Dunham / Hartman / Quintans | Android Malware and Analysis | E-Book | www2.sack.de
E-Book

E-Book, Englisch, 242 Seiten

Dunham / Hartman / Quintans Android Malware and Analysis


1. Auflage 2014
ISBN: 978-1-4822-5220-0
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

E-Book, Englisch, 242 Seiten

ISBN: 978-1-4822-5220-0
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

The rapid growth and development of Android-based devices has resulted in a wealth of sensitive information on mobile devices that offer minimal malware protection. This has created an immediate demand for security professionals that understand how to best approach the subject of Android malware threats and analysis.

In Android Malware and Analysis, Ken Dunham, renowned global malware expert and author, teams up with international experts to document the best tools and tactics available for analyzing Android malware. The book covers both methods of malware analysis: dynamic and static.

This tactical and practical book shows you how to use to use dynamic malware analysis to check the behavior of an application/malware as it has been executed in the system. It also describes how you can apply static analysis to break apart the application/malware using reverse engineering tools and techniques to recreate the actual code and algorithms used.

The book presents the insights of experts in the field, who have already sized up the best tools, tactics, and procedures for recognizing and analyzing Android malware threats quickly and effectively. You also get access to an online library of tools that supplies what you will need to begin your own analysis of Android malware threats. Tools available on the book’s site include updated information, tutorials, code, scripts, and author assistance.

This is not a book on Android OS, fuzz testing, or social engineering. Instead, it is about the best ways to analyze and tear apart Android malware threats. After reading the book, you will be able to immediately implement the tools and tactics covered to identify and analyze the latest evolution of Android threats.

Dunham / Hartman / Quintans Android Malware and Analysis jetzt bestellen!

Zielgruppe

IT professionals involved with network, computer, and device security and forensics.

Autoren/Hrsg.

Dunham, Ken
Hartman, Shane
Quintans, Manu
Morales, Jose Andre
Strazzere, Tim

Fachgebiete

Weitere Infos & Material

Introduction to the Android Operating System and Threats
Android Development Tools
Risky Apps
Looking Closer at Android Apps

Malware Threats, Hoaxes, and Taxonomy
2010
FakePlayer
DroidSMS
FakeInst
TapSnake
SMSReplicator
Geinimi
2011
ADRD
Pjapps
BgServ
DroidDream
Walkinwat
zHash
DroidDreamLight
Zsone
BaseBridge
DroidKungFu
GGTracker
jSMSHider
Plankton
GoldDream
DroidKungFu2
GamblerSMS
HippoSMS
LoveTrap
Nickyspy
SndApps
Zitmo
DogWars
DroidKungFu3
GingerMaster
AnserverBot
DroidCoupon
Spitmo
JiFake
Batterydoctor
2012
AirPush
Boxer
Gappusin
Leadbolt
Adwo
Counterclank
SMSZombie
NotCompatible
Bmaster
LuckyCat
DrSheep
2013
GGSmart
Defender
Qadars
MisoSMS
FakeRun
TechnoReaper
BadNews
Obad
2014
DriveGenie
Torec
OldBoot
DroidPack

Open Source Tools
Locating and Downloading Android Packages
Vulnerability Research for Android OS
Antivirus Scans
Static Analysis
Linux File Command
Unzip the APK
Strings
Keytool Key and Certificate Management Utility
DexID
DARE
Dex2Jar
JD-GUI
JAD
APKTool
AndroWarn
Dexter
VisualThreat
Sandbox Analysis
AndroTotal
APKScan
Mobile Malware Sandbox
Mobile Sandbox
Emulation Analysis
Eclipse
DroidBox
AppsPlayground
Native Analysis
Logcat
Traceview and Dmtracedump
Tcpdump
Reverse Engineering
Androguard
AndroidAuditTools
Smali/Baksmali
AndBug
Memory Analysis
LiME
Memfetch
Volatility for Android
Volatilitux

Static Analysis
Collections: Where to Find Apps for Analysis
Google Play Marketplace
Marketplace Mirrors and Cache
Contagio Mobile
Advanced Internet Queries
Private Groups and Rampart Research Inc.
Android Malware Genome Project
File Data
Cryptographic Hash Types and Queries
Other Metadata
Antivirus Scans and Aliases
Unzipping an APK
Common Elements of an Unpacked APK File
Certificate Information
Permissions
Strings
Other Content of Interest within an APK
Creating a JAR File
VisualThreat Modeling
Automation
(Fictional) Case Study

