Investigating and Analyzing Malicious Events in Android Application

Smart mobile devices have been widely used and the contained sensitive information is endangered by malware events and codes. The malicious events caused by malwares are crucial evidences for digital forensic analysis, and the main task of mobile forensic analysis is to find the malicious codes and reconstruct these events. However, the reconstruction heavily relies on the code analysis of the malware. The difficulties and challenges include how to quickly find the suspicious programs, how to remove the anti-forensics tricks of malicious code, and how to deduce the malicious behaviors according to the code. To address this issue, a systematic procedure of analyzing typical malware behaviors on the popular mobile operating system Android is proposed. Based on the procedures, the deduction of Android malicious events is also discussed