NEMESYS: First Year Project Experience in Telecom Italia Information Technology
|
|
- Daniel Mathews
- 8 years ago
- Views:
Transcription
1 NEMESYS: First Year Project Experience in Telecom Italia Information Technology Madalina Baltatu, Rosalia D Alessandro, and Roberta D Amico 1 Introduction Nowadays smartphones are ubiquitous, their usage continues to grow all over the world. With the International Telecommunication Union (ITU) estimating global mobile subscriptions at 6 billion at the end of 2011, it is calculated that global smartphones penetration is now 16.7 percent [7]. Smartphones are devices built on full-fledged operating systems, with advanced computing capabilities and enhanced connectivity (3G/4G, Wi-fi, bluetooth). They are also personal digital assistants, media players, compact digital cameras, video cameras, GPS navigation devices, and even tuners for musical instruments. Smartphones are also beginning to be used for direct paying (like debit cards), and to get access to enterprise premises. They are all equipped with web browsers and other network applications that use highspeed Wi-fi data access and mobile broadband, or proximity bluetooth access. Mobile application developers have immediately understood the opportunity presented by smartphones deployment, and, at the present time, mobile applications stores are the major drivers of smartphones adoption in everyday life. Unfortunately, smartphones are also becoming attractive for cyber criminals and malware developers. Ever since 2011, mobile malware has started to grow steadily. It seems that the trend is similar to that followed by malware developed for personal computers, but in a much faster way. Moreover, differently from traditional computer platforms, smartphones are natively a source of profit (since they have available the users phone and data traffic credit), and this makes them a great target of attacks. The spreading of smartphones also imply that Mobile Network Operators (MNOs) are required to provide appropriate protection and security mechanisms to their core network and, if possible, to their customers devices. Telecom M. Baltatu, R. D Alessandro, R. D Amico Security Lab, Telecon Italia Information Technology, Via Reiss Romoli 274, Turin, Italy, madalina.baltatu,rosalia.dalessandro,roberta.damico@it. telecomitalia.it 1
2 2 Madalina Baltatu, Rosalia D Alessandro, and Roberta D Amico Italia is aware of the potential threat compromissed smartphones represent to mobile networks. This is the main rational that motivates our presence in the NEMESYS project. NEMESYS aims to respond to these challenges by designing a comprehensive security infrastructure able to offer protection to both devices and mobile networks. Other contributions made in the context of the NEMESYS project are detailed in [1, 2, 3, 4, 5]. The material presented in this paper is organised as follows: Section 2 presents some statistics on mobile platforms market penetration and mobile malware spreading during the last years. Section 3 describes the main activities related to mobile security in Telecom Italia Information Technology. Section 4 presents the first year participation of our organization to the NEMESYS project, while the last Section contains the concluding remarks. 2 Mobile Platforms and Malware Statistics In this section we present some significant statistics computed from worldwide data, on mobile platforms distribution and malware spreading, in order to understand the importance of mobile security. 2.1 Mobile Platforms Statistics At the end of 2011 the smartphones market penetration worldwide has reached and surpassed one billion units [7]. In 2012 Andorid and ios account for the significant majority of the global smartphone installed base: [8] shows that these platforms represented 92 percent of global smartphone shipments in the fourth quarter of Furthermore, it appears that smartphones represent the technology that is spreading faster than any other technology in human history except for television [9], and this happens even in developing countries. Figure 1 illustrates the market shares of the main mobile operating systems in the first half of 2012, as presented in [10]. We can see that in the last two years, the four most popular mobile platforms are, in order: Android, Apple ios, Symbian OS and RIM (Blackberry). Statistics computed from real data collected in the mobile network of Telecom Italia during a single day in 2012 (the first half of the year) shows the following distribution of the mobile operating systems of the devices registered to the network: most of the registered phones still run the Symbian OS, they are followed by ios and Android. The distribution per OS of the traffic coming from these devices shows that 63 percent of the network data traffic is generated by ios smartphones, followed by Android devices. By the end of 2012, the situation changed significantly: Android surpassed both Symbian and ios, with 31 percent of the terminals registered to the network run-
3 NEMESYS: First Year Project Experience 3 Fig. 1 The mobile market: the shares of the main mobile OSes in ning Android, 29 percent Symbian OS and 21.6 percent ios. BlackBerry is at the 4th place, while a small number of devices run Nokia OS, Windows Phone, and Bada OS. The data traffic is still mainly generated by ios phones, but Android is following up very fast. According to a six-month study during 2012 presented in [12], 67 percent of the measured web traffic during this time period came from ios devices. Android accounted for about half of the overall traffic. As we may see, these findings are in line with the statistics performed on instantaneous data collected in Telecom Italia mobile network. In February 2013, another report [13] shows that Android took the lead from ios in mobile data traffic. 2.2 Malware Statistics Mobile malware spreading increased steadily all along 2012, overriding the predictions [14]. According to public statistics presented in [15], the malware volume doubled in the last quarter of 2012 if compared to the same period one year before. An interesting view on the phenomenon is offered in [16], which provides an image of the mobile malware spreading during 2012, where Android is the incontestable leader: 98,96 percent of all malware is Android malware! This situation is also illustrated in [15], which shows Android at 97 percent, followed by Symbian and Java ME. Even if the actual figures change slightly from one malware statistics to another, we can note that, Android always holds the leadership. Popularity comes at a price: the most open and the most spread mobile OS at the moment is also the preferred target of malware. Malware rates for the other platforms are so insignificant that, in the majority of malware reports, the statistics are only shown for Android.
