Benjamin Jochheim: Automatic Detection of Embedded, Unwanted Binary Code for Mobiles

Statistical, Context-dependent Traffic Analysis for Mobile Communication
  • What INET Seminar
  • When Dec 12, 2011 from 04:00 PM to 05:00 PM (CET / UTC100)
  • Where R 560
  • Contact Name
  • Add event to calendar iCal

Today, portable communication devices are common and can host a wide range of applications,  many of which handle personal data that must be well protected
from unauthorized access.
The protection of a mobile device is hard because of its mobility and many communication interfaces that exhibit a direct access to the "outside world".
In many mobility scenarios, users rely on connectivity to untrusted networks while accessing business data via the Internet.
Recent Attacks on PDF viewers using embedded code, hidden within the data files, have urged the need for a deeper look at such files. There is a gap between fast signature based methods and resource-intensive parsing that try to disclose the semantics of a file.
In this presentation, we introduce a lightweight statistical method that has the potential to spot unwanted binary instruction embedded in regular data. We carefully analyze the potential of entropy signal analysis, discussing machine learning approaches in various examples. We investigate these techniques from various fields of computer science and signal processing to evaluate our method.

Presentation Slides