Sistema

Contributed by Jeremiah Everett

This paper will discuss security for the Android OS and Apple's iOS. So for a little background we will look at when Android and iOS were first released. Android was released to the public on the HTC Dream in October of 2008, and Apple’s iOS came out in March of 2008. Since the time of release more and more malware has been created and need for better security has been realized. In the article Android Security: A Survey of Issues, Malware Penetration, and Defenses, they state that increased popularity of the Android device and associated monetary benefits attracted malware developers, and this resulted in a big rise of Android malware apps between 2010 and 2014.

This document is in PDF format. To view it click here.

Contributed by Dietrich Lehr

I will be focusing on mobile device security as it pertains to methodologies used to secure critical components of smartphone use. I will analyze and compare the two smartphone platform leaders, Apple and Android and the way they secure their devices. I will also provide insight as to which methods may be stronger and better for users to implement chose if multiple options are available.

This document is in PDF format. To view it click here.

Contributed by Alberto Gonzalez and Jason Larsen

Honeypots are a hot topic in the security research community right now. Everyone is starting up their own honeypot system. While most of current literature available on them deals with the potential gains a honeypot can give you, and how to monitor them, not very many of them deal with the mechanics of honeypots themselves.

Most honeypots as deployed from spare parts. Many start as just an extra box someone has lying around. A security savvy technician has slapped an OS on it, checksummed all the files, installed an IDS, and set about waiting for the hackers to arrive. These haphazard kinds of honeypots ignore some of the most interesting capabilities of honeypots. Honeypots can be used to ensnare and beguile potential hackers, entice them to give you more research information, and actively defend a production network.

Contributed by Don Mosley

The area of real-time Intrusion Detection and Prevention utilizing intelligent routers or various network attached appliances has received much press in the last few years. Should any of these defenses provide less than 100% effective coverage the user will be left unaware of any 'mischief' that might have gotten through. There is still a need for non real-time scanning of system files to determine any unauthorized modifications. This type of audit is often the only effective way to spot malicious activity originating from inside the enterprise network. This paper will outline mechanisms and practices for effective file integrity checking.

This document is in PDF format. To view it click here.

Contributed by Lenny Zeltser and an Anonymous author

This paper examines trends and dynamics of the endpoint security industry, and shows how business strategies of market leaders such as Symantec exemplify these factors. When exploring current developments in the information security marketplace, we stipulate that this sector is beginning to converge with the general IT software industry in response to factors such as the evolution of the industry structure, competitive dynamics, regulatory compliance efforts, and the maturing state of security products.

This document is in PDF format. To view it click here.