First I will provide an introduction to security of Android Apps: we will take a look at them through the eyes of a security engineer, looking at examples of how to reverse engineer them to look for possible security issues through 'Behavioral Analysis'. I will also discuss the limitations of manual research. Then, I will introduce an automated way to scan android devices using an "Automated Security Evaluation Framework" (A S E F). Then I will discuss the framework's design, showing a live demo of how it works, and how to use it. We will also go over interesting results and statistics covering the scope of the tool's functionality and outcome. I will demonstrate how to expand this idea and solve complex problems with most practical ways. I will also discuss what future versions of 'A S E F' has to offer and at the same time will make it available as an Open Source Project.
 

Download:
http://archive.org/download/BsidesLasVegas2012/1.1.6ParthPatelIntroducingandroidSecurityEvaluationFramework-Asef.avi 

Back to BSides Las Vegas 2012 video list