Overview
Explore the evolving landscape of mobile malware in this 37-minute conference talk from AppSecEU 2016 in Rome. Delve into the history of viruses, from the first instances to Stuxnet, before focusing on the unique challenges posed by mobile devices. Examine the limitations of individual apps and the potential of accessibility capabilities. Investigate various analysis techniques, including dynamic analysis, IP bombs, static analysis, and paint analysis. Learn about methods to bypass static analysis through a live demonstration covering generating developer keys, patching code, and loading new APKs. Conclude with insights into blacklisting and the modern era of mobile security threats.
Syllabus
Introduction
Agenda
First Virus
Stuxnet
Mobile Devices
The challenge
One app cannot really influence all
Accessibility capabilities
Accessibility process
Draw of app
Android FO
Summary
Signatures
Dynamic Analysis
IP Bombs
Static Analysis
Paint Analysis
Bypass Static Analysis
Demo
Generating Developer Keys
Patching The Code
Loading The New APK
Blacklisting
Modern Era GO
Taught by
OWASP Foundation