Presentations‎ > ‎

Android Application Lifecycling: behaviorial analysis of Android Malware using force-directed graph



The use of behavior-based detection is one of the most promising approaches with the rapid growth of Android applications and malwares. Most AV vendors are struggling with how to determine malicious behaviors and identify as malware. However, there is no general way for malware researchers to visualize behaviors of Android applications and malwares. In this presentation, I will demonstrate how the Android Application Lifecycling(AAL) is done, which is a graph-based approach for visualizing behaviors of Android applications. AAL uses static analysis information with some bytecode emulations. However, the presentation will be more focused on generating inter-object relations and graph visualization of the Android application. Inter-object relations can be generated by tracing AAL triggers, which could be Android APIs, permissions, intents, strings and so on. Graphs can be visualized by force-directed layout algorithm using d3.js framework. Finally, I will round off with some results of force-directed graph visualization of Android malwares by using AAL method.