Presented at
BSidesSF 2019,
March 2, 2019, 12:30 p.m.
(330 minutes).
TO REGISTER FOR THIS WORKSHOP, GO [HERE](https://bsidessf.regfox.com/2019). NOTE THAT SPACE IS VERY LIMITED.
This long-format workshop will provide a solid foundation in Android malware analysis. Attendees will be given an overview of important Android application components, introduced to open-source tools that are most useful for analyzing potentially malicious applications, and learn the best areas of an application to search for clues as to its malicious nature.
Throughout the workshop, we'll work on analyzing an interesting surveillanceware app through static and dynamic analysis with tools like APKTool, Dex2Jar, JD-GUI and Wireshark. We'll talk about ways to differentiate trojanized applications from benign, how to find mobile malware samples in the wild, and some additional resources for continued learning.
No prior reversing knowledge is required. Attendees should be relatively familiar with the command line and looking at code — even if it's not Java. A laptop capable of running a virtual machine is necessary.
Presenters:
-
Kristina Balaam
- Lookout
Kristina is a Security Intelligence Engineer at Lookout where she researches and reverse engineers malicious Android and iOS applications. Prior to Lookout, she was responsible for Android application security at Shopify. Kristina graduated with a Bachelor of Computer Science from McGill University in 2012 and is currently pursuing a MSc. in Information Security Engineering from the SANS Institute of Technology. She is passionate about cybersecurity education and blogs about infosec on Instagram, Twitter, and YouTube under the handle @chmodxx.
Links:
Similar Presentations: