Upload
muhammad-majid-majid
View
46
Download
0
Embed Size (px)
Citation preview
ANDROID ANTI-VIRUS ANALYSIS
Anti-virus byMUHAMMAD MAJIDLecturer at the Islamia University of [email protected]
INTRODUCTION Vulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.
Adware Software that displays advertising banners on
Web browsers. While not always threatening, these programs create pop-ups and can cause sluggishness in network connectivity.
INTRODUCTION (CONT.) Grayware
Programs that are undesirable but less serious or troublesome as malware. Grayware includes some spyware, adware, and joke programs.
Malware
From Malicious Software; malware refers to software that is meant to infiltrate or damage a computer system without the owner’s consent and, in many cases, knowledge. Malware programs include computer viruses, rootkits, spyware, and trojan horses.
INTRODUCTION (CONT.) Rootkit
A malware program that is designed to take full control of the machine’s operating system.
Safe Mode
A diagnostic mode used by a computer operating system. In safe mode, an operating system will have reduced functionality, but isolating problems is much easier.
INTRODUCTION (CONT.) Spyware
Computer software that is installed (unknowingly) on a personal computer that is meant to intercept information and/or take partial control over a user’s interaction with the machine. Most spyware programs record various personal information, such as surfing habits, and actively redirect Web Browsers or install 3rd party software without permission.
Trojan Horse
A program that appears as a legitimate and desirable program, but in actuality, performs undisclosed malicious functions on the machine. Most computer worms are trojan horses to hide the fact that access has been opened to intruders.
INTRODUCTION (CONT.) Virus
A malware computer program that can copy itself and infect a computer without permission or knowledge of the user. Some viruses damage computers by damaging files. Others open connections for people to take over the machine.
Worm
A self-replicating program that uses a network to send copies of itself to other machines, often without any user intervention. At times, the only harm a worm causes is lowered bandwidth as it spreads on the network. However, one of the most common uses of a worm is to install a backdoor on a computer for someone to gain access.
PC VS SMARTPHONES Mobility and Portability Frequent shutdown PC not connected every time More exposed and more vulnerable Much research has been done in the area of
infrastructure based computing networks, security for smartphones are new.
Additionally, smartphones are increasingly used for the storage of data through applications such as email clients, and social networking tools. This increases the likelihood of attacks on a mobile device.
SECURITY ISSUES IN ANDROID OS Android, with a commanding 52 percent
of the worldwide smartphone market currently has the highest potential pay- off for malware developers.
Multiple Vendors No Application Evaluation Open Source Code Rooting
ANTIVIRUS FOR ANDROID OS A survey shows the amount of malware
identified on the Android platform has increased about 472% during the period June 2011 to November 2011.
55% of the identified malware was from applications that were installed on the mobile device and 44% were SMS Trojan horses
ANTIVIRUS FOR ANDROID OS (CONT.)
Offering virus, malware, and spyware protection
Back-up of the phone’s data Remote erasing of the phone’s data Finding the phone if it is lost or misplaced
ANTIVIRUS FOR ANDROID OS (CONT.)
Free anti-virus applications available for the Android platform including Lookout Mobile security, AVG Free, and Anti-virus free
There are also paid versions of these applications which offer enhanced support and additional features for the user.
DOES THE USE OF EXISTING ANTI-VIRUS REALLY PROTECT THE DEVICE?
The answer is yes, it does but only to a certain extent.
DO THESE APPLICATIONS PROVIDE FULL PROTECTION?
The answer appears to be no. Just like new computer malware are generated every day, malware for mobile platforms are on the rise.
WHY ANTI-VIRUS ANALYSIS?
Many anti-virus and malware prevention tools were found in the Android Market, each claiming to fully protect the device.
TEST SCENARIOS Scenario 1:
Install the spyware followed by the anti-spyware application.
Scenario 2: Install the anti-spyware application
followed by the spyware.
CRITERIA (METRIC)
Rating Number of downloads Reviews from various online magazines
and journals were also considered for the selection
TEST CONDITIONS The tests can carried out on three
Android-enabled smartphones LG Optimus V, Samsung Galaxy Nexus, and HTC Wildfire. The reason for selection of these phones was to include in our study both CDMA and GSM mobile phones. The tools were tested directly on the physical devices.
TEST PROCEDURE – EXAMINE Incoming and outgoing calls were made SMSs were sent and received Contacts were added and deleted Websites were browsed Bookmarks were added and deleted Pictures were taken and deleted Web portal of the spyware was checked
to determine the modified data
RESULTS
RESULTS (CONT.)
CONCLUSION Based on the research it can be
concluded that the Android operating system has a high potential to susceptibility of spyware and other malware.
Based on the behavior, a new strategy can be designed for developing an anti-virus to give smartphones maximum protection.
Thanks…
?