Mobile Malware Attacks and Defense

By

  • Ken Dunham, Ken Dunham has more than a decade of experience on the front lines of information security. As Director of Global Response for iSIGHT Partners, he oversees all global cyber-threat response operations. He frequently briefs upper levels of federal and private-sector cyber security authorities on emerging threats, and regularly interfaces with vulnerability and geopolitical experts to assemble comprehensive malicious code intelligence and to inform the media of significant cyber threats. A major media company identified Mr. Dunham as the top quoted global malicious code expert in 2006. Mr. Dunham regularly discovers new malicious code, has written anti-virus software for Macintosh, and has written about malicious code for About.com, SecurityPortal, AtomicTangerine, Ubizen, iDEFENSE, and VeriSign. He is one of the pioneers of Internet community anti-virus support with websites rated as the best global resource by Yahoo Internet Life, PC WEEK, AOL and many others. Mr. Dunham is a member of the High Technology Crime Investigation Association (HTCIA), Government Emergency Telecommunications and Wireless Priority Service, AVIEN, Virus Bulletin, InfraGard, an RCG Information Security Think Tank, CME, and many other private information sharing channels. Mr. Dunham also participated in the CIA Silent Horizon (blue team) and DHS CyberStorm (observer) exercises. Mr. Dunham is a certified reverse engineer and regularly analyzes emergent exploits and malicious code threats and actors targeting client networks. He also works as a Wildlist Reporter each month with the Wildlist organization. He is the author of several books and is a regular columnist for an information security magazine. Mr. Dunham is also the founder of Boise Idaho Information Systems Security Association (ISSA) and Idaho InfraGard chapters.

Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices.
* Visual PayloadsView attacks as visible to the end user, including notation of variants.
* Timeline of Mobile Hoaxes and ThreatsUnderstand the history of major attacks and horizon for emerging threates.
* Overview of Mobile Malware FamiliesIdentify and understand groups of mobile malicious code and their variations.
* Taxonomy of Mobile MalwareBring order to known samples based on infection, distribution, and payload strategies.
* Phishing, SMishing, and Vishing AttacksDetect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques.
* Operating System and Device VulnerabilitiesAnalyze unique OS security issues and examine offensive mobile device threats.
* Analyze Mobile MalwareDesign a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware.
* Forensic Analysis of Mobile MalwareConduct forensic analysis of mobile devices and learn key differences in mobile forensics.
* Debugging and Disassembling Mobile MalwareUse IDA and other tools to reverse-engineer samples of malicious code for analysis.
* Mobile Malware Mitigation MeasuresQualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents.
View full description

Audience

Cellular providers, security professionals in finance and banking industry, anti-virus developers and consultants, as well as security researchers.

 

Book information

  • Published: October 2008
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-298-0


Table of Contents

Acknowledgements
Chapter 1 Introduction to Mobile Malware
Chapter 2 Visual Payloads
Chapter 3 Timeline of Mobile Malware, Hoaxes, and Threats
Chapter 4 Overview of Mobile Malware Families
Chapter 5 Taxonomy of Mobile Malware
Chapter 6 Phishing, SMishing, and Vishing
Chapter 7 Operating System and Device Vulnerability
Chapter 8 Analyzing Mobile Malware
Chapter 9 Forensic Analysis of Mobile Malware
Chapter 10 Debugging and Disassembly of MMC
Chapter 11 Mobile Malware Mitigation Measures
Glossary of Terms
Index