Semdroid - Semantic Android Application Analysis Using Machine Learning (Master's Thesis, 2014)
Semdroid is a static Android application analysis framework that allows to detect certain functionality included in applications, like cryptographic code or SMS functionality.
- Android applications are disassembled and the structure is reconstructed.
- Several analysis plugins dissect the application and report their findings.
- The application's components can be analyzed separately.
- Plugins can be based on any static analysis approach.
- We proposed a new analysis approach based on machine learning: the Semantic Pattern Analysis.
- New plugins can easily be added - just create a new configuration file.
- Semdroid can be used on a personal computer, or can be directly deployed onto an Android device for on-device analysis of installed applications.
Learn more Source code on GitHub
Android Security (2013 – now)
Performed several Android security assessments and implemented malware detection mechanisms:
- On-device network traffic analysis:
- Developed an Android application that monitors network traffic in real time and checks if sensitive data is sent to a remote server.
- Additional checks detect hashed sensitive data (e.g., MD5, SHA-1, SHA-256, etc.).
- Power consumption-based malware detection (see publication):
- Modified and tweaked PowerTutor in order to get power traces.
- By using machine learning, we can classify applications running on the device.
- Implemented application for real-time SMS tampering detection (forward / discard SMS, SMS commands: e.g., return phone location).
- Detecting SMS catchers and sniffers (see publication).
- Analyzing the built-in encryption systems of the Android platform (see publication).
Ricochet Robots (2011)
Ricochet Robots is a board game where the players have to find the shortest path to a given target field by moving different robots.
- Goal: find the best solution as fast as possible.
- Implemented the playable game in Java, including a customizable user interface (Java Swing toolkit).
- Developed several heuristics that work together to solve the NP-complete problem.
- Found solutions can be displayed step by step or automatically.
- Great results: the shortest solutions can be found very efficiently (< 10 ms for most scenarios).