mobile malware why the traditional av paradigm is doomed
play

Mobile Malware: Why the traditional AV paradigm is doomed, and how - PowerPoint PPT Presentation

Oct 22, 2022 •259 likes •454 views

Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect physics to detect undesirable routines Guy Stewart VP Engineering Fatskunk Inc. The Malware Problem The Malware Problem Trojans, Rootkits, the

  1. Mobile Malware: Why the traditional AV paradigm is doomed, and how to use physics to detect physics to detect undesirable routines Guy Stewart VP Engineering Fatskunk Inc.

  2. The Malware Problem The Malware Problem Trojans, Rootkits, the Zero Day Apocalypse

  3. Threats

  4. Threats

  5. Untrustworthy Supply Chains

  6. Software Attestation Software Attestation Introduction to Software Attestation using Principles of Physics

  7. Approach: Measure by Displacement

  8. The software Space / Time trade-off

  9. Approach 1. Stop execution of all programs (malware may refuse) monolith kernel malware malware honest software, data, or passive malware cache

  10. Approach 1. Stop execution of all programs (malware may refuse) monolith 2. Overwrite “free” memory with kernel pseudo-random content (malware refuses again) malware malware cache

  11. Approach 1. Stop execution of all programs (malware may refuse) monolith 2. Overwrite “free” memory with pseudo- kernel random content (malware refuses again) again) malware malware 3. Compute keyed digest of all memory (access order unknown a priori) cache

  12. Verify results

  13. Commercial Applications

  14. Secure Execution Environment (SXE)

  15. OS Secure Boot

  16. TrustZone Normal World

  17. Interconnected Embedded Systems Client Verifier Client Verifier Client

  18. FatSkunk.com Guy Stewart : Guy@FatSkunk.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
Ubiquitous and Mobile Computing CS 528: A Survey of Mobile Malware in the Wild Alex Fortier

Ubiquitous and Mobile Computing CS 528: A Survey of Mobile Malware in the Wild Alex Fortier

Ubiquitous and Mobile Computing CS 528: A Survey of Mobile Malware in the Wild Alex Fortier Computer Science Dept. Worcester Polytechnic Institute (WPI) What is mobile malware? Targeted at Android, iOS, Symbian (discontinued), Windows Phone

507 views • 17 slides
Mobile and Ubiquitous Computing CS 525M: A Survey of Mobile Malware in the Wild Hiromu Enoki

Mobile and Ubiquitous Computing CS 525M: A Survey of Mobile Malware in the Wild Hiromu Enoki

Mobile and Ubiquitous Computing CS 525M: A Survey of Mobile Malware in the Wild Hiromu Enoki Computer Science Dept. Worcester Polytechnic Institute (WPI) 1 Introduction Mobile Malware is fairly recent July 2004 Cabir virus came out on

487 views • 24 slides
WHY MOBILE TO MOBILE MALWARE WONT CAUSE A STORM Nathaniel Husted Steven Myers Indiana

WHY MOBILE TO MOBILE MALWARE WONT CAUSE A STORM Nathaniel Husted Steven Myers Indiana

WHY MOBILE TO MOBILE MALWARE WONT CAUSE A STORM Nathaniel Husted Steven Myers Indiana University Monday, April 4, 2011 MOBILE TO MOBILE MALWARE Bluetooth (Mabir/Cabir/Commwarrior) Vs. MMS (Mabir/Commwarrior) Symbian OS -- Dominant

338 views • 21 slides
Experiences of of La Landing Machine Le Learning onto Market-Scale Mobile Malware Detection

Experiences of of La Landing Machine Le Learning onto Market-Scale Mobile Malware Detection

Experiences of of La Landing Machine Le Learning onto Market-Scale Mobile Malware Detection Liangyi Gong, Zhenhua Li, Feng Qian, Zifan Zhang, Qi Alfred Chen, Zhiyun Qian, Hao Lin, Yunhao Liu Mobile Malware Detection Android App Markets

