Malware analysis: tools and methodologies for Apple Mac OS X and iOS devices
Methusela Cebrian Ferrer Microsoft
The increasing reliance on the global inter-connectivity of devices, data and people brings a new and ever-changing set of
security challenges. For instance, malicious and potentially unwanted tools are widely available - relatively easy to
acquire and weaponize. However, a more tempting target may lie in the rich opportunity of data and information stored and
shared in connected digital space.
Apple Mac OS X and iOS users are not isolated in this case; in fact, in recent years, we have discussed how these platforms
are affected and how they share the same security concerns. However, investigating and conducting analysis of malicious
code can be very challenging on Apple devices, due to the fact that there is limited published research in this field.
This paper proposes to discuss how to set up a multi-user threat research lab environment for these platforms. The study
includes an evaluation of available and open-source tools for the purpose of identifying, dissecting and monitoring
malicious behaviour, examining why they are useful, and detailing relevant system artifacts - files and directories where
users' valuable data and information are stored. It provides analysis of real threats from the wild as examples to
emphasize the utility of static and dynamic analysis. Furthermore, it outlines the limitations and provides recommended
options for users to consider. Overall, this paper aims to provide useful guidance and a starting point for individuals
and the research community who may be pursuing an interest in malware on this platform.
del.icio.us digg this