Taranjeet Kaur Chawla et al, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.4, April- 2014, pg. 1204-1208 © 2014, IJCSMC All Rights Reserved 1204 Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320–088X IJCSMC, Vol. 3, Issue. 4, April 2014, pg.1204 – 1208 RESEARCH ARTICLE Transfiguring of an Android App Using Reverse Engineering Taranjeet Kaur Chawla, Aditi Kajala M.Tech(CSE), Mody University of Science and Technology, Lakshmangarh, India taran.chawla17@gmail.com, aditikajala.fet@modyuniversity.ac.in Abstract— Today in this webbed world, smartphones have conquered a major part i n human’s life. An android application is an assemblage of Java which is edited from the source code, to .class file, further to .dex files to execute on the Dalvik virtual machine. Here, in this paper we have implemented the reverse engineering principle on an android app which is responsible for leaking the personal information from your smartphone such as IMEI, IMSI etc. Our research includes and emphasizes the misuse of personal/phone identifiers as well as the physical location. This paper seeks better to analyse over more than 1000 android applications which are free for the user. We have carried out the analysis i.e. static as well as dynamic. Keywords— Android; IMEI; IMSI; Reverse engineering, Dalvik I. INTRODUCTION Android has refashioned the mobile world. It is a comprehensive as well as an open source platform. Along with the android becoming popular software, there also come a number of loopholes. The day-by-day increasing numbers of free applications, which are provided by the markets, such as Apple‟s App Store and Google Android Market, with just one click have led to a hindrance in security. The security model of android is unique. The open nature of the platform always welcomes the changes and countermeasures. These changes can even help or violate with the security, therefore, it‟s more necessary to focus on protecting the device from hackers. The loopholes and the bugs of the current application act as a favourable condition for the hackers to exploit. Phishing, usage of local data, unsafe http connections etc. are the most common today. [1] It has been surveyed that around 50 applications in Google‟s Play Market leaked sensitive information as it migrated from handset to handset specifically on the Ice Cream Sandwich version of android and also on the other web services. Attributes of successful online communities are recognized and help in attaining and designing a security platform for the android applications. A good number of exploits were found as the handsets were connected to a local network. A number of available android apps have a necessity to pass the messages over the web and therefore are considered for securing the sensitive data during the transition. Further it has been studied that these apps make use of SSL/TLS protocols. It has been estimated that 1,074 (8.0%) of the apps studied and analysed have the SSL/TLS code which is prone to MITM attacks.[2] But still, the problems were tackled and were able to win over the SSL layer and the transport layer which were implemented. Particularly, the specific applications were not discoverable but still they were downloaded for around 39.5 million to 185 million times.