|
PRESENTATION:
|
When the medicine is more dangerous than the disease: mobile antivirus security assessment
|
|
PRESENTER(S):
|
Alexander Bolshev, Security Consultant for IOActive and Ivan Yuskevich, Digital Security
|
|
CONFERENCE:
|
CONFidence 2016
|
|
LOCATION:
|
Forum Hotel, Krakow, Poland
|
|
DATE & TIME:
|
May 19, 2016 at 16:40PM
|
Mobile malware sprang up in the cellular world shortly after the appearance of the first smartphone. Ever since, the number of infected devices has steadily increased. While platform developers have combated the problem by establishing trusted sources and analysing application code, antivirus vendors appeared on the stage with mobile versions of their products. This has led to heated debates on topics such as “is mobile antivirus software necessary?” and “does mobile antivirus software really protect smartphones?” Rather than adding another chapter to that debate, Alexander and Yvan aim to answer a different question: “is it SECURE to use mobile antivirus software?”
Alexander and Yvan assessed the security posture of a sampling of Android mobile antivirus products. What they found is in some cases using mobile antivirus software puts your smartphone at greater risk than not using it at all. Most antivirus software demands too many permissions, which could have negative consequences. Remote code execution, absence of code signing or cryptographic support, fake antivirus defense, insecure update methods, denial of service; these are just a few of the flaws the researchers found. Multiply the number of flaws by the millions of times these products have been downloaded and you begin to see the scope of the real threat.
In this talk, Alexander and Yvan will discuss security vulnerabilities in mobile antivirus software, outline the most common flaws, and share some statistics that put the potential impact of the problem into meaningful perspective. They aim to provide attendees with an answer to the question, “is it SECURE to use mobile antivirus software?”
About Alexander Bolshev
Alexander Bolshev is a Security Consultant for IOActive. He holds a Ph.D. in computer security and works as an assistant professor at Saint-Petersburg State Electrotechnical University. His research interests lie in distributed systems, as well as mobile, hardware, and industrial protocol security. He is the author of several whitepapers on topics of heuristic intrusion detection methods, Server Side Request Forgery attacks, OLAP systems, and ICS security. He is a frequent presenter at security conferences around the world, including Black Hat USA/EU/UK, ZeroNights, t2.fi, CONFIdence, and S4.
About Ivan Yushkevich
Ivan is the Information Security Auditor at Digital Security. His main area of interest is analysis of source code. He likes to seek out bugs and searches for vulnerabilities in the source code of applications ranging from simple websites to enterprise software. He also has vast experience in banking systems and web application penetration testing.
About CONFidence 2016
CONFidence was created in 2005 by a group of enthusiasts that wanted to improve the security of operating systems and applications. Within a few years it transformed into the biggest meeting of hackers and IT security experts in Poland. CONFidence is an endless source of knowledge, an opportunity to improve your skills, exchange experiences with experts and meet international specialists. Technical lectures, practical workshops and relaxed discussions at the party. CONFidence gathers 500 attendees each year: top specialists on IT security from the government, industry, bank sector and universities as well as scientists and software developers.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
###