4 4 Madalina Baltatu, Rosalia D Alessandro, and Roberta D Amico 2.3 Malware Classification Usually, an application is classified as malware if it performs one or more of the following actions: leaks device or personal information (including user credentials), or spies on users activity; sends premium rate SMS messages, makes premium rate calls, makes subscription to paid services; exploits a vulnerability or software bug on the device to cause it to do something the user does not expects; roots (or jailbreaks) the device to give the attacker control over it; installs a backdoor or turns the device into a bot client; downloads a secondary piece of malicious code from a website (using the http/https channel) or an arbitrary remote server; is destructive to users device or data stored therein; sends spam messages via SMS or spam s from the device; steals private users information and publish it on the Internet, demanding a price to delete it. It is also interesting to take into consideration malware classifications implicitly proposed by the major mobile antivirus companies in their periodical reports. For example, [17] estimates that, from more than six million people affected by Android malware from June 2011 to June 2012, many were affected by Toll Fraud applications. The prevalence of Toll Fraud malware grew from 29 percent of the application-based threats in the third quarter of 2011 to more than 62 percent in the second quarter of The classification proposed in [17] is: Toll fraud, Bot client, App Downloader, Infostealer, Contact Spammer, Rooter, Destructive. In [19], while describing the mobile security trends in 2013, a malware classification is proposed, based on the main malware behaviour patterns: Info Stealers, Spyware, Adware, Premium SMS, Fraud, Exploit, Rooting Malware, Backdoor/Botnet, Hacktool, Downloader/Installer, Destructive, SMS Spam. The distribution in the wild of these typologies is also given for a long period of observation, from 2007 to 2012, where Info stealers, Spywares, SMS senders and Adware are placed at the top of the list. 3 Mobile Security in Telecom Italia Information Technology In the followings, we offer an overview on some ongoing activities in Telecom Italia Information Technology (Security Lab) in the field of mobile security. 3.1 SMS Spam Reporting Service During 2012 Security Lab developed a prototype spam reporting service, that helps the operator to identify the spam received by mobile users over the SMS channel. The service is specified by the GSMA [27], which states that a mobile network operator has to dedicate a specific short number in order for its customers to be able to report any SMS they received which they consider spam.
5 NEMESYS: First Year Project Experience 5 At the beginning of 2013 we started a trial of this service (implemented on Android platforms), dedicated exclusively to employees. The idea is to understand what is the actual level of SMS spam received by this category of users, and, also to investigate if such initiatives of participative security services are well accepted by the users. The next steps will be to extend the trial to other categories of customers, and, also to evaluate possible countermeasures to deploy in order to mitigate the problem. 3.2 Mobile Malware and Application Analisys Security Lab started to study mobile malware in a systematic manner (and as a separate phenomenon from generic PC malware) since 2010/2011, when mobile malware displayed a significant growth (mainly for Android platforms). Since Android is the preferred target of attacks, an automated applications analyser was developed to evaluate the potential danger of an Android application package (apk). The system implements static analysis techniques to obtain a detailed application s behaviour description together with a comprehensive risk value, and uses and extends the Androguard framework [23]. Briefly, the system looks at all APIs used by the application and maps them to the requested permissions (declared in the application s Manifest) [22], in order to detect incoherencies between them. Our work enhances a similar approach proposed in [24], by exhaustively checking whether the declared permissions are effectively used, and whether actions that are not explicitly permitted are performed (in order to avoid permission escalation). We also look for critical APIs usage and Intents abuse. Furthermore, we propose a risk taxonomy and a mapping between the application behaviour and this set of risks. Briefly, the most relevant risks are related to the root privileges escalation, the use of encrypted code, the presence of binary code and/or dynamic code loading, Internet activities, the presence of exploits, the use of dangerous APIs, SMS receipt, sending and interception, phone call activities, user privacy violations (leakage of device and user information), the presence of critical system permissions, and the monitoring and/or modification of the device state (e.g., phone state, network state, active tasks, etc.). Some activities (SMS, calls and Internet) are also related to the economic loss risk. A detailed analysis of the apk archive is also performed, in order to detect potential threats, like embedded applications, infected files (e.g., apk or elf binary libraries already classified as malicious), and shell scripts with potentially dangerous commands. Many malware applications attempt to conceal their purposes. Often, they alter files with some innocuous extension (e.g., png or jpg). Morover, the system is also able to look for URLs and phone numbers, which might be used by the application to communicate with C&C servers or spend the user s money by making calls or sending SMS messages to premium numbers. The risk computation extends the original risk.py module implemented in Androguard by adding additional risks categories, which concur to compute the global
