Androids vs. Android: Synthetic Mobile Malware Analysis

Presented at THOTCON 0x5 (2014), April 25, 2014, 1 p.m. (50 minutes)

In today's world of smartphone ubiquity, mobile malware is an increasingly prevalent (and difficult to mitigate) threat. One problem area for contemporary malware analysts is determining which apps legitimately need the permissions they request, and which have nefarious motivations. This presentation introduces a novel approach to mobile malware analysis at scale: synthetic sentiment analysis. Leveraging associative models of permissions, analysts can quickly determine which apps "feel" most suspicious--a huge time saver in a field with millions of apps to assess.

Presenters:

• David Shaw
  David has extensive experience in many aspects of information security. After starting his career in perimeter analysis and external threat research, David joined Redspin in 2009 and has performed several roles within the organization. David is currently Redspin's Chief Technology Officer, specializing in application security and managing a team of highly skilled engineers.

Similar Presentations:

• VB2015 / Cross-platform mobile malware: write once run everywhere
• NolaCon 2014 / Androids vs. Android: Synthetic Mobile Malware Analysis
• ToorCon San Diego 15 (2013) / Death by Numbers: Scalable Mobile Malware Heuristics