Skip to content

cvl01/spam-call-analysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.vscode
.vscode
 
 
apks
apks
 
 
appsetupscripts
appsetupscripts
 
 
helper-scripts
helper-scripts
 
 
reference_images
reference_images
 
 
results
results
 
 
.gitignore
.gitignore
 
 
main.py
main.py
 
 
readme.md
readme.md
 
 

Repository files navigation

Dynamic analysis tool of Android applications to extract spam Caller-IDs

This research is part of the Research Project 2022 of TU Delft.

Short description of research & tool

Spam calls are becoming an increasing problem, with people receiving multiple spam calls per month on average. Multiple Android Applications exist that are able to detect spam calls and display a warning or block such calls. Little is known however on how these applications work and what numbers they block. In this research, the following question is investigated: Can we do a brute force dynamic analysis on Android spam call blocking apps, to extract Caller-ID information from apps that cannot be or is not extracted through static analysis? A tool is created that is capable of doing such a dynamic analysis, by installing multiple android apps (one at a time) on an emulator, sending emulated phone calls to the emulator, and using screenshot comparison techniques to determine whether the call is classified as allowed or blocked by the respective app. This fully automated tool can test Caller-IDs on 8 different Android apps. Apart from a number of initial setup steps to install and configure the apps in the emulator, the tool takes about 1.5 seconds on average to analyze 1 Caller-ID on one app.

Installation:

Clone the repository

git clone [email protected]:cvl01/spam-call-analysis.git

Install Appium

First install Appium, it can be installed directly from NPM:

npm install -g appium

Then install the Appium Python Client:

pip install Appium-Python-Client

OpenCV for Node

Then install OpenCV for Node, which is required for image comparison functions. Detailed instructions can be found here

npm install --save opencv4nodejs

Set up android emulators

Finally, you need to set up the android emulators needed to run the analysis on. In helper-scripts/base_emulator you can find the optimal configuration of the emulator. It is advised to use the helper script helper-scripts/create-emulators.sh to generate 10 emulators. You will then be able to run with a maximum of 10 threads. If you want another number of emulators, you can add a number as positional element, like so.

sh helper-scripts/create-emulators.sh NUMBER_OF_EMULATORS

For example:

sh helper-scripts/create-emulators.sh 4

Usage

Then you can run the tool, using this syntax. The tool takes a list of numbers, one per line. An example can be found in results/100-numbers.txt. You can specify the file name as an argument or else the tool will read input from stdin.

python3 main.py  
    --google_username=YOUR_USERNAME_OR_EMAIL 
    --google_password=YOUR_PASSWORD
    --headless 
    --threads=1
    number-list.txt

Detailed usage:

usage: main.py [-h] --google_username GOOGLE_USERNAME --google_password GOOGLE_PASSWORD [--headless] [--print_csv_lines] [--save_screenshots] [--threads THREADS] [infile]

Test numbers on Android Spam Call Blocking Applications

positional arguments:
  infile                Input file containing phone numbers, one per line

optional arguments:
  -h, --help            show this help message and exit
  --google_username GOOGLE_USERNAME
                        A google account's username
  --google_password GOOGLE_PASSWORD
                        A google account's password
  --headless            Run the emulator headless
  --print_csv_lines     Print the csv lines as they are generated by the tool
  --save_screenshots    Save the screenshots that are used for image comparison to the out/ folder
  --threads THREADS     The number of threads you want the tool to use

Results

Example raw results can be found in the results folder. These include a list of 100 numbers and the result of running the tool on this number list.

List of apps (+ used versions)

Image Package ID Name Version Name Version Code
com.flexaspect.android.everycallcontrol Call Control - SMS/Call Blocker. Block Spam Calls! 2.2.8 272
com.callapp.contacts CallApp: Caller ID & Recording 1.962 1962
com.unknownphone.callblocker Call Blocker - Stop spam calls 1.7.7 184
com.callerid.block Caller ID, Phone Dialer, Block 2.13.5 40155
org.mistergroup.shouldianswer Should I Answer? 2.3.21 382
com.allinone.callerid Showcaller: Caller ID & Block 1.1.1 791
com.mglab.scm Stop Calling Me - Call Blocker 12.30.6 1230006
com.telguarder Spam Call Blocker - telGuarder 2.6.4 147
com.truecaller Truecaller: Caller ID & Block 12.1.0-9677 120100
com.webascender.callerid Hiya - Call Blocker, Fraud Detection & Caller ID 1.0.206 206

About

No description or website provided.

Topics

tudelft-cse-research-project

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages