Articoli correlati a Android Malware and Analysis
Sinossi
The rapid growth and development of Android-based devices has resulted in a wealth of sensitive information on mobile devices that offer minimal malware protection. This has created an immediate need for security professionals that understand how to best approach the subject of Android malware threats and analysis.
In Android Malware and Analysis, Ken Dunham, renowned global malware expert and author, teams up with international experts to document the best tools and tactics available for analyzing Android malware. The book covers both methods of malware analysis: dynamic and static.
This tactical and practical book shows you how to use to use dynamic malware analysis to check the behavior of an application/malware as it has been executed in the system. It also describes how you can apply static analysis to break apart the application/malware using reverse engineering tools and techniques to recreate the actual code and algorithms used.
The book presents the insights of experts in the field, who have already sized up the best tools, tactics, and procedures for recognizing and analyzing Android malware threats quickly and effectively. You also get access to an online library of tools that supplies what you will need to begin your own analysis of Android malware threats. Tools available on the book’s site include updated information, tutorials, code, scripts, and author assistance.
This is not a book on Android OS, fuzz testing, or social engineering. Instead, it is about the best ways to analyze and tear apart Android malware threats. After reading the book, you will be able to immediately implement the tools and tactics covered to identify and analyze the latest evolution of Android threats.
Updated information, tutorials, a private forum, code, scripts, tools, and author assistance are available at AndroidRisk.com for first-time owners of the book.
Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.
L'autore
Ken Dunham has nearly two decades of experience on the front lines of information security. He currently works as a principal incident intelligence engineer for iSIGHT Partners and as CEO of the nonprofit Rampart Research. Dunham regularly briefs top-level executives and officials in Fortune 500 companies and manages major newsworthy incidents globally. Formerly, he led training efforts as a contractor for the U.S. Air Force for U-2 reconnaissance, Warthog Fighter, and Predator (UAV) programs. Concurrently, he also authored top Web sites and freeware antiviruses and other software, and has taught at multiple levels on a diverse range of topics.
Dunham is the author of multiple books, is a regular columnist, and has authored thousands of incident and threat reports over the past two decades. He holds a master’s of teacher education and several certifications: CISSP, GCFA Gold (forensics), GCIH Gold (Honors) (incident handling), GSEC (network security), GREM Gold (reverse engineering), and GCIA (intrusion detection). He is also the founder and former president of Idaho InfraGard and Boise ISSA, a member of multiple security organizations globally, and former Wildlist Organization reporter. In 2014, Dunham was awarded the esteemed ISSA International Distinguished Fellow status. Dunham is also the founder of the nonprofit organization Rampart Research, which meets the needs of over 1,000 cybersecurity experts globally.
Shane Hartman, CISSP, GREM, is a malware engineer at iSIGHT Partners, focusing on the analysis and characteristics of malicious code. He has been in the information technology field for 20 years covering a wide variety of areas including network engineering and security. He is also a frequent speaker at local security events and teaches security courses at the University of South Florida. Hartman holds a master’s degree in digital forensics from the University of Central Florida.
Jose Morales has been a researcher in cybersecurity since 1998, focusing on behavior-based malware analysis and detection and suspicion assessment theory and implementation. He graduated with his Ph.D. in computer science in 2008 from Florida International University and completed a postdoctoral fellowship at the Institute for Cyber Security at the University of Texas at San Antonio. He is a senior member of the Association of Computing Machinery (ACM) and IEEE.
Manu Quintans is a malware researcher linked from many years ago to the malware scene, as a collaborator with groups such Hacktimes.com and Malware Intelligence, developing expertise and disciplines related to malware research and response. He currently works as an intelligence manager for a Big4, performing campaign tracking of malware and supporting incidence response teams in the Middle East. He also chairs a nonprofit organization called mlw.re dedicated to the study of new online threats to assist organizations and computer emergency response teams (CERTs) combating such threats.
Tim Strazzere is a lead research and response engineer at Lookout Mobile Security. Along with writing security software, he specializes in reverse engineering and malware analysis. Some interesting past projects include reversing the Android Market protocol, Dalvik decompilers, and memory manipulation on mobile devices. Past speaking engagements have included DEFCON, BlackHat, SyScan, HiTCON, and EICAR.
Contenuti
Introduction to the Android Operating System and Threats
Android Development Tools
Risky Apps
Looking Closer at Android Apps
Malware Threats, Hoaxes, and Taxonomy
2010
FakePlayer
DroidSMS
FakeInst
TapSnake
SMSReplicator
Geinimi
2011
ADRD
Pjapps
BgServ
DroidDream
Walkinwat
zHash
DroidDreamLight
Zsone
BaseBridge
DroidKungFu
GGTracker
jSMSHider
Plankton
GoldDream
DroidKungFu2
GamblerSMS
HippoSMS
LoveTrap
Nickyspy
SndApps
Zitmo
DogWars
DroidKungFu3
GingerMaster
AnserverBot
DroidCoupon
Spitmo
JiFake
Batterydoctor
2012
AirPush
Boxer
Gappusin
Leadbolt
Adwo
Counterclank
SMSZombie
NotCompatible
Bmaster
LuckyCat
DrSheep
2013
GGSmart
Defender
Qadars
MisoSMS
FakeRun
TechnoReaper
BadNews
Obad
2014
DriveGenie
Torec
OldBoot
DroidPack
Open Source Tools
Locating and Downloading Android Packages
Vulnerability Research for Android OS
Antivirus Scans
Static Analysis
Linux File Command
Unzip the APK
Strings
Keytool Key and Certificate Management Utility
DexID
DARE
Dex2Jar
JD-GUI
JAD
APKTool
AndroWarn
Dexter
VisualThreat
Sandbox Analysis
AndroTotal
APKScan
Mobile Malware Sandbox
Mobile Sandbox
Emulation Analysis
Eclipse
DroidBox
AppsPlayground
Native Analysis
Logcat
Traceview and Dmtracedump
Tcpdump
Reverse Engineering
Androguard
AndroidAuditTools
Smali/Baksmali
AndBug
Memory Analysis
LiME
Memfetch
Volatility for Android
Volatilitux
Static Analysis
Collections: Where to Find Apps for Analysis
Google Play Marketplace
Marketplace Mirrors and Cache
Contagio Mobile
Advanced Internet Queries
Private Groups and Rampart Research Inc.
Android Malware Genome Project
File Data
Cryptographic Hash Types and Queries
Other Metadata
Antivirus Scans and Aliases
Unzipping an APK
Common Elements of an Unpacked APK File
Certificate Information
Permissions
Strings
Other Content of Interest within an APK
Creating a JAR File
VisualThreat Modeling
Automation
(Fictional) Case Study
Android Malware Evolution
Android Malware Trends and Reversing Tactics
Behavioral Analysis
Introduction to AVD and Eclipse
Downloading and Installing the ADT Bundle
The Software Development Kit Manager
Choosing an Android Platform
Choosing a Processor
Using HAXM
Configuring Emulated Devices within AVD
Location of Emulator Files
Default Image Files
Runtime Images: User Data and SD Card
Temporary Images
Setting Up an Emulator for Testing
Controlling Malicious Samples in an Emulated Environment
Additional Networking in Emulators
Using the ADB Tool
Using the Emulator Console
Applications for Analysis
Capabilities and Limitations of the Emulators
Preserving Data and Settings on Emulators
Setting Up a Physical Device for Testing
Limitations and Capabilities of Physical Devices
Network Architecture for Sniffing in a Physical Environment
Applications for Analysis
Installing Samples to Devices and Emulators
Application Storage and Data Locations
Getting Samples Off Devices
The Eclipse DDMS Perspective
Devices View
Network Statistics
File Explorer
Emulator Control
System Information
LogCat View
Filtering LogCat Output
Application Tracing
Analysis of Results
Data Wiping Method
Application Tracing on a Physical Device
Imaging the Device
Other Items of Interest
Using Google Services Accounts
Sending SMS Messages
Getting Apps from Google Play
Working with Databases
Conclusion
Building Your Own Sandbox
Static Analysis
Dynamic Analysis
Working Terminology for an Android Sandbox
Android Internals Overview
Android Architecture
Applications
Applications Framework
Libraries
Android Runtime
The Android Kernel
Build Your Own Sandbox
Tools for Static Analysis
Androguard
Radare2
Dex2Jar and JD-GUI
APKInspector
Keytool
Tools for Dynamic Analysis
TaintDroid
DroidBox
DECAF
TraceDroid Analysis Platform
Volatility Framework
Sandbox Lab (Codename AMA)
Architecture
Host Requirements
Operating System
Configuration
Running Sandbox
What Happens When You Upload Malware Samples, from a Dynamic Analysis Point of View
Conclusions about AMA
Case Study Examples
Usbcleaver
Checkpoint
Static Analysis
Checkpoint
Dynamic Analysis
Launch of the APK
Summary
Torec
Bibliography
Index
Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.
