you2004975 Posted April 17, 2015 Share Posted April 17, 2015 This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Static Analysis: Basic Information Extraction: file size, file hash, package name, SDK version, etc Certification Analysis: Parse the certification and check if it's from AOSP. Category Analysis: Classify the APK to different categories based on the permission information Permission Analysis: Extract permissions (include customized permissions) and detect if the declared permission is used Component Analysis: List all the components (include dynamically registered broadcast receivers) and analyze if the component is exported Code Feature Analysis: Check native code, java reflection, dynamic loader usage Advertisement Module Analysis: Extract all the advertisement modules Sensitive API Analysis: List all the sensitive APIs and the caller code path etc... Dynamic Analysis: Network Data Record: capture all the network data during the APK's running period Http Data Recovery: recover data from http flow IP Distribution Analysis: parse IP information based on the extracted URLs File Operation Monitor: record file path and data SMS & Phone Call Monitor: record sms sent and phone call SMS Block Monitor: record sms block behavior Crypto Operation Monitor: record crypto usage Data Leakage Monitor: data leakage etc... Comprehensive Analysis: Risky Behaviors Summary: list risky behaviors Risk Score: Calculate the risk score based on the static and dynamic analysis result This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts