Сообщение

Dunham K., Hartman S., Morales J.A., Quintans M., Strazzere T. - Android Malware and Analysis [2014, PDF, ENG]

Сообщение Солнышко » 28 янв 2018, 17:03

Android Malware and Analysis
Год издания: 2014
Автор: Dunham K., Hartman S., Morales J.A., Quintans M., Strazzere T.
Издательство: Auerbach Publications
ISBN: 978-1482252194
Язык: Английский
Формат: PDF
Качество: Издательский макет или текст (eBook)
Интерактивное оглавление: Да
Количество страниц: 242
Описание: The rapid growth and development of Android-based devices has resulted in a wealth of sensitive information on mobile devices that offer minimal malware protection. This has created an immediate need for security professionals that understand how to best approach the subject of Android malware threats and analysis.
In Android Malware and Analysis, Ken Dunham, renowned global malware expert and author, teams up with international experts to document the best tools and tactics available for analyzing Android malware. The book covers both methods of malware analysis: dynamic and static.
This tactical and practical book shows you how to use to use dynamic malware analysis to check the behavior of an application/malware as it has been executed in the system. It also describes how you can apply static analysis to break apart the application/malware using reverse engineering tools and techniques to recreate the actual code and algorithms used.
The book presents the insights of experts in the field, who have already sized up the best tools, tactics, and procedures for recognizing and analyzing Android malware threats quickly and effectively. You also get access to an online library of tools that supplies what you will need to begin your own analysis of Android malware threats. Tools available on the book’s site include updated information, tutorials, code, scripts, and author assistance.
This is not a book on Android OS, fuzz testing, or social engineering. Instead, it is about the best ways to analyze and tear apart Android malware threats. After reading the book, you will be able to immediately implement the tools and tactics covered to identify and analyze the latest evolution of Android threats.
Contents
Preface xi
Acknowledgments xiii
Authors xv
Conventions xix
Chapter 1 I ntroduction to the Android Operating
System and Threats 1
Android Development Tools 2
Risky Apps 3
Looking Closer at Android Apps 5
Chapter 2 M alware Threats, Hoaxes, and Taxonomy 7
2010 7
FakePlayer 7
DroidSMS 8
FakeInst 8
TapSnake 8
SMSReplicator 9
Geinimi 9
2011 10
ADRD 10
Pjapps 11
BgServ 11
DroidDream 11
Walkinwat 12
zHash 13
DroidDreamLight 13
Zsone 14
BaseBridge 14
DroidKungFu1 15
GGTracker 16
jSMSHider 16
Plankton 17
GoldDream 18
DroidKungFu2 18
GamblerSMS 19
HippoSMS 19
LoveTrap 19
Nickyspy 20
SndApps 20
Zitmo 21
DogWars 21
DroidKungFu3 22
GingerMaster 22
AnserverBot 23
DroidCoupon 23
Spitmo 24
JiFake 24
Batterydoctor 24
2012 25
AirPush 25
Boxer 25
Gappusin 26
Leadbolt 26
Adwo 26
Counterclank 27
SMSZombie 27
NotCompatible 27
Bmaster 27
LuckyCat 28
DrSheep 28
2013 28
GGSmart 28
Defender 29
Qadars 29
MisoSMS 29
FakeRun 30
TechnoReaper 30
BadNews 31
Obad 31
2014 32
DriveGenie 32
Torec 32
OldBoot 33
DroidPack 33
Chapter 3 O pen Source Tools 35
Locating and Downloading Android Packages 36
Vulnerability Research for Android OS 37
Antivirus Scans 37
Static Analysis 38
Linux File Command 38
Unzip the APK 38
Strings 39
Keytool Key and Certificate Management Utility 39
DexID 39
DARE 40
Dex2Jar 40
JD-GUI 41
JAD 41
APKTool 41
AndroWarn 41
Dexter 42
VisualThreat 43
Sandbox Analysis 43
AndroTotal 45
APKScan 45
Mobile Malware Sandbox 45
Mobile Sandbox 45
Emulation Analysis 45
Eclipse 45
DroidBox 46
AppsPlayground 46
Native Analysis 46
Logcat 46
Traceview and Dmtracedump 46
Tcpdump 47
Reverse Engineering 47
Androguard 47
AndroidAuditTools 48
Smali/Baksmali 48
AndBug 48
Memory Analysis 48
LiME 49
Memfetch 49
Volatility for Android 49
Volatilitux 49
Chapter 4 Static Analysis 51
Collections: Where to Find Apps for Analysis 52
Google Play Marketplace 52
Marketplace Mirrors and Cache 53
Contagio Mobile 53
Advanced Internet Queries 53
Private Groups and Rampart Research Inc. 53
Android Malware Genome Project 54
File Data 54
Cryptographic Hash Types and Queries 55
Other Metadata 56
Antivirus Scans and Aliases 57
Unzipping an APK 57
Common Elements of an Unpacked APK File 57
Certificate Information 58
Permissions 59
Strings 60
Other Content of Interest within an APK 61
Creating a JAR File 62
VisualThreat Modeling 62
Automation 62
(Fictional) Case Study 63
Chapter 5 A ndroid Malware Evolution 71
Chapter 6 A ndroid Malware Trends and Reversing
Tactics 77
Chapter 7 Behavioral Analysis 91
Introduction to AVD and Eclipse 91
Downloading and Installing the ADT Bundle 92
The Software Development Kit Manager 93
Choosing an Android Platform 94
Processor Emulation 95
Choosing a Processor 95
Using HAXM 95
Configuring Emulated Devices within AVD 96
Location of Emulator Files 99
Default Image Files 100
Runtime Images: User Data and SD Card 100
Temporary Images 100
Setting Up an Emulator for Testing 101
Controlling Malicious Samples in an Emulated Environment 102
Additional Networking in Emulators 102
Using the ADB Tool 103
Using the Emulator Console 103
Applications for Analysis 104
Capabilities and Limitations of the Emulators 105
Preserving Data and Settings on Emulators 105
Setting Up a Physical Device for Testing 106
Limitations and Capabilities of Physical Devices 108
Network Architecture for Sniffing in a Physical Environment 109
Applications for Analysis 110
Installing Samples to Devices and Emulators 111
Application Storage and Data Locations 112
Getting Samples Off Devices 112
The Eclipse DDMS Perspective 113
Devices View 113
Network Statistics 116
File Explorer 116
Emulator Control 117
System Information 117
LogCat View 117
Filtering LogCat Output 117
Application Tracing 118
Analysis of Results 118
Data Wiping Method 122
Application Tracing on a Physical Device 122
Imaging the Device 124
Other Items of Interest 126
Using Google Services Accounts 126
Sending SMS Messages 126
Getting Apps from Google Play 127
Working with Databases 127
Conclusion 128
Chapter 8 Building Your Own Sandbox 129
Static Analysis 130
Dynamic Analysis 131
Working Terminology for an Android Sandbox 131
Android Internals Overview 131
Android Architecture 132
Applications 133
Applications Framework 133
Libraries 134
Android Runtime 135
The Android Kernel 139
Build Your Own Sandbox 144
Tools for Static Analysis 144
Androguard 144
Radare2 146
Dex2Jar and JD-GUI 147
APKInspector 148
Keytool 148
Tools for Dynamic Analysis 149
TaintDroid 149
DroidBox 150
DECAF 151
TraceDroid Analysis Platform 151
Volatility Framework 152
Sandbox Lab (Codename AMA) 152
Architecture 153
Host Requirements 154
Operating System 154
Configuration 158
Running Sandbox 162
Static Analysis of Uploaded Malware Samples 164
Dynamic Analysis of Uploaded Malware Samples 168
Conclusions about AMA 173
Chapter 9 C ase Study Examples 175
Usbcleaver 175
Checkpoint 180
Static Analysis 180
Checkpoint 185
Dynamic Analysis 185
Launch of the APK 187
Summary 195
Torec 196
Bibliography 205

Постеры

Соцсети

 

Статистика

Автор: Солнышко
Добавлен: 28 янв 2018, 17:03
Размер: 4.28 МБ
Размер: 4 488 749 байт
Сидеров: 0
Личеров: 0
Скачали: 0
Здоровье: 0%
Скорость скачивания: 0 байт/сек
Скорость раздачи: 0 байт/сек
Последний сидер: Нет
Последний личер: Нет
Приватный: Нет (DHT включён)
Сеть и безопасность Скачать торрент
Скачать торрент
[ Размер 1.86 КБ / Просмотров 0 ]

Поделиться



  • Похожие торренты
    Ответы
    Просмотры
    Последнее сообщение

Вернуться в Сеть и безопасность