During the last decade mobile phones and tablets evolved into smart devices with enormous computing power and storage capacity packed in a pocket size. People around the globe have quickly moved from laptops to smartphones for their daily computational needs. From web browsing, social networking, photography to critical bank payments and intellectual property every thing has got into smartphones; and undoubtedly Android has dominated the smartphone market. Android growth also attracted cyber criminals to focus on creating attacks and malwares to target Android users. Malwares in different category are seen in the Android ecosystem, including botnets, Ransomware, click Trojan, SMS frauds, banking Trojans.

Due to huge amount of application being developed and distributed every day, Android needs malware analysis techniques that are different than any other operating system. This research focuses on defining a process of finding Android malware in a given large number of new applications. Research utilizes machine learning techniques in predicting possible malware and further provide assistance in reverse engineering of malware. Under this thesis an assistive Android malware analysis system “AndroSandX” is proposed, researched and developed. AndroSandX allows researcher to quickly analyze potential Android malware and help perform manual analysis.

Key features of the system are strong assistive capabilities using machine learning, built in ticketing system, highly modular design, storage with non-relational databases, backup of analysis data for archival, assistance in manual analysis and threat intelligence. Research results shows that the system has a prediction accuracy of around 92%. Research has wide scope and lean towards providing industry oriented Android malware analysis assistive system/product.

Library of Congress Subject Headings

Malware (Computer software)--Prevention; Android (Electronic resource); Machine learning

Publication Date


Document Type


Student Type


Degree Name

Computing Security (MS)

Department, Program, or Center

Department of Computing Security (GCCIS)


Tae Oh

Advisor/Committee Member

Bill Stackpole

Advisor/Committee Member

Chaim Sanders


Physical copy available from RIT's Wallace Library at QA76.9.A25 J34 2016


RIT – Main Campus

Plan Codes