Etd

Appjudicator: Enhancing Android Network Analysis through UI Monitoring

Public

Downloadable Content

open in viewer

Smartphones are becoming increasingly important in all aspects of life, including corporate environments, where “bring your own device” (BYOD) policies are gaining widespread acceptance. Malware already exists to take advantage of Android phones in BYOD settings, aiming to take control of devices with access to privileged information by disguising itself as a benign app. Malware could be easier to detect if network administrators had more insight into employee-owned smartphones. We propose a system, called Appjudicator, to address this issue. It implements an accessibility service to monitor user interactions with the user interface (UI) of other apps, so this context can be used in malware detection. For example, if an app sends a new network request without any user interaction, this flow could be the result of malware and should be investigated. Our app is a host-based software defined networking (SDN) agent that works in conjunction with an SDN controller to monitor and control the phone’s networking abilities based on the organization’s SDN rules and our UI context. We build a proof of concept application and find that it can successfully combine network and UI data while adding less than 14 milliseconds of total latency in 95% of flows.

Creator
Contributors
Degree
Unit
Publisher
Identifier
  • etd-23006
Keyword
Advisor
Defense date
Year
  • 2021
Date created
  • 2021-05-06
Resource type
Rights statement
License

Relations

In Collection:

Items

Items

Permanent link to this page: https://digital.wpi.edu/show/cr56n394d