Skip to main content
SpringerLink
Log in

A new technique for intent elicitation in Android applications

  • Original Article
  • Published:
Iran Journal of Computer Science Aims and scope Submit manuscript

Abstract

Android is the most common operating system for smart phones. An Android application is composed of components. Intents are messaging objects. Components communicate using intents. This communication is between components of the same application or different applications. Many security attacks use intents. This paper introduces a new technique, IntGet, for elicitation of intents from Android applications. IntGet was implemented and tested on 359461 smali files of 40 applications. The experimental results revealed that IntGet can be used for designing efficient malware detection methods. The paper shows comparisons between results obtained by IntGet and those obtained by Androguard.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. https://apkpure.com.

References

  1. Absar, J.: Programming for the Android Dalvik Virtual Machine, 1st edn. Springer (2017) (ISBN 1461423880, 9781461423881)

  2. Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: Drebin: efficient and explainable detection of android malware in your pocket. In: Proceedings of the 21th Annual Network and Distributed System Security Symposium (NDSS’14) (2014)

  3. Chakradeo, S., Reaves, B., Traynor, P., Enck, W.: Mast: triage for market-scale mobile malware analysis. In: Proceedings of the Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 13–24. ACM (2013)

  4. Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252. ACM (2011)

  5. Desnos, A.: Android–androguard: a full python tool to play with android files. https://github.com/androguard/androguard/ (2011). Accessed 2018

  6. El-Zawawy, M.A.: Android–IntGet: a tool for intent extraction from android applications. https://github.com/maelzawawy/IntGet/ (2018). Accessed Oct 2018

  7. Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G., Furnell, S.: Androdialysis: analysis of android intent effectiveness in malware detection. Comput. Secur. 65, 121–134 (2017)

    Article  Google Scholar 

  8. Hellman, E.: Android Programming: Pushing the Limits. Wiley, Hoboken (2013)

    Google Scholar 

  9. Kalkov, I., Gurghian, A., Kowalewski, S.: Predictable broadcasting of parallel intents in real-time android. In: Proceedings of the 12th International Workshop on Java Technologies for Real-Time and Embedded Systems, p. 57. ACM (2014)

  10. Kantola, D., Chin, E., He, W., Wagner, D.: Reducing attack surfaces for intra-application communication in android. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 69–80. ACM (2012)

  11. Ko, R., Lee, H.-M., Jeng, A.B., Wei, T.-E.: Vulnerability detection of multiple layer colluding application through intent privilege checking. In: IT Convergence and Security (ICITCS), 2015 5th International Conference on, pp. 1–7. IEEE (2015)

  12. Li, L., Bartel, A., Bissyandé, T.F., Klein, J., Traon, Y.L.: ApkCombiner: combining multiple android apps to support inter-app analysis. In: IFIP International Information Security Conference, pp. 513–527. Springer (2015)

  13. Richardson, L.: Beautiful soup documentation. https://www.crummy.com/software/BeautifulSoup/bs4/ doc/ (2007). Accessed Dec 2017

  14. Salvia, R.: Intent flow analysis in android application. B.S. thesis, Università Ca’Foscari Venezia, (2016)

  15. Stuttard, D., Pinto, M.: The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws. Wiley, Hoboken (2011)

    Google Scholar 

  16. Tang, J., Cui, X., Zhao, Z., Guo, S., Xu, X., Hu, C., Ban, T., Mao, B.: NIVAnalyzer: a tool for automatically detecting and verifying next-intent vulnerabilities in android apps. In: Software Testing, Verification and Validation (ICST), 2017 IEEE International Conference on, pp. 492–499. IEEE (2017)

  17. Warren, T.: Android programming for beginners: the simple guide to learning android programming fast!. CreateSpace Independent Publishing Platform, USA (2015) (ISBN 1516998103, 9781516998104)

  18. Winsniewski, R: Android–apktool: a tool for reverse engineering android APK files. http://ibotpeaches.github.io/Apktool/ (2012). Accessed Dec 2017

  19. Wu, D.-J., Mao, C.-H.. Wei, T.-E., Lee, H.-M., Wu, K.-P.: DroidMat: android malware detection through manifest and API calls tracing. In: Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference on, pp. 62–69. IEEE (2012)

  20. Xu, K., Li, Y., Deng, R.H.: ICCDetector: ICC-based malware detection on android. IEEE Trans. Inf. Forensics Secur. 11(6), 1252–1264 (2016)

    Article  Google Scholar 

  21. Zhang, L., Niu, Y., Wu, X., Wang, Z., Xue, Y.: A3: automatic analysis of android malware. In: International Workshop on Cloud Computing and Information Security (2013)

Download references

Acknowledgements

The author would like to thank Yepang Liu for proofreading the paper.

Author information

Authors and Affiliations

  1. College of Computer and Information Sciences, Al Imam Mohammad Ibn Saud Islamic University (IMSIU), Riyadh, Kingdom of Saudi Arabia

    Mohamed A. El-Zawawy

  2. Department of Mathematics, Faculty of Science, Cairo University, Giza, 12613, Egypt

    Mohamed A. El-Zawawy

Authors
  1. Mohamed A. El-Zawawy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohamed A. El-Zawawy.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

El-Zawawy, M.A. A new technique for intent elicitation in Android applications. Iran J Comput Sci 2, 113–124 (2019). https://doi.org/10.1007/s42044-019-00032-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s42044-019-00032-3

Keywords

Search

Navigation