ASEF: The Android Security Evaluation Framework!

When you talk about the BlackHat Tool Arsenal, the bar is set real high. ASEF or the Android Security Evaluation Framework does manage to live up to that expectation. It presents you with a way to automatically evaluate all your apps, even hundreds of them, to harvest their behavioral data, analyze their run pattern, and at the same time provide an interface to facilitate a vast majority of evolving security tests with most practical solutions. ASEF is an Open Source tool for scanning Android Devices for security evaluation.


                                  


The Android Security Evaluation Framework (ASEF) alerts you about possible issues and makes you aware of unusual activities by your applications, expose vulnerable components and help narrow down suspicious apps for further manual research. ASEF is designed and developed to simulate the entire lifecycle of an Android application in an automated virtual environment to collect behavioral data and perform security evaluations automatically over ‘n’ number of apps. These applications can be in the form of an individual .apk file, a collection of such .apk files or more commonly installed directly on a device, which will then be extracted and/or migrated to the Automated Virtual Environment (AVE), where an automated behavioral analysis is performed. The AVE is nothing but a pre-configured Android Virtual Device (AVD) that can simulate the entire lifecycle of an Android application.

Android Security Evaluation Framework Phases:

1. Passive phase tries to collect all the necessary data required to run a test cycle. Activities like sniffing the traffic, extract all the necessary asset information from an .apk file, etc.
2. Active phase is where apps are being run through a test cycle one by one and behavioral data is collected. This phase makes use of the Google’s safe browsing API detecting malicious traffic and like activities.
3. Interpret phase is where parsers are trying to analyze all this data and generate results.

It should be noted that at no point will the framework run any passive or active test on a user’s device. All you have to do is to connect your Android device with a ‘USB debugging mode enabled’ to a machine running ASEF!
ASEF comes to us from Mr. Parth Patel. Currently the project will work on Mac OS X or Ubuntu and has been programmed in Perl.

Download Android Security Evaluation Framework: ASEF_OSP.zip