GroddDroid

GroddDroid is a framework for executing automatically malware on a smartphone, triggering its user interface. It also detects suspicious parts of the code and try to force unseen branches of execution in order to try to force this branch. This way, Grodddroid helps to trigger the malicious behavior of the studied malware.

GrodddDroid refers to Gorilla Grodd which is a hyper-intelligent telepathic gorilla. GroddDroid has been presented at MALCON 2015 and received the best paper award. Its source code has been released under GPL (see below).

For more technical information about GroddDroid you can read the paper GroddDroid: a Gorilla for Triggering Malicious Behaviors or look at the slides of the presentation.

GroddDroid is an Inria proprietary software.

Demos

The demonstration video of GroddDroid presented at HCERES 2021. (In french)

The presentation of GroddViewer at the workshop GraMSec 2020.

The demonstration video of GroddDroid presented at MALCON 2015.

The following demo shows GroddDroid in action against a ransomware malware. The malware encrypts the user files (ransomware) and is packaged with a morpion game. The malicious behavior is triggered when the user wins 10 levels of the game. Thus, it is a challenging task to execute the malware and observe the malicious behavior.

Contributors

  • Adrien Abraham
  • Pierre Graux
  • Jean-Francois Lalande
  • Mourad Leslous
  • ValĂ©rie Viet Triem Tong
  • Pierre Wilke

About Us