6 6 Madalina Baltatu, Rosalia D Alessandro, and Roberta D Amico risk score. This value is computed by combining all the risk values in a fuzzy [21] system. During 2012, some interesting statistics have been computed, based on real apk data organized in two databases. The first database is a set of free applications downloaded from GooglePlay, while the second contains 1488 known malware samples classified in 90 distinct families, most of them available on Contagio- MiniDump [25]. Figure 2 shows the risk scores distribution for these two datasets. We can see that free applications from GooglePlay are concentrated in the score intervals from 60 to 80, while malware in the intervals which goes from 70 to 90. There is a significant overlapping window which can imply both false positives and false negatives in anomaly based malware detection systems. In our experience, applications that obtain security risk scores major than 70 are to be considered potentially damaging for the device and its user. Fig. 2 Risk scores distribution for malware and legitimate apps. Moreover, legitimate applications obtained unexpected high risk values on several categories like dynamic, exploit, root privileges, dangerous APIs, while the malware set obtained high values on economic loss, Internet, SMS, and privacy violation categories, and significant risks on their archive files. As far as malware is concerned, the privacy violation is the most significant risk encountered, while, for applications downloaded from GooglePlay, the dangerous API usage risk is the highest. These results show that, quite often, a legitimate free application is not as innocuous as users may believe. This may be an effect of either poor programming or the presence of potentially unwanted code (mainly related to adware or due to recycled code).
7 NEMESYS: First Year Project Experience 7 4 The First Year Participation in NEMESYS The participation in the NEMESYS European project is considered a great opportunity in Telecom Italia Information Technology, since this project can provide effective tools for mobile malware monitoring and infection prevention. The value of the NEMESYS approach if compared to the existing approaches nowadays consists in the fact that it takes into consideration a plethora of input information sources to offer a better response to incidents, together with a prevention mechanism. Current mobile security solutions are entirely reactive and non predictive. We envision that NEMESYS can become the starting point for MNOs to cooperate in providing an extended mobile malware response and prevention network. The goal of NEMESYS is to create and develop new security technologies in mobile networks. These technologies are meant to protect both terminals (in particular smartphone devices) and the network core elements. Mobile security is a fast moving field, where new vulnerabilities and their exploits need to be detected and analyzed on a (quasi) real time basis. In order to advance in the field of mobile security, the new technologies must become proactive and work on predicting threats and vulnerabilities. Ideally, the defences must be built before threats materialize. Therefore, the NEMESYS s purpose is to gather and analyse information about the nature of attacks targeting smart mobile devices, so that appropriate countermeasures can be taken to prevent all potential damage (to the core network and devices themselves). NEMESYS will adopt the honeypot scheme for the most popular smartphone platforms. An infrastructure will be developed to collect all susceptible information (possible attack traces), detect and provide early warning of attacks on mobile devices and mobile networks. By correlating the extracted information with the known patterns of attacks extracted from wireline networks, NEMESYS plans to reveal and identify the possible synergies between the two ecosystems (wired and wireless). The first activity related to this kind of realization is the compilation of a thorough state of the art in security threats and attacks against mobile devices and in the field of analysis of current practices. The state of the art and the trends in mobile malware are to be closely monitored during all the project life time. An important activity that TIIT will continue to perform inside NEMESYS is the active monitoring of mobile malware spreading in its own mobile network. To this purpose, TIIT will leverage the deployment of mobile honeypots, in order to better understand the phenomenon of mobile malware spreading and to offer optimal protection to the mobile network and its users. A honeypot is a computer system, built and deployed only for the goal of being attacked and compromised, in order to study new attacks and to serve as an early warning system [26]. A mobile honeypot is a new concept in network security. At the present moment, the majority of honeypots are PC-based, at best they only simulate a mobile environment (like Android and ios). Security Lab already deploys a PC-based passive honeypots that emulate Android and ios responses for some services.
