mobile malware why the traditional av paradigm is doomed
play

Mobile Malware: Why the traditional AV paradigm is doomed, and how - PowerPoint PPT Presentation

Oct 22, 2022 •259 likes •454 views

Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect physics to detect undesirable routines Guy Stewart VP Engineering Fatskunk Inc. The Malware Problem The Malware Problem Trojans, Rootkits, the

  1. Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect physics to detect undesirable routines Guy Stewart VP Engineering Fatskunk Inc.

  2. The Malware Problem The Malware Problem Trojans, Rootkits, the Zero Day Apocalypse

  3. Threats

  4. Threats

  5. Untrustworthy Supply Chains

  6. Software Attestation Software Attestation Introduction to Software Attestation using Principles of Physics

  7. Approach: Measure by Displacement

  8. The software Space / Time trade-off

  9. Approach 1. Stop execution of all programs (malware may refuse) monolith kernel malware malware honest software, data, or passive malware cache

  10. Approach 1. Stop execution of all programs (malware may refuse) monolith 2. Overwrite “free” memory with kernel pseudo-random content (malware refuses again) malware malware cache

  11. Approach 1. Stop execution of all programs (malware may refuse) monolith 2. Overwrite “free” memory with pseudo- kernel random content (malware refuses again) again) malware malware 3. Compute keyed digest of all memory (access order unknown a priori) cache

  12. Verify results

  13. Commercial Applications

  14. Secure Execution Environment (SXE)

  15. OS Secure Boot

  16. TrustZone Normal World

  17. Interconnected Embedded Systems Client Verifier Client Verifier Client

  18. FatSkunk.com Guy Stewart : Guy@FatSkunk.com

Recommend

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
Ubiquitous and Mobile Computing CS 528: A Survey of Mobile Malware in the Wild Alex Fortier

Ubiquitous and Mobile Computing CS 528: A Survey of Mobile Malware in the Wild Alex Fortier

Ubiquitous and Mobile Computing CS 528: A Survey of Mobile Malware in the Wild Alex Fortier Computer Science Dept. Worcester Polytechnic Institute (WPI) What is mobile malware? Targeted at Android, iOS, Symbian (discontinued), Windows Phone

507 views • 17 slides
Mobile and Ubiquitous Computing CS 525M: A Survey of Mobile Malware in the Wild Hiromu Enoki

Mobile and Ubiquitous Computing CS 525M: A Survey of Mobile Malware in the Wild Hiromu Enoki

Mobile and Ubiquitous Computing CS 525M: A Survey of Mobile Malware in the Wild Hiromu Enoki Computer Science Dept. Worcester Polytechnic Institute (WPI) 1 Introduction Mobile Malware is fairly recent July 2004 Cabir virus came out on

487 views • 24 slides
WHY MOBILE TO MOBILE MALWARE WONT CAUSE A STORM Nathaniel Husted Steven Myers Indiana

WHY MOBILE TO MOBILE MALWARE WONT CAUSE A STORM Nathaniel Husted Steven Myers Indiana

WHY MOBILE TO MOBILE MALWARE WONT CAUSE A STORM Nathaniel Husted Steven Myers Indiana University Monday, April 4, 2011 MOBILE TO MOBILE MALWARE Bluetooth (Mabir/Cabir/Commwarrior) Vs. MMS (Mabir/Commwarrior) Symbian OS -- Dominant

338 views • 21 slides
Experiences of of La Landing Machine Le Learning onto Market-Scale Mobile Malware Detection

Experiences of of La Landing Machine Le Learning onto Market-Scale Mobile Malware Detection

Experiences of of La Landing Machine Le Learning onto Market-Scale Mobile Malware Detection Liangyi Gong, Zhenhua Li, Feng Qian, Zifan Zhang, Qi Alfred Chen, Zhiyun Qian, Hao Lin, Yunhao Liu Mobile Malware Detection Android App Markets

424 views • 29 slides
Retroac(ve Detec(on of Malware with Applica(ons to Mobile Pla8orms Markus Jakobsson

Retroac(ve Detec(on of Malware with Applica(ons to Mobile Pla8orms Markus Jakobsson

Retroac(ve Detec(on of Malware with Applica(ons to Mobile Pla8orms Markus Jakobsson KarlAnders Johansson FatSkunk 1 Market forecast for mobile More smartphones than PCs in 23 years Dominant pla@orms targeted 4G will fuel

790 views • 16 slides
A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web

A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web

A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web Alexei Bulazel & Blent Yener River Loop Security Rensselaer Polytechnic Institute (RPI) Introduction Automated dynamic malware analysis is

684 views • 33 slides
Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till

Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till

Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Drges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Drges Protection Malware seen

739 views • 57 slides
9. Evaluation Outline 9.1. Cranfield Paradigm & TREC 9.2. Non-Traditional Measures 9.3.

