Upskilling Training

Mobile Malware Analysis

Mobile malware is malicious software that targets mobile phones and tablets, by causing the collapse of the system and loss or leakage of confidential information.

English

Duration 4 Days

Description

The “Mobile Malware Analysis“ course is a comprehensive 4-day program designed for cybersecurity professionals, mobile app developers, and individuals seeking to understand and combat the evolving landscape of mobile malware. In an era where mobile devices are a primary target for cyber threats, this course provides participants with the knowledge and practical skills to dissect and analyse mobile malware, detect vulnerabilities, and develop effective strategies for mobile security.


Participants will learn the knowledge and skills to perform malware analysis on iOS and Android mobile OS. Participants will safely work with mobile malware samples to understand the data exposure and access threats affecting Android and iOS.

Participants will be able to learn:

  • In-depth knowledge of mobile malware threats and vulnerabilities.
  • Mobile malware defence strategies and best practices.
  • How to analyse mobile apps through static and dynamic analysis.
  • Advanced techniques for identifying and mitigating mobile malware.

Who Should Attend?

All employees who want to know how to detect, research, fix and recover mobile devices of the organization that have been compromised. Especially for:

  • Information Security Professionals
  • Reverse Engineers
  • Malware Analysts
  • Incident Response Team Members
  • Individuals seeking to understand Mobile malware

Course Syllabus

Introduction to Mobile Security

    Mobile Device Malware Threats

  • Trends and popularity of mobile device malware
  • Mobile malware command-and-control architecture
  • The efficiency of Android ransomware malware threats
  • Mobile malware defences: What works and what doesn't

    Android Platform Overview

  • Android Operating System Overview
  • Android Application Overview

    iOS Platform Overview

  • iOS Operating System Overview
  • iOS Application Overview

    Android File System Structures

      Defining Data Structure Layout

    • Physical
    • File System
    • Logical/Backup
  • Data Storage Formats
  • Parsing and Carving Data
  • Physical and Logical Keyword Searches

    iOS File System Structures

      Defining Data Structure Layout

    • Physical
    • Full File System
    • File System
    • Logical
  • Data Storage Formats
  • Parsing and Carving Data
  • Physical and Logical Keyword Searches

    Malware and Spyware Forensics

  • Different Types of Common Malware
  • Common Locations on Smartphones
    • How to Determine a Compromise

        How to Recover from a Compromise

      • What Was Affected?
      • How to Isolate?
      • How to Analyse Using Reverse-Engineering Methodologies

    Static Application Analysis

  • Retrieving iOS and Android apps for reverse engineering analysis
  • Decompiling Android applications
  • Circumventing iOS app encryption with Dumpdecrypted
  • Header analysis and Objective-C disassembly
  • Accelerating iOS disassembly: Hopper and IDA Pro
  • Swift iOS apps and reverse-engineering tools
  • Effective Android application analysis with MobSF

    Reverse-Engineering Obfuscated Applications

  • Identifying obfuscation techniques
  • Decompiling obfuscated applications
  • Effectively annotating reconstructed code with Android Studio
  • Decrypting obfuscated content with Simplify

    Network Manipulation Attacks

  • Using man-in-the-middle tools against mobile devices
  • Sniffing, modifying, and dropping packets as a man-in-the-middle
  • Mobile application data injection attacks

    Manipulating and Analysing Android Applications

  • Android application manipulation with Apktool
  • Reading and modifying Dalvik bytecode
  • Adding Android application functionality, from Java to Dalvik bytecode
  • Android application interaction and intent manipulation with Drozer
  • Method hooking with Frida and Objection

    Manipulating and Analysing iOS Applications

  • Runtime iOS application manipulation with Frida
  • iOS method swizzling
  • iOS application vulnerability analysis with Needle
  • Tracing iOS application behaviour and API use
  • Extracting secrets with KeychainDumper
  • Method hooking with Frida and Objection

Pre-requisites

This is an advanced course. Participants are required to have a basic understanding of networking, mobile operating systems and;

  • Understanding of fundamental information security concepts
  • Basic knowledge of Linux and Windows command line.
  • Entry basic Java, C, Objective C, Swift and Assembly knowledge
Expert