Biblio

The use of mobile devices has increased dramatically in recent years. These smart devices allow us to easily perform many functions such as e-mail, internet, Bluetooth, SMS and MMS without restriction of time and place. Thus, these devices have become an indispensable part of our lives today. Due to this high usage, malware developers have turned to this platform and many mobile malware has emerged in recent years. Many security companies and experts have developed methods to protect our mobile devices. In this study, in order to contribute to mobile malware detection and analysis, an application has been implemented that automatically injects payload into normal apk. With this application, it is aimed to create a data set that can be used by security companies and experts.

Along with technological developments in the mobile environment, mobile devices are used in many areas like banking, social media and communication. The common characteristic of applications in these fields is that they contain personal or financial information of users. These types of applications are developed for Android or IOS operating systems and have become the target of attackers. To detect weakness, security analysts, perform mobile penetration tests using security analysis tools. These analysis tools have advantages and disadvantages to each other. Some tools can prioritize static or dynamic analysis, others not including these types of tests. Within the scope of the current model, we are aim to gather security analysis tools under the penetration testing framework, also contributing analysis results by data fusion algorithm. With the suggested model, security analysts will be able to use these types of analysis tools in addition to using the advantage of fusion algorithms fed by analysis tools outputs.