Analysis of Android Update Packages as a Method to Load Forensic Utilities and Malicious Applications to an Android Device

Author

Mark Lohrum, Purdue UniversityFollow

Date of Award

2013

Degree Type

Thesis

Degree Name

Master of Science (MS)

Department

Technology

First Advisor

Samuel Liles

Committee Chair

Samuel Liles

Committee Member 1

Marcus Rogers

Committee Member 2

Raymond Hansen

Abstract

Android devices are extremely popular and are projected to stay popular. Both forensic tools and malware exist designed specifically for Android devices. The purpose of this study is to explore a new method of loading forensic tools and malware to Android devices. This new method is the update module, which is used to install updates to the operating system. This thesis proposed and completed research to test four different custom update packages on three different Android devices. Two of the update packages contain forensic utilities and the other two contain malicious tools. An update package collecting web history using the device's API successfully executed on all three devices, and the other three update packages only successfully executed on the oldest device, a Nexus One. The cause for the differing results from the Nexus One to the other two devices is the version of the operating system on the device. The Nexus One ran the oldest version of Android which did not contain the same security measures as the newer operating systems on the other two devices. The newer devices had these security measures which stopped the update packages from executing successfully. The researcher concluded that these update packages are not ready to be used currently.

Recommended Citation

Lohrum, Mark, "Analysis of Android Update Packages as a Method to Load Forensic Utilities and Malicious Applications to an Android Device" (2013). Open Access Theses. 52.
https://docs.lib.purdue.edu/open_access_theses/52