The mobile phones play an increasingly important role in our lives, therefore the reliable and secure functioning of applications running on them are getting more and more prominent too. With proper planning and thorough testing much of malfunctions can be filtered out, but experiences show still remaining bugs in the software that can be notified by monitoring, and in case possibly avoided by an intervention.
My task is to develop an application, which is monitoring the network messages of other applications and validates its correct functioning. To do this, you must know how to observe an application’s network communications – whether we have access to the source code or not -, how to determine what kind of higher-level messages have been sent or received by the application, and how to decide whether the sequence of messages is compliant to the required operation (which can be specified e.g. by using predefined scenarios). The task also includes the development or the usage of network communicating application, which is complex enough to justify the proper functionality of the monitoring application.
During the semester I managed to deepen my knowledge in developing to Android platform and scanned the different ways of monitoring an application provided by the platform. Furthermore, I analyzed the advantages and disadvantages of these monitoring techniques and weighted up their implementation efforts. From the mapped methods I chose two and implemented them; one for the case that the source code of the application is available and another for application with unknown sources.
During the development the main aspects were the future extendibility of the solution and the clean code. In my thesis – beside properly document the solution - I also demonstrate the errors that occurred during the development.
By the end of the semester I managed to reach my target – that is preparing an Android application to monitor other applications – and to test the two monitoring methods together with the related example application.
By analyzing the results of the test, I can state, that the application is suitable for monitoring the network communication of other applications, if its source code is available, or no encryption has been used in the messages.