- EditoreAuerbach Publications
- Data di pubblicazione2014
- ISBN 10 1482252198
- ISBN 13 9781482252194
- RilegaturaCopertina rigida
- LinguaInglese
- Numero edizione1
- Numero di pagine242
Compra nuovo
Visualizza questo articolo
EUR 76,36
EUR 2,33 per la spedizione in U.S.A.
Destinazione, tempi e costiRisultati della ricerca per Android Malware and Analysis
Foto dell'editore
Android Malware and Analysis
Editore:
Auerbach Publications, 2014
ISBN 10: 1482252198
ISBN 13: 9781482252194
Antico o usato
Rilegato
Da: HPB-Red, Dallas, TX, U.S.A.
Valutazione del venditore 5 su 5 stelle
Hardcover. Condizione: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Codice articolo S_420246039
Quantità: 1 disponibili
Immagini fornite dal venditore
Android Malware and Analysis
Editore:
Auerbach Publications, 2014
ISBN 10: 1482252198
ISBN 13: 9781482252194
Antico o usato
Rilegato
Da: Solr Books, Lincolnwood, IL, U.S.A.
Valutazione del venditore 4 su 5 stelle
Condizione: good. This book is in Good condition. There may be some notes and highligting but otherwise the book is in overall good condition. Codice articolo BCV.1482252198.G
Quantità: 1 disponibili
Immagini fornite dal venditore
Android Malware and Analysis
Da: GreatBookPrices, Columbia, MD, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo 21657501-n
Quantità: 1 disponibili
Foto dell'editore
Android Malware and Analysis
Da: PBShop.store US, Wood Dale, IL, U.S.A.
Valutazione del venditore 5 su 5 stelle
HRD. Condizione: New. New Book. Shipped from UK. Established seller since 2000. Codice articolo FT-9781482252194
Quantità: 1 disponibili
Immagini fornite dal venditore
Android Malware and Analysis
Editore:
Auerbach Publications, 2014
ISBN 10: 1482252198
ISBN 13: 9781482252194
Antico o usato
Rilegato
Da: GreatBookPrices, Columbia, MD, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: As New. Unread book in perfect condition. Codice articolo 21657501
Quantità: 1 disponibili
Foto dell'editore
Android Malware and Analysis
Da: PBShop.store UK, Fairford, GLOS, Regno Unito
Valutazione del venditore 4 su 5 stelle
HRD. Condizione: New. New Book. Shipped from UK. Established seller since 2000. Codice articolo FT-9781482252194
Quantità: 1 disponibili
Foto dell'editore
Android Malware and Analysis
Print on DemandDa: Majestic Books, Hounslow, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: New. pp. 242 This item is printed on demand. Codice articolo 95308682
Quantità: 3 disponibili
Immagini fornite dal venditore
Android Malware and Analysis
Editore:
Auerbach Publications, 2014
ISBN 10: 1482252198
ISBN 13: 9781482252194
Antico o usato
Rilegato
Da: GreatBookPricesUK, Woodford Green, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: As New. Unread book in perfect condition. Codice articolo 21657501
Quantità: 1 disponibili
Immagini fornite dal venditore
Android Malware and Analysis
Da: GreatBookPricesUK, Woodford Green, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo 21657501-n
Quantità: 1 disponibili
Foto dell'editore
Android Malware and Analysis
Da: Books Puddle, New York, NY, U.S.A.
Valutazione del venditore 4 su 5 stelle
Condizione: New. pp. 242. Codice articolo 2698169941
Quantità: 3 disponibili