1 / 50

Seguridad y Protección de la Información Introducción

Pablo Garaizar Sagarminaga Jaime Devesa Esteban. Security of Information Systems Scientific Trends in InfoSec. Seguridad y Protección de la Información Introducción. Dr. Igor Santos. Contents. Malware detection Mobile Security Spam Filtering. PORTADA Definición. ¿What is malware ?.

tilly
Download Presentation

Seguridad y Protección de la Información Introducción

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pablo GaraizarSagarminaga Jaime Devesa Esteban Security of InformationSystemsScientificTrends in InfoSec Seguridad y Protección de la InformaciónIntroducción Dr. Igor Santos

  2. Contents • Malware detection • Mobile Security • Spam Filtering

  3. PORTADA Definición ¿What is malware?

  4. Malware: Definition • Malware • Anyexecutableexplicitallydesignedtoharmcomputersorcomputernetworks

  5. Malware • Malware • There are severaltypes of malware • Viruses • Worms • Spyware • Trojanhorses • Botnets

  6. Viruses

  7. Worms

  8. Spyware

  9. Trojanhorses

  10. Botnets

  11. Malware • Malware has changed

  12. Sought fame

  13. and glory

  14. Malware • In thebegining, fame and glory • Now..

  15. Money isallthatmatters

  16. Malware • In thebegining, fame and glory • Now, they seek money

  17. Malware • In thebegining, fame and glory • Now, they seek money • Implies Changes • A better hiding capability • More and more malware

  18. Malware • Malware detection • Based on signatures

  19. E8 0000000 call 0h 5B pop ebx 8D 4B 42 l eaecx, [ebx + 42h ] 51 pushecx 50 pusheax 50 pusheax 0F01 4C 24 FE sidt [esp - 02h] 5B pop ebx 83 C3 1C addebx 1Ch FA cli 8B 2B movebp, [ebx]

  20. Signature E800 0000 005B 8D4B 4251 5050 0F01 4C24 FE5B 83C3 ACFA 8B2B

  21. Malware • Malware detection • Based on signatures • Signatures are stored in ordertodetectknown malware

  22. Original Malware Implementation 1 Implementation 2 New Implementation Signature1 NO DETECTION! Signature 2 SIGNATURE DATABASE

  23. E8 0000000 call 0h 5B pop ebx 8D 4B 42 l eaecx, [ebx + 42h ] 51 pushecx 50 pusheax 50 pusheax 90 nop 90 nop 0F01 4C 24 FE sidt [esp - 02h] 5B pop ebx 83 C3 1C addebx 1Ch FA cli 8B 2B movebp, [ebx]

  24. E800 0000 005B 8D4B 4251 5050 0F01 4C24 FE5B 83C3 ACFA 8B2B 9090 isnotin thesignature 9090 E800 0000 005B 8D4B 4251 5050 9090 0F01 4C24 FE5B 83C3 ACFA 8B2B

  25. Malware • Malware detection • Based on signatures • Signatures are stored in ordertodetectknown malware • Unabletohandleobfuscation!

  26. Malware Detection Knowledge-based malware variantdetection Unknown malware detection Static Dynamic Hybrid Machine-learning-based Anomaly-based Static Dynamic Hybrid Static Dynamic Hybrid

  27. PORTADA Definición ¿What is spam?

  28. MontyPythonFlyingCircus

  29. WHAT YOU GOT, THEN? SPAM, EGG, SPAM, SPAM, BACON AND SPAM. SPAM, SPAM, SPAM, BAKED BEANS AND SPAM. ANYTHING WITHOUT SPAM? UGH! I DON’T LIKE SPAM!!

  30. It is an actual problem for security

  31. Millons of infectedcomputers

  32. Identity Theft

  33. Wemust fightit

  34. Machine-learning content-basedmethods 1. Training of themodel 2. Classification of the new e-mails

  35. Vector Space Model t3 D1 D9 D11 D5 D3 D10 D4 D2 t1 D7 D6 D8 t2

  36. PORTADA Definición ¿What is malware in Android?

  37. Mobile phones haveevolved

  38. In fact, nowtheycallthemsmartphones

  39. 1 millonof activations a day

  40. Nokia 3410 Samsung Galaxy Nexus Bluetooth Bluetooth Cámara de fotos GPS Brújula digital WiFi microUSB NFC Aceleremeter Proximity Sensor Baromeer Giroscope Light Sensor

  41. How do theymanage security? and privacy?

  42. Android Malware

  43. “Andromaly”: a behavioral malware detection framework for android devices. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., & Weiss, Y. (2012). Journal of IntelligentInformationSystems, 1-30.

  44. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones Enck, W., Gilbert, P., Chun, B. G., Cox, L. P., Jung, J., McDaniel, P., & Sheth, A. N. (2010, October). In Proceedings of the 9th USENIX conference on Operating systems design and implementation (pp. 1-6).

  45. Dissecting Android Malware: Characterization and Evolution Zhou, Y., & Jiang, X. In Security and Privacy (SP), 2012 IEEE Symposium on (pp. 95-109). IEEE.

  46. “So it is said that if you know your enemies and know yourself, you can win a hundred battles without a single loss.” SunTzu孫子 – The Art of War

More Related