. [PDF]

    Jaeho Shin 2010-10-01 ROPAS Show&Tell

    ropas.snu.ac.kr/~netj/talk/2010/1001.mobile-security.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    1 Oct 2010 – Static Analysis Ideas Mobile Apps. User. Developer. App runs written by App. 1. tries to install. Android. 3. allows privileged operations to

  94. [PDF]

    Analysis of Dalvik Virtual Machine and Class Path Library

    imsciences.edu.pk/serg/wp-content/uploads/…/Analysis-of-Dalvik-VM.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    Analysis of Dalvik Virtual Machine and Class Path Library iv …. 1.4 Average ApplicationsDownloads Comparison for Android and iPhone. 5. 3.1 Dex File Anatomy [6]. ….. Absolute offset of static field list. 0×14. 4. Absolute offset of instance field

  95. Android Kernel Security Above Average, Below Linux – Software

    www.informationweek.com/news/software/infrastructure/228100092 – Cached
    3 Nov 2010 – An analysis of the Android kernel on an HTC Droid Incredible reveals about half as many software defects as expected, according to a report

  96. Using Static Analysis For Software Defect Detection | About Mobility

    weblog.cenriqueortiz.com/…/using-static-analysis-for-software-defe… – Cached
    18 Apr 2008 – A very good presentation Using Static Analysis For Software Defect who are interested in Android OS and application software development.

  97. [PDF]

    Penetration Testing for iPhone / iPad Applications

    www.mcafee.com/us/…/wp-pen-testing-iphone-ipad-apps.pdf – United States
    File Format: PDF/Adobe Acrobat
    more attention, with the introduction of the Android, iPhone, and iPad ….. Static Analysis for the applications could be performed using free tools such as

  98. forensic blog

    forensics.spreitzenbarth.de/ – Cached
    This project will develop a sandbox in terms of a automated malware analysis software for theAndroid OS. The first version which will only allow static analysis

  99. Fast and Easy Automated Testing for – Engineering Software Lab ltd

    www.eswlab.com/info.asp?cid=589 – Israel – Cached
    Static Code Analysis. Armorize PVS-Studio Static Code Analyzer for 64-bit and parallel code …. Fast and Easy Automated Testing for Android and iOS Apps

  100. [PDF]

    “These Aren’t the Droids You’re Looking For”

    appfence.org/appfence.pdf
    File Format: PDF/Adobe Acrobat – Quick View
    by P Hornyack – Related articles
    5 Apr 2011 – The problem is not unique to Android. Egele et al. used static analysis to track information flow in popular iPhone ap- plications and discovered

4 responses to this post.

  1. Great post – thanks for including links to some of our materials! If folks head to http://www.smartphonesdumbapps.com/ that page has links to some talks I’ve given on Android (and iOS) security testing as well as to a Google Code repository with some analysis scripts.

    Also we’ve released an intentionally-flawed application called Pandemobium Stock Trader that can be found here https://code.google.com/p/pandemobium/ That can be used as a developer training tool and testbed for Android security static analysis.

    Thanks,

    Dan

    Reply

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: