Professional Documents
Culture Documents
SMC Practical Exercise 3 (Ahmad f2008, Syafiq f2056, Hidayat f2036)
SMC Practical Exercise 3 (Ahmad f2008, Syafiq f2056, Hidayat f2036)
SMC Practical Exercise 3 (Ahmad f2008, Syafiq f2056, Hidayat f2036)
DFP50123
SECURE MOBILE COMPUTING
TOPIC CHAPTER 3
ASSESMENT PRACTICAL EXERCISE 3
1) AHMAD YUSUF FARHAN BIN AWANG
2) MUHAMAD SYAFIQ IKRAM BIN MOHAMAD TARMIZI
NAME
3) MUHAMMAD HIDAYAT BIN AB AZIZ
1) 13DDT20F2008
2) 13DDT20F2056
REG NO
3) 13DDT20F2036
PROGRAMME DDT4 S1
INSTRUCTIONS:
1. Answer ALL the questions
2. Submit the assessment on
MARKING SCHEME
CLO 1 PLO 3
/20
TOTAL
Learning Outcomes
At the end of this activity session, you should be able to:
Mobile malware, as its name suggests is malicious software that specifically targets
the operating systems on mobile phones. There are many types of mobile malware
variants and different methods of distribution and infection. One of the method used
in the distribution of malware is using APK file. There are various APK services
available on the web that allow users to download pirated apps from unknown
source. Not all of these may be trusted, with some APK files containing malicious
software that deliberately infects the mobile device. Find out how to make sure
whether APK file is safe or not. There are several ways to do this.
Exercise:
In a group of 3 person find any sample of APK file and download it. Choose any
TWO (2) methods/ways to check the APK file status by using the appropriate tools.
Refer to below website in your findings:
https://bit.ly/3eGKpmQ
https://bit.ly/3luj09r
**any related sources are allowed.
INTRODUCTION:
Malicious software is a program or file that is intentionally harmful to a computer,
network or server. Types of malicious software include computer viruses, worms,
Trojan horses, ransomware and spyware. These malicious programs steal, encrypt
and delete sensitive data; alter or hijack core computing functions and monitor end
users' computer activity. Malicious software can infect networks and devices and is
designed to harm those devices, networks and/or their users in some way.
Depending on the type of malicious software and its goal, this harm may present
itself differently to the user or endpoint. In some cases, the effect malicious software
has is relatively mild and benign, and in others, it can be disastrous. No matter the
method, all types of malicious software are designed to exploit devices at the
expense of the user and to the benefit of the hacker the person who has designed
and/or deployed the malware.
Cycle Development:
Special Risks
Area of risk:
P2 Tools: State and explain the tools.
Hash Droid
As mentioned above, one way to see if you're downloading the right APK is to check its
hash. The SHA of a file is kind of like a digital fingerprint, and if the app you're looking
for has its SHA publicly mentioned by the developers, then you can compare that with
the SHA of the APK you have. If the two match, you're safe. This should show you the
APK's hash data, which would be a long string that looks something like
this:5a8679e3e4298b7b3ffac725106db12a21bdb0bcf746f44fa7e46c40dbf794aa.
By using this method, you can compare the hashes of APKs and what the app
publishers have revealed, to see if the APK is safe to install. With these three methods,
you can have a greater degree of security when using apps downloaded from third
party sources. However, it's worth noting that these methods are never 100 percent
secure, and if you're worried about malicious software, then it's probably better to stick
to the Play Store.
P3. Steps: Construct step by step you download, install and configure the tools.
Step 7 : Press "HAS A TEXT", next, paste back the HASH CODE and
press calculate.
Step 8 : Press "COPY CHECKSUM TO CLIPBOARD" and go to
COMPARE HASHES.
Step 9 : Enter the results that have been "Calculated" the first
HASH and the second Hash
P4. Outcome: Display the APK file status by using tools.