424 views • 29 slides
Retroac(ve Detec(on of Malware with Applica(ons to Mobile Pla8orms Markus Jakobsson

Retroac(ve Detec(on of Malware with Applica(ons to Mobile Pla8orms Markus Jakobsson

Retroac(ve Detec(on of Malware with Applica(ons to Mobile Pla8orms Markus Jakobsson KarlAnders Johansson FatSkunk 1 Market forecast for mobile More smartphones than PCs in 23 years Dominant pla@orms targeted 4G will fuel

790 views • 16 slides
A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web

A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web

A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web Alexei Bulazel & Blent Yener River Loop Security Rensselaer Polytechnic Institute (RPI) Introduction Automated dynamic malware analysis is

684 views • 33 slides
Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till

Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till

Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Drges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Drges Protection Malware seen

739 views • 57 slides
9. Evaluation Outline 9.1. Cranfield Paradigm & TREC 9.2. Non-Traditional Measures 9.3.

9. Evaluation Outline 9.1. Cranfield Paradigm & TREC 9.2. Non-Traditional Measures 9.3.

9. Evaluation Outline 9.1. Cranfield Paradigm & TREC 9.2. Non-Traditional Measures 9.3. Incomplete Judgments 9.4. Low-Cost Evaluation 9.5. Crowdsourcing 9.6. Online Evaluation Advanced Topics in Information Retrieval / Evaluation 2

573 views • 40 slides
FlowDroid Alex Mariakakis From CSE 501 again Motivation All sorts of mobile malware exist

FlowDroid Alex Mariakakis From CSE 501 again Motivation All sorts of mobile malware exist

FlowDroid Alex Mariakakis From CSE 501 again Motivation All sorts of mobile malware exist Selling user information to advertisement/ marketing companies Stealing user credentials Premium rate calls and SMS SMS spam

843 views • 17 slides
Mobile Mapping | Mass Data Collection Traditional methods of data collection can be THE

Mobile Mapping | Mass Data Collection Traditional methods of data collection can be THE

Jimmy Jordan | GISP JULY 2018 Mobile Mapping | Mass Data Collection Traditional methods of data collection can be THE PROBLEM Time- Labor- Costly Dangerous Consuming Intensive MOBILE MAPPING: THE SOLUTION What is mobile mapping?

1.11k views • 36 slides
What could possibly go right? AGRICULTURE IS DOOMED. OR MAYBE NOT. SD Corn Growers 1/20/18

What could possibly go right? AGRICULTURE IS DOOMED. OR MAYBE NOT. SD Corn Growers 1/20/18

What could possibly go right? AGRICULTURE IS DOOMED. OR MAYBE NOT. SD Corn Growers 1/20/18 johnwphipps@gmail.com I foresee many predictions Tis the season Demand-driven Impossible to ignore Change our imagination Impactful

239 views • 12 slides
Agenda 1. Capital One 2. Traditional Batch Analytics 3. The Great Paradigm Shift Real-Time

Agenda 1. Capital One 2. Traditional Batch Analytics 3. The Great Paradigm Shift Real-Time

Agenda 1. Capital One 2. Traditional Batch Analytics 3. The Great Paradigm Shift Real-Time Analytics 4. What are the Drivers? 5. Apache Flink Next Generation Big Data Analytics Framework 6. Business Use Case: Customer Activity Event Logs 7.

