Many devices using Android such as handphone, tablet and others. Android makes the daily works become so easy to activate other devices using IoT technology. To use those facilitate, Android user should install a file such as an apk file. The objective of this research is to examine the impact of an apk file in Android using static and dynamic analysis. First, static analysis was done using Qark and the results are three recommendation such as vulnerable, warning and information. Second, dynamic analysis was done by giving the permission to the apk file when it was installed in Android. The impact of this condition was anyone could access almost all the resources in the Android such as SMS when connected to internet.

Vulnerability, Static, Dynamic, Android, Apk

Umasankar, “Analysis of latest vulnerabilities in android,” in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017, pp. 1236–1241, doi: 10.1109/ICACCI.2017.8126011.

M. Linares-Vásquez, G. Bavota, and C. Escobar-Velásquez, “An Empirical Study on Android-Related Vulnerabilities,” in 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR), 2017, pp. 2–13, doi: 10.1109/MSR.2017.60.

W. J. Buchanan, S. Chiale, and R. Macfarlane, “A methodology for the security evaluation within third-party Android Marketplaces,” Digit. Investig., vol. 23, pp. 88–98, 2017, doi: https://doi.org/10.1016/j.diin.2017.10.002.

B. M. Al-Zadjali, “A Critical Evaluation of Vulnerabilities in Android OS: (Forensic Approach),” Int. J. Comput. Appl., vol. 130, pp. 38–42, 2015.

A. Khandelwal and A. K. Mohapatra, “An insight into the security issues and their solutions for android phones,” in 2015 2nd International Conference on Computing for Sustainable Global Development (INDIACom), 2015, pp. 106–109.

T. Yang, Y. Yang, K. Qian, D. C.-T. Lo, Y. Qian, and L. Tao, “Automated Detection and Analysis for Android Ransomware,” in 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems, 2015, pp. 1338–1343, doi: 10.1109/HPCC-CSS-ICESS.2015.39.

A. Sarkar, A. Goyal, D. Hicks, D. Sarkar, and S. Hazra, “Android Application Development: A Brief Overview of Android Platforms and Evolution of Security Systems,” in 2019 Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), 2019, pp. 73–79, doi: 10.1109/I-SMAC47947.2019.9032440.

S. Yadav, A. Apurva, P. Ranakoti, S. Tomer, and N. R. Roy, “Android vulnerabilities and security,” in 2017 International Conference on Computing and Communication Technologies for Smart Nation (IC3TSN), 2017, pp. 204–208, doi: 10.1109/IC3TSN.2017.8284477.

Q. Kennemer, “New Android Malware Can Infect Your Phone By Simply Visiting a Website,” Phandroid, Apr. 2016.

J. Smith, “Google Play Protect rolling out to Android devices for better security,” iGeneration, Jul. 2017.

J. Gao, L. Li, P. Kong, T. F. Bissyandé, and J. Klein, “Understanding the Evolution of Android App Vulnerabilities,” IEEE Trans. Reliab., vol. 70, no. 1, pp. 212–230, 2021, doi: 10.1109/TR.2019.2956690.

J. Joshi and C. Parekh, “Android smartphone vulnerabilities: A survey,” in 2016 International Conference on Advances in Computing, Communication, Automation (ICACCA) (Spring), 2016, pp. 1–5, doi: 10.1109/ICACCA.2016.7578857.

K. Kulkarni and A. Y. Javaid, “Open Source Android Vulnerability Detection Tools: A Survey,” 2018, [Online]. Available: http://arxiv.org/abs/1807.11840.

W. Chao et al., “An Android Application Vulnerability Mining Method Based On Static and Dynamic Analysis,” in 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC), 2020, pp. 599–603, doi: 10.1109/ITOEC49072.2020.9141575.