Why Are Hackers Winning the Mobile Malware Battle presented at OWASPAppSecIsrael 2015

by Yair Amit,

Summary : In the proverbial game of cat-and-mouse between endpoint security vendors and malware writers, malware attacks have recently grown more sophisticated. More enterprises are losing ground to hackers, who are able to outmaneuver static and runtime solutions by constantly changing their attack strategies. In his presentation, Yair will break down the current set of techniques (signatures, static analysis, dynamic analysis, social cyber-intelligence) used to identify malware on mobile devices, and identify the pros and cons of these approaches. He will also explain why attackers constantly succeed in fooling these technologies, and explore the problem of false positive/false negative tradeoffs in such solutions. In order to demonstrate the aforementioned, Yair will create on stage a malicious mobile app live, which can bypass signatures, static and dynamic analysis approaches.
Audience will learn:
The attack paths mobile hackers are taking
What actions organizations can take to mitigate malware risks
How security vendors can change their paradigms to improve their defenses