TUM Logo

Android Activity Flow Reconstruction and Visualization

Android applications are build with a set of different component types that serve a specific purposes. Thanks to the androids system design they can interact with each other in a variety of ways, which make it possible to complete complex tasks. The downside to a flexible interconnectivity of system components can be an unclear and confusing relationship between them.This makes it specially hard for developers who newly entered a project or for security researchers that try to identify malicious applications to understand how components interact and what behaviour can emerge from an application.Some scientific work already provides tools to extrapolate the component commu- nication information from an application, but often using expensive computational methods like forward flow analysis and never trying to generate a visual representation that is easy to inspect.In this thesis a different approach for reconstructing transitions that can happen be- tween application components that will not make use of forward flow analysis will be developed. Some analysis techniques that the other approaches used, namely static analysis of code present in the form of Dalvik executables, will still be used int his thesis. But then use the generated results to build a graph showing possible transitions between components.One type of android application components, called activities, represent single in- stances of a visual user interface and so give the most information on the tasks that are completed with the application. For that reason the work in this thesis will build an Android Activity Flow graph, focusing on the transition between activities, but also showing the relation of other components in those interactions.The claim of this thesis is not being able to implement a system for a complete transition reconstruction, as the involvement of native code or reflection will not be considered. The aim is rather to build an architecture and a tool that can build and show a graph that assists in understanding an applications flow.

Android Activity Flow Reconstruction and Visualization

Supervisor(s): Dennis Titze
Status: finished
Topic: Android stuff
Author: Konrad Weiss
Submission: 2016-03-15
Type of Thesis: Bachelorthesis
Proof of Concept No
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching

Astract:

Android applications are build with a set of different component types that serve a specific purposes. Thanks to the androids system design they can interact with each other in a variety of ways, which make it possible to complete complex tasks. The downside to a flexible interconnectivity of system components can be an unclear and confusing relationship between them.This makes it specially hard for developers who newly entered a project or for security researchers that try to identify malicious applications to understand how components interact and what behaviour can emerge from an application.Some scientific work already provides tools to extrapolate the component commu- nication information from an application, but often using expensive computational methods like forward flow analysis and never trying to generate a visual representation that is easy to inspect.In this thesis a different approach for reconstructing transitions that can happen be- tween application components that will not make use of forward flow analysis will be developed. Some analysis techniques that the other approaches used, namely static analysis of code present in the form of Dalvik executables, will still be used int his thesis. But then use the generated results to build a graph showing possible transitions between components.One type of android application components, called activities, represent single in- stances of a visual user interface and so give the most information on the tasks that are completed with the application. For that reason the work in this thesis will build an Android Activity Flow graph, focusing on the transition between activities, but also showing the relation of other components in those interactions.The claim of this thesis is not being able to implement a system for a complete transition reconstruction, as the involvement of native code or reflection will not be considered. The aim is rather to build an architecture and a tool that can build and show a graph that assists in understanding an applications flow.