Description: As organizations look to deploy larger numbers of mobile devices this year, there is widespread disagreement over which platforms are more secure, what mobile security measures are effective, and what the greatest risks of these platforms are. At the same time, the mobile malware community is developing rapidly and several successful attacks have been executed against iOS and Android. In this talk, we demonstrate an intelligence-driven approach to mobile defense, focused on attacker capabilities and methods, with data collected from past remote attacks against Android and iOS. This analysis identifies the means by which exploits are developed and distributed in attacks, separates defenses that work from defenses that don't, and provides analytical tools that attendees can use to objectively evaluate the exploitability of mobile platforms. Finally, we use this empirical data on attacker capabilities to make projections on where mobile malware is headed in the near to long term.
Dan Guido leads the strategic vision for Trail of Bits products and services and manages its day-to-day operations. His most recent research applied intelligence-driven defense to mass malware and demonstrated that, contrary to popular belief, only a very small number of vulnerabilities are used in such massive exploitation campaigns.
Mike Arpaia is a security consultant and researcher at iSEC Partners. Mike's current research interests include mobile device security, cloud infrastructure security and secure protocols.
Tags: securitytube , hacking , hackers , information security , convention , computer security , SOURCE-boston-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.