Android Malware Evolution

Android Malware Trends and Reversing Tactics

Behavioral Analysis
Introduction to AVD and Eclipse
Downloading and Installing the ADT Bundle
The Software Development Kit Manager
Choosing an Android Platform
Choosing a Processor
Using HAXM
Configuring Emulated Devices within AVD
Location of Emulator Files
Default Image Files
Runtime Images: User Data and SD Card
Temporary Images
Setting Up an Emulator for Testing
Controlling Malicious Samples in an Emulated Environment
Additional Networking in Emulators
Using the ADB Tool
Using the Emulator Console
Applications for Analysis
Capabilities and Limitations of the Emulators
Preserving Data and Settings on Emulators
Setting Up a Physical Device for Testing
Limitations and Capabilities of Physical Devices
Network Architecture for Sniffing in a Physical Environment
Applications for Analysis
Installing Samples to Devices and Emulators
Application Storage and Data Locations
Getting Samples Off Devices
The Eclipse DDMS Perspective
Devices View
Network Statistics
File Explorer
Emulator Control
System Information
LogCat View
Filtering LogCat Output
Application Tracing
Analysis of Results
Data Wiping Method
Application Tracing on a Physical Device
Imaging the Device
Other Items of Interest
Using Google Services Accounts
Sending SMS Messages
Getting Apps from Google Play
Working with Databases
Conclusion

Building Your Own Sandbox
Static Analysis
Dynamic Analysis
Working Terminology for an Android Sandbox
Android Internals Overview
Android Architecture
Applications
Applications Framework
Libraries
Android Runtime
The Android Kernel
Build Your Own Sandbox
Tools for Static Analysis
Androguard
Radare2
Dex2Jar and JD-GUI
APKInspector
Keytool
Tools for Dynamic Analysis
TaintDroid
DroidBox
DECAF
TraceDroid Analysis Platform
Volatility Framework
Sandbox Lab (Codename AMA)
Architecture
Host Requirements
Operating System
Configuration
Running Sandbox
What Happens When You Upload Malware Samples, from a Dynamic Analysis Point of View
Conclusions about AMA

Case Study Examples
Usbcleaver
Checkpoint
Static Analysis
Checkpoint
Dynamic Analysis
Launch of the APK
Summary
Torec

Bibliography

Index

Patricia A. Gabow, MD, MACP, was CEO of Denver Health from 1992 until her retirement in 2012, initially transforming it from a department of city government to a successful, independent governmental entity and then leading its Lean transformation. Denver Health’s Lean effort earned the Shingo Bronze Medallion for Operational Excellence, the first healthcare entity in the world to receive such recognition. Prior to becoming CEO, Dr. Gabow was a practicing nephrologist and academic researcher serving as chief of nephrology, director of medical services, and chief medical officer at Denver Health. Dr. Gabow is a member of the Medicaid and CHIP Payment and Access Commission (MACPAC), the Robert Wood Johnson Foundation Board of Trustees, the Institute of Medicine Roundtable on Value and Science Driven Health Care, the National Governors’ Association Health Advisory Board, and a senior advisor to Simpler. She is a professor of medicine at the University of Colorado School of Medicine and has authored more than 150 articles and book chapters. She earned her MD degree from the University of Pennsylvania School of Medicine. She has received numerous awards including the AMA Nathan Davis Award for Outstanding Public Servant, the National Healthcare Leadership Award, the David E. Rogers Award from the Association of American Medical Colleges (AAMC), the Health Quality Leader Award from the National Committee for Quality Assurance (NCQA), and was elected to the Association for Manufacturing Excellence for her work in bringing Lean into healthcare.

Philip L. Goodman, MS, RRT, was the director of the Lean Systems Improvement Department at Denver Health, overseeing the Lean facilitators and Lean educational initiatives. In this role he led the operational aspects of the Lean transformation effort, the Black Belt training program, and the Lean Academy at Denver Health. Goodman was employed at Denver Health from 1979 until his retirement in 2013. Prior to directing the Lean Systems Improvement Department, he was the service line administrator for the Department of Medicine and director of respiratory therapy at Denver Health. Goodman is a Denver Health Master Black Belt and a registered respiratory therapist.

He earned his master’s degree in healthcare administration from Regis University in Denver. Goodman has conducted numerous presentations of Denver Health’s Lean transformation effort at the national level.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.