New Research Tool: FirmwareDroid

We are excited to announce the release of FirmwareDroid, an open-source tool developed at our group that allows the user to analyse Android firmware.

Description

Examining the Security of Android’s Pre-installed Apps with FirmwareDroid We developed FirmwareDroid, a novel framework for analyzing the security of pre-installed apps in Android devices. With hundreds of pre-installed apps locked by Android’s read-only security protocols, many of these “bloatware” apps pose potential security and privacy risks. FirmwareDroid automates the extraction and static analysis of these apps, helping detect vulnerabilities, privacy concerns, and dangerous permissions across diverse firmware packages. This advancement provides unprecedented transparency into the functionality and security of apps users cannot typically control. FirmwareDroid’s future development aims to expand to dynamic analysis, allowing for real-time testing without physical devices. By leveraging advanced emulation, the framework will enable cost-effective, scalable assessments of these apps, supporting a safer mobile ecosystem. This open-source tool represents a significant step toward enhancing public security and accountability in mobile software, inviting contributions from researchers and developers to further its capabilities.

For more information, check the associated ERCIM article. The sources can be found on GitHub.