Android malware detection and forensics based on API calls

In recent world, mobile devices play an important role towards immense information sharing. As mobile smartphones become more widespread and powerful, they store more personal data and may leak it carelessly or maliciously. Research shows that Android is widely used operating system among many smartphones. The growth of Android users infatuates attackers to target more Android smartphone devices by using malicious software. To defend against expansion of Android malwares, researchers propose many analysis, detection and classification techniques. This paper introduces a dynamic analysis approach to intercept API calls at runtime, extract logs, and analyze them. It helps to understand runtime behavior of installed applications and use of API calls for malicious purpose. By using this method, analysts may get to know if the application is benign or malicious by comparing its actual behavior and expected behavior. This research will offer essential help to malware researchers to quickly understand the activities and internal workings of unknown applications.