8 8 Madalina Baltatu, Rosalia D Alessandro, and Roberta D Amico Nevertheless, PC-based or emulated environments are to be considered far insufficient in order to have a real perception of mobile malware. To get the pulse of the situations the honeypot has to actually become mobile and collect all the activities that the users perform on their devices. Since we consider this approach of great importance, TIIT will have an active role in all the processes that are related to testing all practical instruments provided by NEMESYS (both mobile honeypots and the virtualization mechanisms proposed by our partners). TIIT is also involved in the definition of both system requirements and framework architecture. We hope to bring a significant contribution to these two tasks, leveraging our experience on mobile network systems and our interaction with customers, which helps us to be very sensitive to our real end users needs. 5 Conclusions The NEMESYS projet represents a great challenge and a great opportunity for Telecom Italia Information Technology. In our vision, NEMESYS can change the way people look at mobile security. This project tries to modify the paradigm that mobile security has adopted all along its first years of existence. Mobile security is basically deployed on terminals only (antiviruses, mobile security suites and the same). Some research work was proposed in order to begin the monitor at a more centralized level (through IP-based honeypost that emulate a mobile OS). But, at the present time, there is no correlation between these mechanisms, and no correlation between these and mobile network security mechanisms (if they exist at all). NEMESYS tries to combine the device-side security instruments with network side anomalies monitoring, in order to offer an effective global security to all mobile network components. In our opinion, both mobile users and MNOs can benefit from this approach. Acknowledgements The work presented in this paper is part of the Project NEMESYS (Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem) which has received funding from the European Union Seventh Framework Programme (FP7) under grant agreement References 1. E. Gelenbe, G. Görbil, D. Tzovaras, S. Liebergeld, D. Garcia, M. Baltatu, G. Lyberopoulos, NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem, in Proc. 28th Int. Symp. on Computer and Information Sciences (IS- CIS 13), Paris - France, 2013, accepted for publication 2. S. Papadopoulos, D. Tzovaras, Towards Visualizing Mobile Network Data, Proc. 28th Int. Symp. on Computer and Information Sciences (ISCIS 13), Paris - France, 2013, accepted for publication
9 NEMESYS: First Year Project Experience 9 3. L. Delosieres, D. Garcia, Infrastructure for Detecting Android Malware, Proc. 28th Int. Symp. on Computer and Information Sciences (ISCIS 13), Paris - France, 2013, accepted for publication 4. S. Liebergeld, M. Lange, Android Security, Pitfalls, Lessons Learned and BYOD, Proc. 28th Int. Symp. on Computer and Information Sciences (ISCIS 13), Paris, France, 2013, accepted for publication 5. O. Abdelrahman, E. Gelenbe, G. Gorbil, B. Oklander, Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach, Proc. 28th Int. Symp. on Computer and Information Sciences (ISCIS 13), Paris, France, 2013, accepted for publication 6. Portio Research Ltd. UK, Mobile Factbook 2012, com 7. mobithinking, Global mobile statistics 2012 Part A, 8. Strategy Analytics, Android and Apple ios Capture a Record 92 Percent Share of Global Smartphone Shipments in Q4 2012, 9. Technology Review, Are Smart Phones Spreading Faster than Any Technology in Human History?, Gartner, Market Share: Mobile Devices, Worldwide, 2Q12, com/resid= ZDNet, ios users generate twice as much web traffic than Android users, zdnet.com 12. Chitika Insights, Six-Month Study: Apple ios Users Consume Growing Amount of Web Traffic, December InfoWorld, Android takes the lead from ios in mobile data traffic, February, 2013, http: // 14. Trend Micro, Mobile malware surged from 30K to 175K, Q3 2012, trendmicro.com 15. McAfee, Threats Report: Fourth Quarter 2012, Kaspersky Labs, Kaspersky Security Bulletin The overall statistics for 2012, http: // 17. Lookout Inc. US, State of mobile security 2012, resources/reports/state-of-mobile-security F-Secure Labs, Mobile Threats Report Q3 2012, McAfee, Mobile Security: McAfee Consumer Trends Report 2013, mcafee.com 20. Droidbox Team, Droidbox. Android Application Sandbox, com/p/droidbox/ 21. J. Jantzen, Tutorial on Fuzzy Logic, Technical University of Denmark, Oersted-DTU, Automation, Bldg 326, 2800 Kongens Lyngby, DENMARK. Tech. report no 98-E 868 (logic), revised 17 Jun Google Inc., Android Permissions, Androguard Team, Androguard: Reverse engineering, Malware and goodware analysis of Android applications, A.Apvrille, T.Strazzere, Reducing the window of opportunity for Android malware. Gotta catch em all, Journal in Computer Virology 8(1-2): (2012) 25. Contagio malware, Mobile malware mini dump archive, blogspot.it/ 26. C. Mulliner, S. Liebergeld, and M. Lange, Poster: HoneyDroid - Creating a Smartphone Honeypot, IEEE Symposium on Security and Privacy, March GSMA, GSMA SPAM Reporting Services, technicalprojects/gsma-spam-reporting-services
Defending Behind The Device Mobile Application Risks
Defending Behind The Device Mobile Application Risks Tyler Shields Product Manager and Strategist Veracode, Inc Session ID: MBS-301 Session Classification: Advanced Agenda The What The Problem Mobile Ecosystem
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationKaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking
Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey
More informationRunning Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University
Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1 Awareness of BYOD Security Concerns Benjamin Tillett-Wakeley East Carolina University AWARENESS OF BYOD SECURITY CONCERNS 2 Abstract This paper will
More informationEnterprise Apps: Bypassing the Gatekeeper
Enterprise Apps: Bypassing the Gatekeeper By Avi Bashan and Ohad Bobrov Executive Summary The Apple App Store is a major part of the ios security paradigm, offering a central distribution process that
More informationWhite Paper. Three Steps To Mitigate Mobile Security Risks
White Paper Three Steps To Mitigate Mobile Security Risks Bring Your Own Device Growth The Bring Your Own Device (BYOD) trend caught on with users faster than IT expected, especially as ios and Android
More informationElevation of Mobile Security Risks in the Enterprise Threat Landscape
March 2014, HAPPIEST MINDS TECHNOLOGIES Elevation of Mobile Security Risks in the Enterprise Threat Landscape Author Khaleel Syed 1 Copyright Information This document is an exclusive property of Happiest
More informationKaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing
Kaspersky Fraud Prevention platform: a comprehensive solution for secure Today s bank customers can perform most of their financial operations online. According to a global survey of Internet users conducted
More informationMobile App Reputation
Mobile App Reputation A Webroot Security Intelligence Service Timur Kovalev and Darren Niller April 2013 2012 Webroot Inc. All rights reserved. Contents Rise of the Malicious App Machine... 3 Webroot App
More informationEnterprise Mobile Threat Report
Enterprise Mobile Threat Report The State of ios and Android Security Threats to Enterprise Mobility I. Introduction This report examines enterprise security threats for ios and Android. While Android
More informationAnalysis of advanced issues in mobile security in android operating system
Available online atwww.scholarsresearchlibrary.com Archives of Applied Science Research, 2015, 7 (2):34-38 (http://scholarsresearchlibrary.com/archive.html) ISSN 0975-508X CODEN (USA) AASRC9 Analysis of
More informationCHECK POINT Mobile Security Revolutionized. [Restricted] ONLY for designated groups and individuals
CHECK POINT Mobile Security Revolutionized [Restricted] ONLY for designated groups and individuals 2014 Check Point Software Technologies Ltd. 1 Rapidly Expanding Mobile Threats MOBILE THREATS are ESCALATING
More informationChris Boykin VP of Professional Services
5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing
More information10 best practice suggestions for common smartphone threats
10 best practice suggestions for common smartphone threats Jeff R Fawcett Dell SecureWorks Security Practice Executive M Brandon Swain Dell SecureWorks Security Practice Executive When using your Bluetooth
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationMobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr
Mobile Security Framework; Advances in Mobile Governance in Korea TaeKyung Kim tkkim@stu.ac.kr I. e-banking in Korea 1. e-banking? BIS (Bank for International Settlements) - e-finance(electronic banking)
More informationG Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs
G Data Mobile MalwareReport Half-Year Report July December 2013 G Data SecurityLabs Contents At a glance... 2 Android malware: share of PUPs increasing significantly... 3 Android.Application consists of
More informationTutorial on Smartphone Security
Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security
More informationMobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus
Mobile Application Hacking for Android and iphone 4-Day Hands-On Course Syllabus Android and iphone Mobile Application Hacking 4-Day Hands-On Course Course description This course will focus on the techniques
More informationBYPASSING THE ios GATEKEEPER
BYPASSING THE ios GATEKEEPER AVI BASHAN Technology Leader Check Point Software Technologies, Ltd. OHAD BOBROV Director, Mobile Threat Prevention Check Point Software Technologies, Ltd. EXECUTIVE SUMMARY
More informationCYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP
CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP August 2014 RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information
More informationMOBILE MALWARE REPORT
TRUST IN MOBILE MALWARE REPORT THREAT REPORT: H2/2014 CONTENTS At a Glance 03-03 Forecasts and trends 04-04 Current situation: 4.500 new Android malware instances every day 05-05 Third-party App-Stores
More informationHow To Protect Your Mobile From Attack From A Signalling Storm
ICL, TUB, CERTH, Telecom Italia IT, COSMOTE, HISPASEC Erol Gelenbe Fellow of the French National Academy of Engineering Dynamic Real-Time Security for Seamless Service Provisioning in the Mobile Ecosystem
More informationIT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA
IT TRENDS AND FUTURE CONSIDERATIONS Paul Rainbow CPA, CISA, CIA, CISSP, CTGA AGENDA BYOD Cloud Computing PCI Fraud Internet Banking Questions The Mobile Explosion Mobile traffic data in 2011 was nearly
More informationPractical Attacks against Mobile Device Management (MDM) Michael Shaulov, CEO Daniel Brodie, Security Researcher Lacoon Mobile Security
Practical Attacks against Mobile Device Management (MDM) Michael Shaulov, CEO Daniel Brodie, Security Researcher Lacoon Mobile Security March 14, 2013 About: Daniel Security researcher for almost a decade
More informationTowards Visualizing mobile network data
Towards Visualizing mobile network data Stavros Papadopoulos and Dimitrios Tzovaras Abstract This paper presents the research directions that the visualization in the NEMESYS project will follow, so as
