Future Directions in Malware Detection on Mobile Handsets

March 30, 2011 (at 2:30 p.m.) in Defense & Management

Malware detection on Smartphones potentially enables the quick and timely mitigation of attacks that might originate from these devices. Typical malware detection methods known from fixed networks heavily rely on signature based detection of malware. Signature-based detection enables a very high detection rate, but is ultimately dependent on the a-priori knowledge of the kind of malware it aims to detect. If the malware is known and a signature is available, it will be detected. If the malware is unknown or employs advances hiding techniques such as encryption, polymorphism, obfuscation, or packing, the signature-based detection will not be successful. It is obvious that signature-based malware detection is needed, but has its limitation especially in the context of Smartphones and the diverse application landscape. A new approach to malware detection is based on behavioral aspects of the application and also the behavior of the users. This talk will introduce various detection mechanisms leveraging different behavioral aspects that can be extracted from Smartphones. Additionally we offer some ideas for future directions and application scenarios.

André Egners

Holds a Diploma degree in Computer Sciences from RWTH Aachen University. Since September 2009 he has been working for the Research Group IT-Security, as part of the UMIC Cluster in Aachen since September 2009. His primary interest is security for wireless mesh networks, which also includes detection of malicious node behavior. In addition, he has experience in mobile security and has been working on botnet detection and mitigation for mobile networks.