International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 06 Issue: 05 | May 2019 www.irjet.net p-ISSN: 2395-0072 © 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 6911 A Review on several vulnerabilities detection techniques in Android Mobile Ms. Jigna Solanky 1 , Dr. Dharmendra Bhatti 2 1 Assistant Professor, Department of Computer Science, Uka Tarsadia University, Bardoli, Gujarat, India 2 Professor, Department of Computer Science, Uka Tarsadia University, Bardoli, Gujarat, India ----------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Mobile Devices, tablets and Smartphone’s have rapidly growing because of their extremely personal and powerful attributes. Android has been the most famous mobile operating system. As Android has governing most of the market, the problem of malware threats and security is also increasing. Android has continuously becoming the most targeted platform for attackers. Although there have been many number of studies reviewing the current analysis and detection methods, they are unable to fully address this research domain. Hence, in this review paper, we group the recent analysis and detection methods in mobile vulnerabilities detection. Addition to that, we review the Android features available in mobile vulnerabilities detection, and various trusted and widely used datasets. Key Words: Vulnerabilities, Android, Mobile Vulnerabilities, Detection techniques, Permissions, static and dynamic analysis 1. INTRODUCTION Now a day’s smart-phones are becoming very popular all around the globe. Mobile devices have becoming important part of many of the people’s life. As the study says, among all the mobile platforms, Android is the widely used platform. With the growing use of these mobile platforms in delicate applications, there is a problems linked with malicious activities targeted at mobile devices. Smart phones have replaced use of personal computers in terms of internet usage. Addition to that, smart phone allows users to check their emails, tweets or social media in device. In terms of smart phone usage, 50.3% of all web traffic came from mobile devices compared in 2017 and in 2018 it reaches to 52.2% which is increasing day by day [1]. A malicious activity has threatened smart phones for many years and android devices are gaining popularity with time. Seeing this most of the discovered vulnerabilities is aiming at android platform. A malicious activity could be any code which is added, removed or changed from an application in order to intentionally cause harm to the significant function of the system. The main purpose of attacker is to steal data, personal information, gaining access to user’s accounts and establishing control channels. The functioning of a device also depends upon the type of vulnerability. Vulnerability writers are actively and continuously developing vulnerable programs to target Android platform. This continuous evolution and the diversity of vulnerability pose a major threat to Android applications. Many users storing some private data such as contact list, passwords, and credit card numbers on mobile devices. Now a day’s mobile banking is widely used among people since they are able to access their account’s information on the go and saving the account’s credential on the device is inevitable. Based on this scenario, attackers have turned their attention to smart phones, as sensitive data are available abundantly on smart phones, and the security issues are taken less seriously on such devices. Adware: It generally aims to just advertising the products or websites that are annoying but doesn’t cause any harm. Android dowgin is a adware which install itself on a mobile device as a bundle with the other applications. Later on it displays ads in the notification bar and cannot be easily removed. It is estimated that between 10000-50000 users are infected with this adware [2]. 2. Features of Android in Mobile for malicious activity Detection Researches use distinctive features available in Android for examination. Android applications contain various components, for example, permissions, Java code, certification, the behavior of the application on the gadget, and their behavior on the network. Choosing the most helpful subset of features from a huge number of accessible features changes the after effect of the entire experiments. We divide available features into two main groups’ i.e. static and dynamic features. Fig -1: List of all Android Features