Mobile Malware Attacks and Defense
Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices. Visual Payloads View attacks as visible to the end user, including notation of variants. Timeline of Mobile Hoaxes and Threats Understand the history of major attacks and horizon for emerging threates. Overview of Mobile Malware Families Identify and understand groups of mobile malicious code and their variations. Taxonomy of Mobile Malware Bring order to known samples based on infection, distribution, and payload strategies. Phishing, SMishing, and Vishing Attacks Detect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques. Operating System and Device Vulnerabilities Analyze unique OS security issues and examine offensive mobile device threats. Analyze Mobile Malware Design a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware. Forensic Analysis of Mobile Malware Conduct forensic analysis of mobile devices and learn key differences in mobile forensics. Debugging and Disassembling Mobile Malware Use IDA and other tools to reverse-engineer samples of malicious code for analysis. Mobile Malware Mitigation Measures Qualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents. Understand the History and Threat Landscape of Rapidly Emerging Mobile Attacks Analyze Mobile Device/Platform Vulnerabilities and Exploits Mitigate Current and Future Mobile Malware Threats Ken Dunham has more than a decade of experience on the front lines of information security. As Director of Global Response for iSIGHT Partners, he oversees all global cyber-threat response operations. He frequently briefs upper levels of federal and private-sector cyber security authorities on emerging threats, and regularly interfaces with vulnerability and geopolitical experts to assemble comprehensive malicious code intelligence and to inform the media of significant cyber threats. A major media company identified Mr. Dunham as the top quoted global malicious code expert in 2006. Mr. Dunham regularly discovers new malicious code, has written anti-virus software for Macintosh, and has written about malicious code for About.com, SecurityPortal, AtomicTangerine, Ubizen, iDEFENSE, and VeriSign. He is one of the pioneers of Internet community anti-virus support with websites rated as the best global resource by Yahoo Internet Life, PC WEEK, AOL and many others. Mr. Dunham is a member of the High Technology Crime Investigation Association (HTCIA), Government Emergency Telecommunications and Wireless Priority Service, AVIEN, Virus Bulletin, InfraGard, an RCG Information Security Think Tank, CME, and many other private information sharing channels. Mr. Dunham also participated in the CIA Silent Horizon (blue team) and DHS CyberStorm (observer) exercises. Mr. Dunham is a certified reverse engineer and regularly analyzes emergent exploits and malicious code threats and actors targeting client networks. He also works as a Wildlist Reporter each month with the Wildlist organization. He is the author of several books and is a regular columnist for an information security magazine. Mr. Dunham is also the founder of Boise Idaho Information Systems Security Association (ISSA) and Idaho InfraGard chapters.
Weiterlesen weniger lesen