In today’s world of smartphone ubiquity, mobile malware is an increasingly prevalent (and difficult to mitigate) threat. One problem area for contemporary malware analysts is determining which apps legitimately need the permissions they request, and which have nefarious motivations. This presentation introduces a novel approach to mobile malware analysis at scale: human sentiment analysis. Leveraging online crowdsourcing platforms, analysts can programmatically determine which apps “feel” most suspicious–a huge time saver in a field with millions of apps to assess.
David Shaw has extensive experience in many aspects of information security. After working in the trenches of perimeter analysis, David joined an External Threat Assessment Team as a Security Researcher, working closely with large financial institutions to mitigate external risk and combat phishing attacks. David is currently the Senior Director of Engineering at Redspin, specializing in External and Application security assessments and managing a team of highly skilled engineers.