1.05k views • 47 slides
Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al [FSE 14] Presented by Maaz Ahmad The Malware Problem (Feb, 2015) Motive Security Labs estimates 16 million infected mobile devices. [1]

828 views • 30 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

540 views • 42 slides
Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware

Malware What is malware? Malware: malicious software worm ransomware adware virus trojan horse etc. and how do we fight it? AV software Firewalls Filtering Patching Writing more secure software

567 views • 22 slides
Pace Layers The social economy ecosystem has many layers, all of which change at different

Pace Layers The social economy ecosystem has many layers, all of which change at different

Pace Layers The social economy ecosystem has many layers, all of which change at different rates, the outer layers moving faster than the inner Source: Stewart Brand, The Clock of the Long Now 1 | Confidential & Proprietary 2 |

421 views • 4 slides
Cycle 2 2019: Broad PCORI Funding Announcements (PFAs) Applicant Town Hall May 15, 2019 Agenda

Cycle 2 2019: Broad PCORI Funding Announcements (PFAs) Applicant Town Hall May 15, 2019 Agenda

Cycle 2 2019: Broad PCORI Funding Announcements (PFAs) Applicant Town Hall May 15, 2019 Agenda About PCORI Programmatic Overview Patient and Stakeholder Engagement Administrative Overview Merit Review Criteria Resources

590 views • 54 slides
RECSM Summer School: Facebook + Topic Models Pablo Barber a School of International Relations

RECSM Summer School: Facebook + Topic Models Pablo Barber a School of International Relations

RECSM Summer School: Facebook + Topic Models Pablo Barber a School of International Relations University of Southern California pablobarbera.com Networked Democracy Lab www.netdem.org Course website: github.com/pablobarbera/big-data-upf

1.08k views • 53 slides
Plans for installa,on Jim Stewart BNL July 18 2018 DUNE Far Detector layout Bridge There

Plans for installa,on Jim Stewart BNL July 18 2018 DUNE Far Detector layout Bridge There

Plans for installa,on Jim Stewart BNL July 18 2018 DUNE Far Detector layout Bridge There is no rock pillar. Assembly work outside the cryostat occurs under the bridge. Detector Equipment is inserted Cryostat through a TCO Assembly

300 views • 29 slides
SBA and Programs to Know About First Wednesday Virtual Learning Series 2018 www.sba.gov 1

SBA and Programs to Know About First Wednesday Virtual Learning Series 2018 www.sba.gov 1

SBA and Programs to Know About First Wednesday Virtual Learning Series 2018 www.sba.gov 1 Hosts Chris Eischen, Procurement Center Representative SBA Office of Government Contracting, Area IV, Kansas City, MO christopher.eischen@sba.gov

1.07k views • 64 slides
Duncan Stewart, PE Agenda 1. The Enterprise Scheduling Model Overview 2. Disadvantages of the

Duncan Stewart, PE Agenda 1. The Enterprise Scheduling Model Overview 2. Disadvantages of the

McDONOUGH BOLYARD PECK CONSTRUCTION ENGINEERING Enterprise Schedule Management in Support of Dynamic Construction Simulations Duncan Stewart, PE Agenda 1. The Enterprise Scheduling Model Overview 2. Disadvantages of the Traditional Paradigm

223 views • 19 slides
Verified Calculation of Nonlinear Dynamics of Viscous Detonation Christopher M. Romick,

Verified Calculation of Nonlinear Dynamics of Viscous Detonation Christopher M. Romick,

Verified Calculation of Nonlinear Dynamics of Viscous Detonation Christopher M. Romick, University of Notre Dame, Notre Dame, IN Tariq D. Aslam, Los Alamos National Laboratory, Los Alamos, NM and Joseph M. Powers University of Notre Dame,

382 views • 26 slides
Sever: A Robust Meta-Algorithm for Stochastic Optimization Ilias Diakonikolas 1 , Gautam Kamath 2

Sever: A Robust Meta-Algorithm for Stochastic Optimization Ilias Diakonikolas 1 , Gautam Kamath 2

Sever: A Robust Meta-Algorithm for Stochastic Optimization Ilias Diakonikolas 1 , Gautam Kamath 2 , Daniel M. Kane 3 , Jerry Li 4 , Jacob Steinhardt 5 , Alistair Stewart 1 (alphabetical order) 1 USC 2 Waterloo 3 UCSD 4 MSR AI 5 Berkeley DEFENDING

402 views • 19 slides

More recommend