• Русский
  • English

Mobile systems complex information security

Mobile systems complex information security

Lection 1: Vulnerabilities and attacks classification. Basic protection facilities and their capabilities
Lection 2: Implemented code development particularities in “buffer overflow” attacks
Lection 3: Philosophy of searching “buffer overflow” possibilities in programs
Lection 4: Focal ways of recovering program execution in mobile OS
Lection 5: Ways of hiding programs and their data in mobile OS
Lection 6: Focal ways of spotting rootkits and rootkits’ hiding techniques
Lection 7: Description of known mobile OS and common software vulnerabilities
Lection 8: Ways of making users help launching deleterious programs
Lection 9: Techniques of remote intrusion
Lection 10: Methods of countering protection facilities
Lection 11: Focal ways of exploring vulnerabilities to intrude

Lection 1: Vulnerabilities and attacks classification. Basic protection facilities and their capabilities

  1. Attacking program actions
  2. Attack evidences that are spotted by protection facilities
  3. Protection facilities classification
  4. Protection facilities capabilities of attack prevention and detection
  5. Vulnerabilities description system
  6. Common programs’ vulnerabilities

Lection 2: Implemented code development particularities in “buffer overflow” attacks

  1. Addressing and stack particularities in CPU architecture
  2. Types of such kind attacks and their description
  3. Mobile OS architecture particularities affecting on “buffer overflow” attacks realizations
  4. Common ways of organizing “buffer overflow” attacks
  5. Common limitations and code development techniques for implemented code
  6. Bypassing stack overflow protection facilities

Lection 3: Philosophy of searching “buffer overflow” possibilities in programs

  1. Static program analysis
  2. Dynamic program analysis
  3. Focal programs for searching vulnerabilities in software without source codes
  4. Focal programs for searching vulnerabilities in software with source codes

Lection 4: Focal ways of recovering program execution in mobile OS

  1. Common ways of providing restorable program execution
  2. Common ways of autostarting programs after reboot
  3. Connecting programs as application modules
  4. Program autostart after stated system event
  5. Registering program as system service
  6. Registering program as driver
  7. System files stand-in
  8. Antispy facilities constantly executed programs detection capabilities
  9. Relative analysis of program execution recovering ways

Lection 5: Ways of hiding programs and their data in mobile OS

  1. Techniques of hiding processes
  2. Techniques of hiding files
  3. Techniques of hiding network connections

Lection 6: Focal ways of spotting rootkits and rootkits’ hiding techniques

  1. Focal rootkit spotting techniques
  2. Bypassing focal rootkit spotting techniques

Lection 7: Description of known mobile OS and common software vulnerabilities

  1. Vulnerabilities description parameters
  2. Mobile OS vulnerabilities
  3. Common software vulnerabilities

Lection 8: Ways of making users help launching deleterious programs

  1. Social engineering techniques
  2. Camouflaging program
  3. Enticement to web-server
  4. Common methods of user’s hidden redirection to attackers web-site
  5. E-mail exploitation for hidden program execution particularities
  6. Message service systems capabilities for hidden program execution
  7. Integrated program start example with web-browser vulnerabilities exploitation

Lection 9: Techniques of remote intrusion

  1. Basic intrusion stages. Ways of solving appearing problems
  2. Overwiew of attack methods
  3. Using Metasploit Framework shell for organizing remote intrusion

Lection 10: Methods of countering protection facilities

  1. Methods of countering protection facilities during intrusion in computer
  2. Methods of countering protection facilities after intrusion in computer

Lection 11: Focal ways of exploring vulnerabilities to intrude

  1. Preparation
  2. Local intrusion
  3. LAN intrusion
  4. Intrusion through Internet

Up