Dunham / Hartman / Quintans | Android Malware and Analysis | E-Book | www.sack.de
E-Book

E-Book, Englisch, 242 Seiten

Dunham / Hartman / Quintans Android Malware and Analysis


1. Auflage 2014
ISBN: 978-1-4822-5220-0
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

E-Book, Englisch, 242 Seiten

ISBN: 978-1-4822-5220-0
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

The rapid growth and development of Android-based devices has resulted in a wealth of sensitive information on mobile devices that offer minimal malware protection. This has created an immediate demand for security professionals that understand how to best approach the subject of Android malware threats and analysis.

In Android Malware and Analysis, Ken Dunham, renowned global malware expert and author, teams up with international experts to document the best tools and tactics available for analyzing Android malware. The book covers both methods of malware analysis: dynamic and static.

This tactical and practical book shows you how to use to use dynamic malware analysis to check the behavior of an application/malware as it has been executed in the system. It also describes how you can apply static analysis to break apart the application/malware using reverse engineering tools and techniques to recreate the actual code and algorithms used.

The book presents the insights of experts in the field, who have already sized up the best tools, tactics, and procedures for recognizing and analyzing Android malware threats quickly and effectively. You also get access to an online library of tools that supplies what you will need to begin your own analysis of Android malware threats. Tools available on the book’s site include updated information, tutorials, code, scripts, and author assistance.

This is not a book on Android OS, fuzz testing, or social engineering. Instead, it is about the best ways to analyze and tear apart Android malware threats. After reading the book, you will be able to immediately implement the tools and tactics covered to identify and analyze the latest evolution of Android threats.

Dunham / Hartman / Quintans Android Malware and Analysis jetzt bestellen!

Zielgruppe

IT professionals involved with network, computer, and device security and forensics.

Autoren/Hrsg.

Dunham, Ken
Hartman, Shane
Quintans, Manu
Morales, Jose Andre
Strazzere, Tim

Fachgebiete

Weitere Infos & Material

Introduction to the Android Operating System and Threats

Android Development Tools

Risky Apps

Looking Closer at Android Apps

Malware Threats, Hoaxes, and Taxonomy

2010 FakePlayer DroidSMS FakeInst TapSnake SMSReplicator Geinimi

2011 ADRD Pjapps BgServ DroidDream Walkinwat zHash DroidDreamLight Zsone BaseBridge DroidKungFu GGTracker jSMSHider Plankton GoldDream DroidKungFu2 GamblerSMS HippoSMS LoveTrap Nickyspy SndApps Zitmo DogWars DroidKungFu3 GingerMaster AnserverBot DroidCoupon Spitmo JiFake Batterydoctor

2012 AirPush Boxer Gappusin Leadbolt Adwo Counterclank SMSZombie NotCompatible Bmaster LuckyCat DrSheep

2013 GGSmart Defender Qadars MisoSMS FakeRun TechnoReaper BadNews Obad
2014 DriveGenie Torec OldBoot DroidPack

Open Source Tools
Locating and Downloading Android Packages

Vulnerability Research for Android OS

Antivirus Scans

Static Analysis Linux File Command Unzip the APK Strings Keytool Key and Certificate Management Utility DexID DARE Dex2Jar JD-GUI JAD APKTool AndroWarn Dexter VisualThreat

Sandbox Analysis AndroTotal APKScan Mobile Malware Sandbox Mobile Sandbox

Emulation Analysis Eclipse DroidBox AppsPlayground

Native Analysis Logcat Traceview and Dmtracedump Tcpdump

Reverse Engineering Androguard AndroidAuditTools Smali/Baksmali AndBug

Memory Analysis LiME Memfetch Volatility for Android Volatilitux

Static Analysis

Collections: Where to Find Apps for Analysis Google Play Marketplace Marketplace Mirrors and Cache Contagio Mobile Advanced Internet Queries Private Groups and Rampart Research Inc. Android Malware Genome Project

File Data

Cryptographic Hash Types and Queries

Other Metadata Antivirus Scans and Aliases Unzipping an APK Common Elements of an Unpacked APK File Certificate Information Permissions Strings Other Content of Interest within an APK

