This is the final project for my CSC414 Software Development class. This was a group project created by four people. As with most university level group projects, some people worked more than others. I was responsible for the majority of the Android coding.
The same final project was assigned to all students. We were to design an “AntiVirus” type program that worked with Android. The idea was pitched as a government agency that has employees who all have government issued phones, and they need an app that is a safe way to protect people from downloading malicious software. We were encouraged to come up with our own ideas and ways to approach this.
We considered several ideas for blocking installs and making an “AntiVirus” type application, but every idea we came up with required the phone to be rooted which was not allowed for the assignment. In the end, we came up with a rating system that would warn the user of how bad an application might possibly be.
We decided to go with a three part rating system using High, Medium, and Low risk. There were two parts to the warning system which was our risk algorithm and a more customized algorithm that let users flag certain permissions are lower or higher risk.
The SpyNot application works as follows. First, it detects any installs from the Google Play store. When an install is detected, our rating window will pop up. Our rating window gives the user a short risk assessment of the application and has a button to uninstall the application if the user chooses. The application has four main risk assessment scores and a combined main score. The four scores are the market score, access to information, malware score, and a permission score.
The market score takes a combination of information from the market such as number of downloads, average rating, total ratings, etc and combines it into an overall score. The information access gives a score based on how much personal information the application can transmit. For example if it can read your data and has internet access, then it is a higher rating since it can copy your data and send it somewhere. The malware score is generated by scanning a known malware database and compares the installed application. The permissions score is based on the custom permissions a user can select, or the default permissions if none were set up.
You can see the documentation for the SpyNot project below. The code is available on my Github page.