Tracking App Behaviors With - Nothing Changed - Phone For Evasive Android Malware
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a powerful new method for tracking and analyzing evasive Android malware behaviors without modifying the operating system. Learn techniques to overcome challenges in fast code analysis, environment detection, obfuscation, dynamic code loading, and anti-analysis measures. Discover how to monitor user-defined classes/methods, third-party libraries, Java/Android APIs, and native-level functions including JNI, libc, and Binder on unmodified devices. Gain insights into analyzing complex and advanced Android malware through demonstrations and practical examples.
Syllabus
What I will talk about..
Obfuscation
Fast code analysis: example
Dynamic code loading
Monitoring extension
Mixed-environment code with JNI
Tracking Native Behavior:JNI
Tracking Native Behavior: LIBC
Tracking Native Behavior:BINDER
Taught by
Black Hat
Related Courses
Netty Best Practices for Optimal PerformanceMeta via YouTube Gazelle-JNI: Offloading Spark SQL to Native Engines for Execution Acceleration
Databricks via YouTube Beyond JVM - How the Platform is Evolving for New Languages and Features
GOTO Conferences via YouTube Foreign Function and Memory API in Java 17 - Replacing JNI
Okta via YouTube Native Script Engine: Integrating V8 JavaScript with Java - Jim Laskey
Java via YouTube