About the Lab:
The Android Security Lab located at Room No. CSE-113 in Computer Science and Engineering Department, National Institute of Technology (NIT), Tiruchirappalli is established under the DST-SERB sponsored project titled "Study on Colluding Android Apps: Mitigating the Threat using Machine Learning Techniques". The project was sanctioned for Rs. 15.98 Lakhs under the Start-up Research Grant (SRG) scheme in the year January 2022 (Sanction Order No. SRG/2021/001898).
The equipments for the lab was jointly sponsored by DST-SERB (under SRG project: Rs. 4,72,800/-) and NIT- Tiruchirappalli (under Institute SEED Grant: Rs. 5,00,000/-). The lab was established on 03.06.2022.
The architecture of the lab is carefully designed in such a way that it serves two different purposes:
- Perform normal day-to-day research activities with internet access.
- Perform malware analysis without internet connection (test bed).
This setup facilitates the researchers to access the internet and perform normal day-to-day activities like internet surfing, downloading, reading research articles, etc., at ease. Besides, it also serves as a testbed to install malware in real Android devices and study the behavior of the app in real- time. As the testbed is not connected to the internet, the installed malware cannot create any harm to any of the other co-existing networks (including the institute's own network).
Being said, our lab offers a dynamic environment for the exploration, experimentation, analysis, and testing of Android apps in real-time. Thereby, it provides facilities to develop robust security methods, conduct thorough assessments, and refine our methodologies to safeguard against malware, data breaches, and any unauthorized access of the apps. Our multifaceted amenities ensure that our lab can come up with solutions that will remain at the vanguard of Android security.
About the Project:
Securing the privacy of users in this smartphone era is the main objective of this project. Considering the widespread usage of Android operating system among the users, in this project, we restrict ourselves to Android smartphones. As a preliminary study, we are working on static features- based Android malware detection using machine learning techniques. In which, we mainly focus on the different feature representation and feature reduction techniques as a way to improve the accuracy of the proposed detection methodology.
As an advanced study, on delving into the intricacies of Android mobile operating systems and malware analysis, we also work towards the dissection of their vulnerabilities into single app and colluding app malwares. The colluding apps methodology is a venture by two or more apps to collaborate in a divide-and-conquer fashion to achieve the same goal of single app malware. That is, instead of a single app performing the whole malicious activity more than one app divide their permissions among themselves to reduce the possibility of detection and achieve the same malicious activity. Our ongoing work is to study the nuances of such colluding apps and the threats posed by them.
As its outcome, we intend to develop a methodology that can detect and mitigate the unexplored vulnerabilities of the same.
We are also working towards the creation of our own colluding app dataset that contains veiled apps which can contribute in building efficient machine learning models and detect such colluding apps effectively.
Our Thrust Research Areas:
- Static- and Dynamic- Feature Analysis
- Malware Analysis
- Vulnerability Analysis
- Inter-App Communication
- Colluding Apps
- Machine Learning
- Deep Learning