Date of Award


Document Type


Degree Name

Master of Science in Cyber Operations


Department of Electrical and Computer Engineering

First Advisor

Richard Dill, PhD


Mobile classified data leakage poses a threat to the DoD programs and missions. Security experts must know the format of application data, in order to properly classify mobile applications. This research presents the DBIMAFIA methodology to identify stored data formats. DBIMAFIA uses DBI and static analysis to uncover the structure of mobile application data and validate the results with traditional reverse engineering methods. DBIMAFIA was applied to fifteen popular Android applications and revealed the format of stored data. Notably, user PII leakage is identified in the Rago Games application. The application's messaging service exposes the full name, birthday, and city of any user of the Rago Games application. These findings on how Haga Games uses ObjectBox library to store data in custom file formats can be applied more broadly to any mobile, IoT, or SCADA device or application using the ObjectBox library. Furthermore, the DBIMAFIA methodology can be more broadly defined to identify stored data within any Android application.

AFIT Designator


DTIC Accession Number