Malvertising & Mobile Malware Madness (+ How to Cap The Mad Hatters)
Google Tech Talk (more info below)
August 18, 2011
Presented by Neil Daswani.
This talk has two parts -- 1) I will survey some of the most recent
trends in malvertising (malicious advertising) attacks and solutions on the web, and 2) I will describe some preliminary work on the behavioral analysis of mobile applications and mobile malware. In the first part of this talk, after briefly reviewing some recent malvertising cases, I will describe both a technological approach and business model for mitigating malvertising on the Internet. In the second part of the talk, I will discuss the results of an experiment on over 10,000 Android applications in which we identified privacy and security violations through behavioral analysis techniques. Finally, I'll bring together what we can learn from battles of the past by discussing the looming threat of mobile malvertising and what we can do to cap it.
Neil Daswani, PhD
Co-Founder and Chief Technology Officer, Dasient, Inc.
Neil Daswani is responsible for Dasient's long-term product vision and strategy. A highly regarded Internet technology expert, Daswani has served in a variety of research, development, teaching, and managerial roles at Google, Stanford University, DoCoMo USA Labs, Yodlee, and Bellcore (now Telcordia Technologies).
Daswani's areas of expertise include security, wireless data technology, and peer-to-peer systems. He has published extensively in these areas, frequently gives talks at industry and academic conferences, and has been granted several U.S. patents. He is also the author of Foundations of Security: What Every Programmer Needs to Know, which teaches new and current software professionals state-of-the-art software security design principles, methodology, and concrete programming techniques they need to build secure software systems. While at Stanford, he co-founded the Stanford Center for Professional Development's Software Security Certification Program, which has become an important tool for educating software programmers, architects, developers, engineers, IT managers, chief information officers (CIOs), and chief security officers (CSOs) about security issues and designing secure programs.
Daswani earned a bachelor's degree in computer science with honors with distinction from Columbia University and a master's degree and Ph.D. in computer science from Stanford University.