Mobile Malware - Why the Traditional AV Paradigm Is Doomed

Explore the challenges and limitations of traditional anti-virus paradigms for mobile devices in this Black Hat USA 2013 conference talk. Delve into the issues of signature-based and behavioral detection, including their impact on handset power resources and the reluctance of carriers to deliver timely firmware updates. Examine the shortcomings of cloud-based screening and hardware-supported security solutions. Investigate software-based attestation techniques that rely on device physics to detect malicious routines. Learn about the concept of Secure Execution Environment (SXE) and how it addresses mobile malware threats. Gain insights into the software time-space trade-off and its implications for mobile security. Understand the complexities of securing mobile devices against malware in an era of untrustworthy supply chains and evolving threat landscapes.