Mo­bi­le Mal­wa­re: Outlook and Defense Strategies


mobworm





Software programs marked as malicious - also called malware - are programs which are used by attackers to execute malicious actions on a computer system. Some examples are the sending of spam messages or stealing of private information from the victims computer. Nowadays such malware is seen as a big threat on the Internet and countermeasures must be taken.

Smartphone The majority of malware samples are focused on the Microsoft Windows operating system. But mobile devices, and specifically smartphones, emerge as a new target platform. These devices have access to more and more CPU power and memory in each new generation and they are capable of performing almost the same tasks as a normal computer can do. They additionally also contain a lot of information which are of great value for possible attackers, such as passwords, private conversations and address books. Several hundred different variants of malicious software for such devices have already been spotted and it can be taken for granted, that many more will follow over the next years. This assumption is backed up by the fact that these devices will have access to an ever-rising amount of data which is even more attractive for attackers. Additionally, it is rather easy for an attacker to directly monetize a successful attack: the possibility to send short messages to premium rated numbers can easily generate a hefty revenue. Therefore, effective countermeasures against mobile malware have to be developed to detect and mitigate the risks of mobile malware.



DURATION

September 2010 - June 2013 Kabelpflanze

CONTACT PERSON

FURTHER INFORMATION


SELECTED PUBLICATIONS

Jo­han­nes Hoff­mann; Ste­phan Neu­mann; Thors­ten Holz: Mobile Malware Detection Based on Energy Fingerprints - a Dead End?

In: Re­se­arch in At­tacks, In­tru­si­ons and De­fen­ses (RAID) Sym­po­si­um, St. Lucia, Oc­to­ber 2013

Micha­el Spreit­zen­barth, Flo­ri­an Echt­ler, Tho­mas Schreck, Felix C. Frei­ling, Jo­han­nes Hoff­mann: Mobile-Sandbox - Looking Deeper Into Android Applications In: 28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Co­im­bra, Por­tu­gal, March 2013

Jo­han­nes Hoff­mann, Mar­tin Uss­ath, Micha­el Spreit­zen­barth, Thors­ten Holz: Slicing Droids - Program Slicing for Smali Code In: 28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Co­im­bra, Por­tu­gal, March 2013

Jo­han­nes Hoff­mann, Se­bas­ti­an Uel­len­beck, Thors­ten Holz: SmartProxy - Secure Smartphone-Assisted Login on Compromised Machines In: 9th Con­fe­rence on De­tec­tion of In­tru­si­ons and Mal­wa­re & Vul­nerabi­li­ty As­sess­ment (DIMVA), He­ra­kli­on, Greece, July 2012

Lucas Davi, Alex­an­dra Dmi­t­ri­en­ko, Ma­nu­el Egele, Tho­mas Fi­scher, Thors­ten Holz, Ralf Hund, Ste­fan Nürn­ber­ger, Ah­mad-Re­za Sa­de­ghi MOCFI: A Framework to Mitigate Control-Flow Attacks on Smartphone In: An­nual Net­work & Di­stri­bu­ted Sys­tem Se­cu­ri­ty Sym­po­si­um (NDSS), San Diego, Fe­bru­ary 2012

Micha­el Be­cher , Felix C. Frei­ling, Jo­han­nes Hoff­mann, Thors­ten Holz, Se­bas­ti­an Uel­len­beck, Chris­to­pher Wolf: Mobile Security Catching up? Revealing the Nuts and Bolts of the Security of Mobile Devices In: IEEE Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy ("Oak­land"), Ber­ke­ley, CA, May 2011