9. Evaluation Outline 9.1. Cranfield Paradigm & TREC 9.2. Non-Traditional Measures 9.3.

9. Evaluation Outline 9.1. Cranfield Paradigm & TREC 9.2. Non-Traditional Measures 9.3. Incomplete Judgments 9.4. Low-Cost Evaluation 9.5. Crowdsourcing 9.6. Online Evaluation Advanced Topics in Information Retrieval / Evaluation 2

573 views • 40 slides
FlowDroid Alex Mariakakis From CSE 501 again Motivation All sorts of mobile malware exist

FlowDroid Alex Mariakakis From CSE 501 again Motivation All sorts of mobile malware exist

FlowDroid Alex Mariakakis From CSE 501 again Motivation All sorts of mobile malware exist Selling user information to advertisement/ marketing companies Stealing user credentials Premium rate calls and SMS SMS spam

843 views • 17 slides
Mobile Mapping | Mass Data Collection Traditional methods of data collection can be THE

Mobile Mapping | Mass Data Collection Traditional methods of data collection can be THE

Jimmy Jordan | GISP JULY 2018 Mobile Mapping | Mass Data Collection Traditional methods of data collection can be THE PROBLEM Time- Labor- Costly Dangerous Consuming Intensive MOBILE MAPPING: THE SOLUTION What is mobile mapping?

1.11k views • 36 slides
What could possibly go right? AGRICULTURE IS DOOMED. OR MAYBE NOT. SD Corn Growers 1/20/18

What could possibly go right? AGRICULTURE IS DOOMED. OR MAYBE NOT. SD Corn Growers 1/20/18

What could possibly go right? AGRICULTURE IS DOOMED. OR MAYBE NOT. SD Corn Growers 1/20/18 johnwphipps@gmail.com I foresee many predictions Tis the season Demand-driven Impossible to ignore Change our imagination Impactful

239 views • 12 slides
Agenda 1. Capital One 2. Traditional Batch Analytics 3. The Great Paradigm Shift Real-Time

Agenda 1. Capital One 2. Traditional Batch Analytics 3. The Great Paradigm Shift Real-Time

Agenda 1. Capital One 2. Traditional Batch Analytics 3. The Great Paradigm Shift Real-Time Analytics 4. What are the Drivers? 5. Apache Flink Next Generation Big Data Analytics Framework 6. Business Use Case: Customer Activity Event Logs 7.

1.05k views • 47 slides
Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al [FSE 14] Presented by Maaz Ahmad The Malware Problem (Feb, 2015) Motive Security Labs estimates 16 million infected mobile devices. [1]

828 views • 30 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

540 views • 42 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

570 views • 22 slides
Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H.

Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H.

Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H. Andrs Lagar-Cavilla #, Alexander Varshavsky #, Vinod Ganapathy *, and Liviu Iftode * * Rutgers University # AT&T Labs Research Smart Phone

709 views • 28 slides
Introduction to Introduction to Mobile Robotics R b t Robot control paradigm s t l di

Introduction to Introduction to Mobile Robotics R b t Robot control paradigm s t l di

Introduction to Introduction to Mobile Robotics R b t Robot control paradigm s t l di Wolfram Burgard Cyrill Stachniss Gi Giorgio Grisetti i G i tti Maren Bennewitz Christian Plagemann Christian Plagemann SA-1 SA-1 Classical /

882 views • 22 slides
Exploring new mobile ethnography methods beyond the traditional voxpop, and how to use a (now

Exploring new mobile ethnography methods beyond the traditional voxpop, and how to use a (now

Exploring new mobile ethnography methods beyond the traditional voxpop, and how to use a (now free) platform to complete projects in the absence of face to face. April 2020 Presented by Alistair Vince, Chief Tinkerer @ Watch Me Think +44

203 views • 5 slides
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal

Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal paul@gtisc.gatech.edu Agenda Modern Malware Obfuscations, Server-side Polymorphism, Collection Volume Malware Analysis Detection

504 views • 27 slides
Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that

Getting started with malware analysis Judith van Stegeren Definitions Malware : any software that does something that causes harm to a user, computer or network, including viruses, trojan horses, worms, rootkits, scareware and spyware. Malware

119 views • 9 slides
GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI

GOODWARE DRUGS FOR MALWARE: ON-THE-FLY MALWARE ANALYSIS AND CONTAINMENT DAMIANO BOLZONI CHRISTIAAN SCHADE TWENTE SECURITY LAB UNIVERSITY OF TWENTE THE NETHERLANDS AGENDA Something about malware Malware internals Current analysis

398 views • 27 slides
Natural User Interfaces in Mixed Reality Applications and on Mobile Phones MUSCLE 4th Scientific

Natural User Interfaces in Mixed Reality Applications and on Mobile Phones MUSCLE 4th Scientific

Natural User Interfaces in Mixed Reality Applications and on Mobile Phones MUSCLE 4th Scientific Meeting 16.2.2006, Istanbul Sanni Siltanen, VTT VTT TECHNICAL RESEARCH CENTRE OF FINLAND Traditional Mobile Phone Interface The traditional

429 views • 11 slides
The Game Development Process Postmortems Those who do not learn from history are doomed to

The Game Development Process Postmortems Those who do not learn from history are doomed to

The Game Development Process Postmortems Those who do not learn from history are doomed to repeat it. - George Santayana Introduction When starting new project reflect very critically on past projects (the Postmortem) What went

373 views • 11 slides

More recommend