More informationMobile Malware Network View. Kevin McNamee : Alcatel-Lucent
Mobile Malware Network View Kevin McNamee : Alcatel-Lucent Agenda Introduction How the data is collected Lies, Damn Lies and Statistics Windows PC Malware Android Malware Network Impact Examples of malware
More informationKaspersky Security 10 for Mobile Implementation Guide
Kaspersky Security 10 for Mobile Implementation Guide APPLICATION VERSION: 10.0 MAINTENANCE RELEASE 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful
More informationLecture Embedded System Security A. R. Sadeghi, @TU Darmstadt, 2011 2012 Introduction Mobile Security
Smartphones and their applications have become an integral part of information society Security and privacy protection technology is an enabler for innovative business models Recent research on mobile
More informationPFP Technology White Paper
PFP Technology White Paper Summary PFP Cybersecurity solution is an intrusion detection solution based on observing tiny patterns on the processor power consumption. PFP is capable of detecting intrusions
More informationFeature List for Kaspersky Security for Mobile
Feature List for Kaspersky Security for Mobile Contents Overview... 2 Simplified Centralized Deployment... 2 Mobile Anti-Malware... 3 Anti-Theft / Content Security... Error! Bookmark not defined. Compliance
More informationNokia Networks. security you can rely on
Nokia Networks security you can rely on Protecting communication networks is critical 7 billion mobile subscriptions in 2014 1 Mobile broadband network traffic expected to grow by a factor of 1,000 by
More informationBYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager
BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager 1 AGENDA Mobile Explosion Mobile Trends BYOD Benefits, Challenges and Threats BYOD Security BYOD Strategy
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationSecurity Intelligence Services. Cybersecurity training. www.kaspersky.com
Kaspersky Security Intelligence Services. Cybersecurity training www.kaspersky.com CYBERSECURITY TRAINING Leverage Kaspersky Lab s cybersecurity knowledge, experience and intelligence through these innovative
More informationAdobe Flash Player and Adobe AIR security
Adobe Flash Player and Adobe AIR security Both Adobe Flash Platform runtimes Flash Player and AIR include built-in security and privacy features to provide strong protection for your data and privacy,
More informationBring Your Own Device Bring Your Own Data? Thursday 10th April 2014 Dai Davis Solicitor and Chartered Engineer Partner, Percy Crow Davis & Co
Bring Your Own Device Bring Your Own Data? Thursday 10th April 2014 Dai Davis Solicitor and Chartered Engineer Partner, Percy Crow Davis & Co Tel: 07785 771 721 E-mail: mail@daidavis.com Overview BYOD
More informationThe Increasing Threat of Malware for Android Devices. 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them
The Increasing Threat of Malware for Android Devices 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them INTRODUCTION If you own a smartphone running the Android operating system, like the
More informationMobile Device Management
1. Introduction Mobile Device Management This document introduces security risks with mobile devices, guidelines for managing the security of mobile devices in the Enterprise, strategies for mitigating
More informationThe Mobile Security Challenge: Opportunities & Issues Matthew Young, Security Programs Manager
The Mobile Security Challenge: Opportunities & Issues Matthew Young, Security Programs Manager Mobility -we have come a long way and where is it going? Image: Word Press Mobility To achieve mobility, two
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationSecurity challenges for internet technologies on mobile devices
Security challenges for internet technologies on mobile devices - Geir Olsen [geiro@microsoft.com], Senior Program Manager for Security Windows Mobile, Microsoft Corp. - Anil Dhawan [anild@microsoft.com],
More informationMobile App Security: Who Else is on Your Device? August 27, 2013
Mobile App Security: Who Else is on Your Device? August 27, 2013 Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London 1 2 Generously sponsored by: Welcome Conference Moderator Hari Pendyala ISSA Fellow
More informationMobile Application Security Sharing Session May 2013
Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers
More informationNEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem Erol Gelenbe, Gökçe Görbil, Dimitrios Tzovaras, Steffen Liebergeld, David Garcia, Madalina Baltatu and
More informationPractical Attacks against Mobile Device Management Solutions
Practical Attacks against Mobile Device Management Solutions Michael Shaulov, CEO michael@lacoon.com Daniel Brodie, Sr Security Researcher daniel@lacoon.com About: Daniel Security researcher for nearly
More informationBlackBerry 10.3 Work and Personal Corporate
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More information(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation
(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation DR. C. NTANTOGIAN 1, DR. C. XENAKIS 1, DR. G. KAROPOULOS 2 1 DEPT. O F DIGITAL SYST EMS,
More informationMulti State Information Sharing and Analysis Center. Briefing Paper. Keeping Your Broadband Internet Connection Secure
Multi State Information Sharing and Analysis Center Briefing Paper Keeping Your Broadband Internet Connection Secure August 2007 Broadband Internet Security Keeping Your Broadband Internet Connection Secure
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationData Protection Act 1998. Bring your own device (BYOD)
Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...
More informationAPPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK
APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK John T Lounsbury Vice President Professional Services, Asia Pacific INTEGRALIS Session ID: MBS-W01 Session Classification: Advanced
More informationStudy Group on Information Security Issues of Smartphone and Cloud Computing Final Report - Measures to be Taken for the Safe Use of Smartphones -
(Tentative translation) Study Group on Information Security Issues of Smartphone and Cloud Computing Final Report - Measures to be Taken for the Safe Use of Smartphones - June 29, 2012-1 - Table of Contents
More informationWebView addjavascriptinterface Remote Code Execution 23/09/2013
MWR InfoSecurity Advisory WebView addjavascriptinterface Remote Code Execution 23/09/2013 Package Name Date Affected Versions Google Android Webkit WebView 23/09/2013 All Android applications built with
More informationSECTOR 2015 Malware Activity in Mobile Networks Kevin McNamee (Alcatel-Lucent)
SECTOR 2015 Malware Activity in Mobile Networks Kevin McNamee (Alcatel-Lucent) Agenda How the data is collected Lies, Damn Lies and Statistics Windows PC Malware Android Malware Examples of malware Conclusion
More informationProtecting against Mobile Attacks
2014-APR-17 Protecting against Mobile Attacks Frankie Wong Security Analyst, HKCERT 1 Image source: http://www.techweekeurope.co.uk/news/mobile-malware-record-mcafee-125537 2 Agenda Attacks moving to mobile
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define
More informationMalware Trend Report, Q2 2014 April May June
Malware Trend Report, Q2 2014 April May June 5 August 2014 Copyright RedSocks B.V. 2014. All Rights Reserved. Table of Contents 1. Introduction... 3 2. Overview... 4 2.1. Collecting Malware... 5 2.2. Processing...
More informationMobile Security: Controlling Growing Threats with Mobile Device Management
Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work
More informationParticipatory Honeypots: A Paradigm Shift in the Fight Against Mobile Botnets
Participatory Honeypots: A Paradigm Shift in the Fight Against Mobile Botnets Pasquale Stirparo (@pstirparo) Laurent Beslay www.jrc.ec.europa.eu Serving society Stimulating innovation Supporting legislation
More informationPerception and knowledge of IT threats: the consumer s point of view
Perception and knowledge of IT threats: the consumer s point of view It s hard to imagine life without digital devices, be it a large desktop computer or a smartphone. Modern users are storing some of
More informationIJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.
Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the
More informationMobile multifactor security
Mobile multifactor security A revolution in authentication and digital signing Mobile multifactor security A revolution in authentication and digital signing Smartphones will continue to ship in high volumes,
More informationBasic Security Considerations for Email and Web Browsing
Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable
More informationWhy Email Encryption is Essential to the Safety of Your Business
Why Email Encryption is Essential to the Safety of Your Business What We ll Cover Email is Like a Postcard o The Cost of Unsecured Email 5 Steps to Implement Email Encryption o Know Your Compliance Regulations
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationGuideline on Auditing and Log Management
CMSGu2012-05 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Auditing and Log Management National Computer Board Mauritius
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationProtection for Mac and Linux computers: genuine need or nice to have?
Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent
More informationSecuring mobile devices in the business environment
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile
More informationLASTLINE WHITEPAPER. Large-Scale Detection of Malicious Web Pages
LASTLINE WHITEPAPER Large-Scale Detection of Malicious Web Pages Abstract Malicious web pages that host drive-by-download exploits have become a popular means for compromising hosts on the Internet and,
More informationFinding Hidden Gems in the App Ecosystem
Whitepaper Finding Hidden Gems in the App Ecosystem How appbackr and Appthority Sort Through Millions of Apps to Deliver a Curated List of the World s Best Apps August 2013 Introduction The mobile app
More informationDevelopment of Technology for Detecting Advanced Persistent Threat Activities
FOR IMMEDIATE RELEASE Development of Technology for Detecting Advanced Persistent Threat Activities Visualizing correlations among hosts having suspicious activities to detect attacks such as stealth malware
More informationUnknown threats in Sweden. Study publication August 27, 2014
Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large
More informationAgenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2
Mobile Security Agenda John Veldhuis, Sophos The playing field Threats Mobile Device Management Pagina 2 The Changing Mobile World Powerful devices Access everywhere Mixed ownership User in charge Powerful
More informationPrevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA
Prevent Malware attacks with F5 WebSafe and MobileSafe Alfredo Vistola Security Solution Architect, EMEA Malware Threat Landscape Growth and Targets % 25 Of real-world malware is caught by anti-virus Malware
More informationSymantec's Secret Sauce for Mobile Threat Protection. Jon Dreyfus, Ellen Linardi, Matthew Yeo
Symantec's Secret Sauce for Mobile Threat Protection Jon Dreyfus, Ellen Linardi, Matthew Yeo 1 Agenda 1 2 3 4 Threat landscape and Mobile Insight overview What s unique about Mobile Insight Mobile Insight
More informationIndian Computer Emergency Response Team (CERT-In) Annual Report (2010)
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More informationNetwork Test Labs (NTL) Software Testing Services for igaming
Network Test Labs (NTL) Software Testing Services for igaming Led by committed, young and dynamic professionals with extensive expertise and experience of independent testing services, Network Test Labs
More informationWireless Network Security
Wireless Network Security Bhavik Doshi Privacy and Security Winter 2008-09 Instructor: Prof. Warren R. Carithers Due on: February 5, 2009 Table of Contents Sr. No. Topic Page No. 1. Introduction 3 2. An
More informationSmartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved
Smartphone Security A Holistic view of Layered Defenses David M. Wheeler, CISSP, CSSLP, GSLC 1 The Smartphone Market The smartphone security market is expected to grow at a rate of 44 percent annually
More informationHow To Protect Your Network From Threats From Your Network (For A Mobile) And From Your Customers (For An Enterprise)
Plugging the Holes in Mobile Security: The Rising Threat Jennifer M. Pigg, VP of Research, Yankee Group Nick Wade, Group Product Manager, Symantec June 2011 Copyright 2011. Yankee Group Research, Inc.
More informationSmartphone Spying Tools Mylonas Alexios
Smartphone Spying Tools Mylonas Alexios Student Number: 100588864 Supervisor: Keith Martin Submitted as part of the requirements for the award of the MSc in Information Security at Royal Holloway, University
More informationMonitoring mobile communication network, how does it work? How to prevent such thing about that?
Monitoring mobile communication network, how does it work? How to prevent such thing about that? 潘 維 亞 周 明 哲 劉 子 揚 (P78017058) (P48027049) (N96011156) 1 Contents How mobile communications work Why monitoring?
More informationResearch on Situation and Key Issues of Smart Mobile Terminal Security
Research on Situation and Key Issues of Smart Mobile Terminal Security Hao-hao Song, Jun-bing Zhang, Lei Lu and Jian Gu Abstract As information technology continues to develop, smart mobile terminal has
More informationThe dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more
The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific
More informationMalware Detection in Android by Network Traffic Analysis
Malware Detection in Android by Network Traffic Analysis Mehedee Zaman, Tazrian Siddiqui, Mohammad Rakib Amin and Md. Shohrab Hossain Department of Computer Science and Engineering, Bangladesh University
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationA Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones
A Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones Anushree Pore, Prof. Mahip Bartere PG Student, Dept. of CSE, G H Raisoni College of Engineering, Amravati, Maharashtra,
More informationComputer Security DD2395
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare
More informationMarble & MobileIron Mobile App Risk Mitigation
Marble & MobileIron Mobile App Risk Mitigation SOLUTION GUIDE Enterprise users routinely expose their employers data and threaten network security by unknowingly installing malicious mobile apps onto their
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationINSTANT MESSAGING SECURITY
INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part
More informationPrimer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS
A Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS Even with today s breakthroughs in online communication, email is still one of the main ways that most
More informationIs Your Mobile Application Ready For Business?
Is Your Mobile Application Ready For Business? It is clear that mobile technologies will transform the enterprise. The simple math is that if information and communications are available at any place and
More informationBuilding a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved
Building a Mobile App Security Risk Management Program Your Presenters Who Are We? Chris Salerno, Consultant, Security Risk Advisors Lead consultant for mobile, network, web application penetration testing
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More information