A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Discovering Dark Matter: Towards better Android Malware Heuristics - Jimmy Shah, David Shaw, Matt Dewitt (BSides Las Vegas 2013) (Hacking Illustrated Series InfoSec Tutorial Videos)

Discovering Dark Matter: Towards better Android Malware Heuristics - Jimmy Shah, David Shaw, Matt Dewitt

There are nearly 1,000,000 free and paid Android apps available.  A very small percentage of these mean to do you harm. Figuring out which apps are the bad ones is difficult enough for the average user, but it's not much easier for malware analysts.  Analysis tools and automation can help to filter this flood of apps.

Towards the end of discovering new unknown malware in a timely manner, we are developing new heuristics.

We will cover:
*     Existing analysis tools: manual and automated
*     Data leakage and permissions abuse
*     Development of new tools and heuristics for malicious Android apps
*     Comparing the results of running the heuristics vs. manual analysis

BIOS: Jimmy Shah is a Mobile Security Researcher specializing in analysis of mobile/embedded threats on existing platforms (Windows Phone 8, iOS, Android) and potential mobile malware and spyware. If it's lighter than a car, has a microprocessor, and is likely to be a target it's probably his problem. He has presented on mobile threat research at a number of computer security conferences.

David Shaw is the Senior Director of Engineering at Redspin, specializing in External and Application security assessments, with particular interest in exploit development and unconventional attack vectors. David was a speaker at ToorCon 12 and LayerOne 2013, and was the technical editor of the Nmap 6: Network Exploration and Security Auditing Cookbook.

Matthew McDevitt is a security and malware researcher. After 8 years' experience in systems administration, Matt began professionally pursuing information security, his hobby since young adulthood. Matt is currently a Mobile Malware Researcher and specializes in x86 and embedded system malware analysis.

 

Back to BSides Las Vegas 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast