Mobile application vetting, the process of determining which third-party applications are safe to deploy on mobile devices, is a challenging problem facing many personal, corporate, and government users of such devices. In the context of multiple mobile devices belonging to private businesses or government agencies, malicious software programs downloaded by users of the mobile devices can compromise the safety and security of the infected device but can also compromise the safety and security of an organization's entire computing network.
In an attempt to prevent malicious software (“malware”) contained within a particular mobile device software application from infecting a user's device or an enterprise's computing network, mobile applications can be vetted by an enterprise security team to assess the safety of a particular mobile device software application. Cybersecurity teams can employ emulation environments that allow the team to assess the safety of a particular application before allowing for its use by users of the enterprise's mobile devices. An emulation environment or “sandbox” can refer to a testing environment that allows for the use and testing of software applications in an isolated environment (i.e., an environment in which the untested code cannot access a live mobile device or access a computing network). However, automated emulation environments can be easy to detect using a variety of known techniques.
Cybersecurity teams have also employed manual analysis of mobile applications by loading the application onto a physical mobile device that is then tested manually by an operator of the device, or through the use of sophisticated interactive disassembler tools such as Ida Pro™. However, while providing a more reliable analysis of an application, manual analysis can be expensive and time-consuming.