My thesis for my MS in Computer Science at the University of Illinois, Urbana Champaign, 2013

With the unprecedented growth in the diversity of digital distribution platforms there has been an increasing concern about privacy of the content being produced by the different types of applications users are installing across a variety of mobile platforms. The mobile devices average users own generally have inbuilt hardware interfaces capable of gathering different types of rich information including temperature, accelerometer, as well as personal identifiable information such as phone numbers, personal communication messages, and location information. Some digital distribution platforms, like Google's Play Store (GPStore), put into effect a permission based security model where users are prompted with a list of permissions they must accept in order to download and install and application. In recent years many researchers have presented attacks compromising the previous security model using different types of techniques including malicious applications such as malware and trojans.

To better understand mobile malware, we introduce the concept of the User-App Agreement (UAA) - a conceptual framework for a user consenting and trusting specific actions an app may take. Using UAA we examine the Android Permission system with Android Census - a comprehensive app metadata database. We conclude the main shortcoming lies in the Permission system's lack of addressing context and use, presenting an opportunity for Info Theft Malware - malicious software that profits off of user's personal information. Finally, we present Android Malware Evaluation Detection and Analysis (AndroMEDA), an Android Security Extension which forms a novel feedback loop, providing users with a method for understanding the context and use of actions an app performs, thus allowing them to identify suspicious behavior that violates users' trust.