Honeypot On Android
Honeypot On Android
Honeypot On Android
CHAPTER 1
1.1
Honeypot
A Honeypot is something that is designed to attract and trap something for its own means and
use. It will sit idle listening and waiting for something of interest to trigger its sensors and
cause a reaction that will produce some information or physical grabbing of its target. The
idea of the Honeypot is all around us, in the natural and un-natural world, even though we
may not see them at first glance. Honeypot are not a new thing but where we are today we
have had to take the natural examples and adapt them to work for the unnatural application.
1.1.1
Honeypot on Android
In Android, a Honeypot is a little different, but as was said already can be almost the same
depending on the implementation of it that is used. What the Honeypot does in android is
monitoring applications activity, it will sit idle listening and waiting for monitoring
bookmarked application in that had installed in the phone. So that it will detect activity
information which the application installed are interact and grant for access of phone
function, services or data as well.
It will keep on recording the trace left of bookmarked suspicious application. In short,
honeypot on android is a trap set to detect android application in order to collect data, or in
some manner we can take further action to counteract attempts at unauthorized use of the
manifest permission by the applications installed. Since every application is shown, and
which application seems granted a lot of irrespective permission, hence it can determine and
bookmark that suspicious application.
2
The application will be observed. Knowing our application permissions can help us
better safeguard our privacy and security and prevent unauthorized charges. There are a lot of
information collected as a proof and hence we can prevent before seriously loss or harmed
since we know the application irrespective intention, so we can get to know that and take
further action in order to protect our confidential data and unauthorized access such as
uninstall the malicious application.
3
CHAPTER 2
2.1
Project Scope
The application is aimed to be used by the people who want to read and understand more
about their application.
The application is a monitoring tool to help users knowing their application
permissions. It will list out the application permission granted in the different way. The users
are allowed to select the type of view according to the predefined category.
The application is then displays the content to the users. The users can click the
application button to get the detail of the application. If user not trust the applications
installed, user can bookmark the suspicious application to observe it, force close it or
uninstall the application.
The application also provide a suspicious application list which application
bookmarked as suspicious is under observation. The trace left by the application when it
access to the system function is recorded as a proof to discovering the suspicious malicious
intent. However, the application will not warn the user but it keeping recording the
information until it was stop by user.
This application will be developed and tested in laptop by using Eclipse Mars and
tested by Android Virtual Device Manager. This is a simulator which same with the android
system, so this application is able to be use by android based phone.
4
CHAPTER 3
3.1
The evolutionary prototyping objective is to deliver a working system with high satisfaction
level to the end users. In the methodology, the system will be developed through a series of
increments of function because In Evolutionary Prototyping, developers can focus themselves
to develop parts of the system that they understand instead of working on developing a whole
system.
Figure 3.1: Evolutionary prototyping model. (Source: Chip. Prototyping Model. Pg. 4849.)
5
3.1.1
Initiation phase
This is the first phase which involves researching and analyzing the requirement for the
project based on a given time period. The problem statement, project aim, objective, project
scope, project justification and proposal organization had been all well-planned.
3.1.2
Analysis phase
The main activity at this phase is discussed about collect information and system
requirements through researches from other existing application. Several similar systems had
been selected to be compared to find out more ideas and function that can implement in the
proposed project. The next step is to study how to use the Eclipse for developing android
application. Since a lot of research has to be done in order to learn to operate the software. A
lot of learning schedule has been planned. The Eclipse supports a few types of programming
languages in order to make a working application. It requires Extensible Markup Language
(XML) file to create the user interface for the application. The learning process is then
continued to learn how to connect the functional button to the Java Language. The Java
language is used to set the task of the process to be executed. The concept of honeypot has to
be analysis and prepared to design in the next stage.
3.1.3
Design phase
After analysis phase, the major function of the application is determined and hence that the
designing of the application interface has to be start. The interface is design one by one based
on the application function. Hence, the application interface may easily achieve the function
and objective of the project. The Interface is aim to be simple and straight forward without
any decoration. The interface is design part by part based on the application function. The
interfaces designed should have a few buttons for users to select which button clicked will
bring users to screen with certain content. The content of the page is first retrieve from the
android system. This application does not need to use Internet access. Hence, the use case
6
diagram is plotted. The next implementation is to classify the data accordingly. This will
allow users to read and understand the content easily. The application is display in English
only.
3.1.4
Implement phase
Implementation is the stage where the physical design of the application is translated into
code. Each specification developed during the last stage will be implemented into the overall
application structure. If any problem with the design are discovered the project will return to
the design stage and create a revised design. The process will then continue checking that
each of the previously implemented features can be satisfied within the new design
framework. In implement phase, activity diagram and class diagram for the application is
plotted.
3.1.5
Testing phase
During the testing stage each function implemented in the implementation stage is checked
against its specification to ensure that it performs the correct action. Project test plan is
prepared for the detailed testing in testing phase. The application had been developed and
should test before deliver to the users. The testing is divided into two parts. The first part is to
test the application to check the error and bug that might be in the coding. This testing will be
done by the developer. Second part of the testing is to ensure the application fulfill the project
requirements of the users. The result will influence developer to take any further action to add
or delete any function to the application. During the testing stage each function implemented
in the implementation stage is checked against its specification to ensure that it performs the
correct action.
3.1.6
Prototype phase
The feedback from tester will be analyzed and the new action will be taken in the next
prototype. Each prototype shall be improved and the follow of application will also be
improved in every prototype. With the increasing of iteration, the application is to be
determining how successful each part was and to suggest improvements for the future.
3.2
The Honeypot on Android requires hardware and software to be develop and testing. Both
hardware and software has to be able to match with each other to make the application to be
able to run. The list if requirement is as follow:
3.2.1
8
Hardware Specification
Computer
Android Devices
Table 3.2: Hardware specification and requirement for Honeypot on Android
3.2.2
Programming Language
The language will be implement to develop this application is Java and XML. The Eclipse
Mars requires Java language to develop the android application. XML is used to develop the
user interface for the application and is then connected to Java language to set the function of
each button, image button and text view. SQL is used to connect the application with the
application. This is important to ensure the application display the right result for each
process.
CHAPTER 4
OPERATING ENVIRONMENT
4.1
Android Architecture
10
specific for a particular hardware. Some of the important native libraries include the
following:
Surface Manager: It is used for compositing window manager with off-screen buffering.
Off-screen buffering means you can't directly draw into the screen, but your drawings go to
the off screen buffer. There it is combined with other drawings and form the final screen the
user will see.
11
COMPARATIVE STUDY
5.1
5.1.1
aSpotCat
12
shows all your android application permissions, services that cost you money. The application
is providing us to bookmark permissions which you want to monitor. So that we are easier to
read and understand the permission granted to every application. It can view application
permission in 3 forms. That is list application by permission, List application by bookmarks
permission and list all application installed. List application by permission provide us a way
easier to bookmark the concerning permission or the permission that cost you money or
accessing your private data. List application by bookmarks permission is provide a way easier
to view the bookmarked permissions. There is also having a warm warning for the
application which has granted the permission being bookmarked. While list application is a
interface to shows all application installed in the phone. This interface provide user to have
an overview of all application being installed.
5.1.2
13
permissions of applications we want to download. The application provides 3 major button in
the interface that is List application, list permissions, and monitor settings. List of application
providing an overview of the application installed in our device hence every click on the icon
displayed in the interface will bring us to another interface which shows all the detail of the
application. In the interface, we are able to manage the application by force close the
application, open the application or uninstall the application. The List of permission provides
us an overview of all permissions. When click on the permission list, the list will expand and
display the icon of the application which is granted such permission. While monitor setting is
used to create a permission set which the application will monitor those application
bookmarked, when the new application installed with those suspicious permissions sets, the
monitor will notify us.
5.2
iii.
iv.
v.
14
DESIGN
6.1
Use-case diagram
Display application
Display permission
Manage application
This function provide user to manage the application by uninstall the application, or
15
force stop the application.
v.
6.2
Quit
There are total of 6 interface is designed in this application for different purpose. The first
interface is the main menu.
16
The interface is designed to display all the application installed in the devices. The Image
buttons shown in the figure 6.3 is representing the icon of the application installed in user
device. This interface allows users to have a overview of all the application installed and
click to the application icon to view the specific application detail and manage the application
which will be shown in Figure 6.4.
6.2.3
This is the interface where the user can manage the application by three options. Those are
force close, bookmark or uninstall the application. Force close button is used to close the
application immediately. Bookmark button is used to bookmark those suspicious application
to monitor and uninstall button is to uninstall the application form the device immediately.
Besides that, the white field will show up the permission granted for this application. This
provides user an easier way to view the permission of application installed.
17
6.2.4
The permission list interface is the interface to show all the permission of the application by
group of category, user can click on any group of the permission and the permission group
will expand its sub item in below of it. After click on the category of permission group, the
interface will be shown in Figure 6.6.
18
6.2.5
This is the permission list interface after click on the category of permission group.
When the category of permission group is clicked, the permission group is expanded and the
application icon with those permission will show up. The icon of the application is also can
be clicked so that it will bring user to the application detail interface in Figure 6.4
6.2.6
Bookmarked list
The bookmarked list interface is displaying all the application that is bookmarked by user.
This interface provide the information about the application trace of accessing the phone
function. User can view through the application and when user had decided to uninstall the
application, user can click on the icon, the application will bring user to the application detail
interface in the Figure 6.4 where user can manage this application whether to uninstall it or
force close it.
19