According to statistics database Statista, some 3.76 million apps could be downloaded this month from the Google Play Store alone. Not all of them function as they should – and not all of them deliver what they promise. In 2017, Google deleted more than 700,000 apps for breaching guidelines. In response, researchers from the CISPA Helmholtz Centre (i.G.), have developed software that allows the real behaviour of apps to be monitored as they are running. The latest version of their program, named ARTist, will be introduced at the CEBIT computer expo, held from 11 to 15 June in hall 27, stand F68.
Despite myriad security measures in app stores, malicious apps are repeatedly finding their way onto the smartphones of naïve users. The appearance of ads for pornography in children’s games in January is a recent example.
“Malware often works in the same manner. As soon as such software is opened on a smartphone it secretly contacts a computer via the internet and downloads malicious program code to the phone. In this case it was advertising, but it could also have been a subscription trap”, explains Oliver Schranz, who is researching better protective measures for Android apps at the Saarland Informatics Campus of the CISPAHelmholtz Centre.
Together with his colleagues Sven Bugiel, Philipp von Styp-Rekowsky, Sebastian Weisgerber and Professor Michael Backes, Schranz has accordingly developed the “Android Runtime Instrumentation and Security Toolkit”, or ARTist for short.
The software allows the instructions that selected apps execute in the runtime environment of Google’s Android mobile operating system to be monitored live. Both IT security researchers and commercial software developers can use the software to check whether the app really does what is expected of it. Comparable toolkits are only capable of checking methods, so this software from the IT experts in Saarbrücken is a much better “watchdog”. “We can see what the app is doing at all times and keep an eye on when and what data is sent out”, says Schranz.
The scientists have also gone to great lengths in terms of ease of use. ARTist is available as an app, allowing the apps to be monitored to be selected by touch. The time and effort required for analysis are therefore kept to a minimum. At CEBIT the researchers will demonstrate ARTist’s full functionality by analysing real-world apps, including the US online platform Uber.
A new ARTist function is also under development. In future, users will be able to use the software to prevent presumably suspect instructions from being executed. This could also include reducing the opening of embarrassing advertising.