ue 18(10): e3

Research Article

Reassessing Android Malware Analysis: From Apps to IoT System Modelling

Download159 downloads
  • @ARTICLE{10.4108/eai.12-1-2018.153565,
        author={Abraham Rodriguez-Mota and Ponciano Jorge Escamilla-Ambrosio and Eleazar Aguirre-Anaya and Jassim Happa},
        title={Reassessing Android Malware Analysis: From Apps to IoT System Modelling},
        journal={EAI Endorsed Transactions on Future Internet},
        volume={4},
        number={10},
        publisher={EAI},
        journal_a={UE},
        year={2018},
        month={1},
        keywords={Internet of Things, Android, Security Threats.},
        doi={10.4108/eai.12-1-2018.153565}
    }
    
  • Abraham Rodriguez-Mota
    Ponciano Jorge Escamilla-Ambrosio
    Eleazar Aguirre-Anaya
    Jassim Happa
    Year: 2018
    Reassessing Android Malware Analysis: From Apps to IoT System Modelling
    UE
    EAI
    DOI: 10.4108/eai.12-1-2018.153565
Abraham Rodriguez-Mota1,2,*, Ponciano Jorge Escamilla-Ambrosio3, Eleazar Aguirre-Anaya3, Jassim Happa4
  • 1: Instituto Politécnico Nacional, Escuela Superior de Ingeniería Mecánica y Eléctrica, Unidad Zacatenco, Av. IPN
  • 2: S/N C.P. 07738, Mexico City, Mexico
  • 3: Instituto Politécnico Nacional, Centro de Investigación en Computación, Mexico
  • 4: University of Oxford, Department of Computer Science, UK
*Contact email: armesimez@gmail.ipn.mx

Abstract

Applications based on the Internet of Things (IoT) are increasingly vulnerable to disruption from cyber attacks. Developers and researchers attempt to prevent the growth of such disruption models, mitigate and limit their impact. This requires the understanding and characterization of things and the technologies that empower the IoT. Futhermore, tools to evaluate, analyze and detect security threats in IoT devices are strongly required. This paper presents a web tool, named GARMDROID, aimed to help IoT software developers and integrators to evaluate IoT security threats based on the visualization of Android application hardware requests. This procedure is based on the static analysis of permissions requested by Android applications. A mapping from the malware analysis data obtained to a SysML block definition diagram is also briefly described. This mapping shows how data can be used to model IoT systems under different proposals such as Model Integrated Mechatronics (MIM) and UML4IoT.