This book is currently available being published in November 2008.This is the best Book for Analyzing and Mitigating Mobile Malicious Code!
- ISBN-10: 1597492981
- ISBN-13: 978-1597492980
Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices.
* Visual Payloads
View attacks as visible to the end user, including notation of variants.
* Timeline of Mobile Hoaxes and Threats
Understand the history of major attacks and horizon for emerging threates.
* Overview of Mobile Malware Families
Identify and understand groups of mobile malicious code and their variations.
* Taxonomy of Mobile Malware
Bring order to known samples based on infection, distribution, and payload strategies.
* Phishing, SMishing, and Vishing Attacks
Detect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques.
* Operating System and Device Vulnerabilities
Analyze unique OS security issues and examine offensive mobile device threats.
* Analyze Mobile Malware
Design a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware.
* Forensic Analysis of Mobile Malware
Conduct forensic analysis of mobile devices and learn key differences in mobile forensics.
* Debugging and Disassembling Mobile Malware
Use IDA and other tools to reverse-engineer samples of malicious code for analysis.
* Mobile Malware Mitigation Measures
Qualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents.
* Understand the History and Threat Landscape of Rapidly Emerging Mobile Attacks
* Analyze Mobile Device/Platform Vulnerabilities and Exploits
* Mitigate Current and Future Mobile Malware Threats
My section is:
Mobile malicious code and the forensic analyst.
Table of contents and Summary introduction
Objectives in this chapter:
• Mobile Forensics
o Investigative Methods of Mobile Forensics
o Mobile Investigative Tips
o Deploying Mobile Forensic Tools
• PDA and SmartPhone Forensics
o Special Hardware
o Operating systems
§ Symbian
§ Microsoft
§ Linux Variants
o Issues in Forensics
o Malicious Code and the Mobile Device
• Introduction to the Blackberry
o Operating System of the Blackberry
o Blackberry Operation and Security Capabilities
o Forensic Examination of a Blackberry
o Attacking the Blackberry
o Securing the Blackberry
• iPhone Forensics
o Misuse of an iPhone
o iPhone Investigation
o The iPhone and the Sync Host System
o User Accounts
o Deleted Files
o iPhone Time Issues
o iPhone Tools
• A Forensic analysis of Malicious Code on the Mobile Device
o Reproducibility of evidence in the case of dead forensic analysis
o Connectivity options and their impact on dead and live forensic analysis
o Operating Systems (OS) and File Systems (FS)
o Available Hardware
o Existing Forensic Tools and Toolkits
• Mobile Phones and Evidence
o Back-end analysis techniques
o New techniques to extract Data
o Unsoldering flash to read it externally
o EM Monitoring
• Conclusion
The design of MMC commonly relies on social engineering techniques that are designed to have the use run executable code such as VBScript, Java and ActiveX. This browser based approach adds new and often complicated twists to the forensic analysis of computer systems.
