Mobile Device attack graphs for fun and profit

Presented at ToorCon San Diego 14 (2012), Oct. 20, 2012, noon (50 minutes).

Attack graphs represent the various options an attacker has available to achieve their goal. We often hear that mobile devices are bringing on totally new, never before seen attacks. The differences can be esoteric and difficult to explain to a non-technical audience. While they can open up new avenues of attack, they are similar in nature to previously seen attacks. We will show how a form of attack graph can work as a shorthand to explain these mobile attacks to management and others.

A beneficial side effect of these mobile attack graphs is the ability to overlay protection or mitigation methods. Not just scaring your audience but at a glance telling them how they can defend mobile attacks.


Presenters:

  • Jimmy Shah
    Jimmy Shah is a Mobile Security Researcher for McAfee.  He works in mobile/embedded systems security.  If it's lighter than a car, has a microprocessor, and is likely to be a target, then it's probably his problem.  He regularly presents on mobile threat research at computer security conferences.

Similar Presentations: