What I have done in GSoC 2016
I have been working on improving DroidBot (fixing bugs, adding features, etc.) in GSoC 2016. Basically I have sucessfully finished the goals we made before. This blog post is a summary of what I have done in GSoC 2016.
Our Plan
Before GSoC begins, my GSoC mentor Hanno discussed with me and made a plan for GSoC 2016:
- Remove False LogMessages [1 Week]: Try to distinguish between LogMessages produced by the analysed application and false logFiles, caused by DroidBot directly.
- Measure the Coverage of Dyn.Analysis [2 Weeks]: With instrumentation of an APK the coverage should be calculated. The instrumentation should be only a module, that is not normally running in droidBot.
- Having a scripting language / Make analysis reproducible [4 Weeks]: It would be nice to have a scripting language, which can do everything which droidBot is automatically doing. For Example Clicking, swiping, … Moreover it would be good, if we can insert text (like mails, usernames) into TextFields. In the second part of this Task, it would be cool, if after an automated droidBot run, droidBot could return a scripting File, which would try to reproduce the dynamic analysis as best as possible.
- Improving DroidBot [3 Weeks]:
- Dynamically Analyse UI and identify Buttons, TextFields, Inputs (Together with the scripting language this should solve the Stuck Problem in 80%)
- Add some static Documents (JPGs, PNGs, DOC, PDFs) (for RansomeWare)
- Identify ScrollViews and try to swipe up and down.
- Add Simple Context (like Wifi on/off if Permission is requested, send SMS, …)
- Docu, Refactoring, Buffer [2 Weeks]: The final two weeks are left for writing documents, refactoring, and fixing bugs.
What I have done
Task | Status | Comments |
---|---|---|
1. Remove False Log Messages | Done | The method is continuously calling ps command and maintaining a pid-to-process mapping. |
2. Measure the Coverage of Dyn.Analysis | Done | I started a new project androcov, with which we are able to measure the coverage of analysis. |
3. Having a scripting language | Done | Introduction to DroidBot script can be found here. |
4. Improving DroidBot | Partly Done | Finished: 1. Solve Stuck Problem and 2. Add dummy documents. Not finished: 3. ScrollViews and 4. Simple Context |
5. Docu, Refactoring, Buffer | Done | The above features are well-documented. |
Except for the tasks in GSoC, I also spent some time to fix bugs of DroidBot. One of the big improvements is that I removed androidviewclient dependency, which significantly improved DroidBot’s stability.
What I haven’t done
There are also many interesting features that I want to add in the future:
- What we discussed in GSoC but didn’t have time to do, including:
- Make analysis reproducible;
- Identify ScrollView and swipe;
- Add simple context;
- Anti anti-sandbox detection.
- Other interesting topics:
- Port DroidBot to phone;
- Use machine learning to improve dynamic analysis;
- Doing a large-scale analysis on market apps.
Welcome to contribute!
Links
- List of my commits in DroidBot: https://github.com/honeynet/droidbot/commits/master?author=ylimit
- List of my commits in androcov: https://github.com/ylimit/androcov/commits/master?author=ylimit
- GSoC 2016 github issue page: https://github.com/honeynet/droidbot/issues/18