Creating a JAR File
VisualThreat Modeling

Automation
(Fictional) Case Study

Android Malware Evolution

Android Malware Trends and Reversing Tactics

Behavioral Analysis
Introduction to AVD and Eclipse
Downloading and Installing the ADT Bundle

The Software Development Kit Manager
Choosing an Android Platform
Choosing a Processor

Using HAXM

Configuring Emulated Devices within AVD

Location of Emulator Files

Default Image Files

Runtime Images: User Data and SD Card

Temporary Images

Setting Up an Emulator for Testing

Controlling Malicious Samples in an Emulated Environment

Additional Networking in Emulators
Using the ADB Tool

Using the Emulator Console

Applications for Analysis

Capabilities and Limitations of the Emulators

Preserving Data and Settings on Emulators

Setting Up a Physical Device for Testing

Limitations and Capabilities of Physical Devices

Network Architecture for Sniffing in a Physical Environment

Applications for Analysis

Installing Samples to Devices and Emulators
Application Storage and Data Locations

Getting Samples Off Devices

The Eclipse DDMS Perspective

Devices View Network Statistics File Explorer Emulator Control System Information

LogCat View Filtering LogCat Output

Application Tracing

Analysis of Results

Data Wiping Method

Application Tracing on a Physical Device

Imaging the Device
Other Items of Interest Using Google Services Accounts Sending SMS Messages Getting Apps from Google Play Working with Databases

Conclusion

Building Your Own Sandbox
Static Analysis

Dynamic Analysis

Working Terminology for an Android Sandbox Android Internals Overview Android Architecture Applications Applications Framework Libraries
Android Runtime
The Android Kernel

Build Your Own Sandbox

Tools for Static Analysis

Androguard Radare2 Dex2Jar and JD-GUI APKInspector Keytool Tools for Dynamic Analysis TaintDroid DroidBox DECAF TraceDroid Analysis Platform Volatility Framework
Sandbox Lab (Codename AMA) Architecture Host Requirements Operating System Configuration Running Sandbox What Happens When You Upload Malware Samples, from a Dynamic Analysis Point of View Conclusions about AMA

Case Study Examples

Usbcleaver Checkpoint Static Analysis Checkpoint Dynamic Analysis Launch of the APK Summary

Torec

Bibliography

Index

Patricia A. Gabow, MD, MACP, was CEO of Denver Health from 1992 until her retirement in 2012, initially transforming it from a department of city government to a successful, independent governmental entity and then leading its Lean transformation. Denver Health’s Lean effort earned the Shingo Bronze Medallion for Operational Excellence, the first healthcare entity in the world to receive such recognition. Prior to becoming CEO, Dr. Gabow was a practicing nephrologist and academic researcher serving as chief of nephrology, director of medical services, and chief medical officer at Denver Health. Dr. Gabow is a member of the Medicaid and CHIP Payment and Access Commission (MACPAC), the Robert Wood Johnson Foundation Board of Trustees, the Institute of Medicine Roundtable on Value and Science Driven Health Care, the National Governors’ Association Health Advisory Board, and a senior advisor to Simpler. She is a professor of medicine at the University of Colorado School of Medicine and has authored more than 150 articles and book chapters. She earned her MD degree from the University of Pennsylvania School of Medicine. She has received numerous awards including the AMA Nathan Davis Award for Outstanding Public Servant, the National Healthcare Leadership Award, the David E. Rogers Award from the Association of American Medical Colleges (AAMC), the Health Quality Leader Award from the National Committee for Quality Assurance (NCQA), and was elected to the Association for Manufacturing Excellence for her work in bringing Lean into healthcare.

Philip L. Goodman, MS, RRT, was the director of the Lean Systems Improvement Department at Denver Health, overseeing the Lean facilitators and Lean educational initiatives. In this role he led the operational aspects of the Lean transformation effort, the Black Belt training program, and the Lean Academy at Denver Health. Goodman was employed at Denver Health from 1979 until his retirement in 2013. Prior to directing the Lean Systems Improvement Department, he was the service line administrator for the Department of Medicine and director of respiratory therapy at Denver Health. Goodman is a Denver Health Master Black Belt and a registered respiratory therapist.

He earned his master’s degree in healthcare administration from Regis University in Denver. Goodman has conducted numerous presentations of Denver Health’s Lean transformation effort at the national level.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.