Mobile Data Analysis using Dynamic Binary Instrumentation and Static Analysis

Author

Christopher Dukarm

Date of Award

3-2020

Document Type

Thesis

Degree Name

Master of Science in Cyber Operations

Department

Department of Electrical and Computer Engineering

First Advisor

Richard Dill, PhD

Abstract

Mobile classified data leakage poses a threat to the DoD programs and missions. Security experts must know the format of application data, in order to properly classify mobile applications. This research presents the DBIMAFIA methodology to identify stored data formats. DBIMAFIA uses DBI and static analysis to uncover the structure of mobile application data and validate the results with traditional reverse engineering methods. DBIMAFIA was applied to fifteen popular Android applications and revealed the format of stored data. Notably, user PII leakage is identified in the Rago Games application. The application's messaging service exposes the full name, birthday, and city of any user of the Rago Games application. These findings on how Haga Games uses ObjectBox library to store data in custom file formats can be applied more broadly to any mobile, IoT, or SCADA device or application using the ObjectBox library. Furthermore, the DBIMAFIA methodology can be more broadly defined to identify stored data within any Android application.

AFIT Designator

AFIT-ENG-MS-20-M-016

DTIC Accession Number

AD1096943

Recommended Citation

Dukarm, Christopher, "Mobile Data Analysis using Dynamic Binary Instrumentation and Static Analysis" (2020). Theses and Dissertations. 3157.
https://scholar.afit.edu/etd/3157