Android Security: Attacks and Defenses
暫譯: Android安全:攻擊與防禦

Misra, Anmol, Dubey, Abhishek

Android Security: Attacks and Defenses

相關主題

商品描述

Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.

Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.

The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.

The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.

The book's site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.

商品描述(中文翻譯)

《Android 安全:攻擊與防禦》適合任何對從安全角度了解 Android 平台的優缺點感興趣的人士。本書從 Android 作業系統架構和應用程式編程的介紹開始,幫助讀者掌握 Android 平台的基本知識及其安全問題。

本書解釋了 Android 的安全模型和架構,描述了 Android 權限,包括 Manifest 權限,以幫助讀者分析應用程式並理解權限要求。它還根據安全影響對 Android 權限進行評級,並涵蓋了 JEB 反編譯器。

作者描述了如何使用 JAVA 編寫 Android 機器人,以及如何使用反向工程工具來反編譯任何 Android 應用程式。他們還涵蓋了 Android 檔案系統,包括導入目錄和檔案,以便讀者能夠對檔案系統和 SD 卡進行基本的取證分析。本書提供了豐富的資源,讀者可以訪問其網站:www.androidinsecurity.com。它解釋了如何破解文中討論的 SecureApp.apk,並在其網站上提供該應用程式。

本書還涵蓋了高級主題,如逆向工程和取證、行動裝置滲透測試方法論、惡意程式分析、安全編碼以及 Android 的加固指南。它還解釋了如何分析 Android 行動裝置/應用程式的安全影響,並將其納入企業 SDLC 流程中。

本書網站包含資源部分,讀者可以在此訪問應用程式、用戶創建的工具和作者創建的範例應用程式的下載。讀者可以輕鬆下載這些檔案,並在需要時與文本一起使用。欲了解更多資訊,請訪問 www.androidinsecurity.com。

作者簡介

Anmol Misra is a contributing author of the book Defending the Cloud: Waging War in Cyberspace (Infinity Publishing, December 2011). His expertise includes mobile and application security, vulnerability management, application and infrastructure security assessments, and security code reviews.

He is currently Program Manager of the Critical Business Security External (CBSE) team at Cisco. The CBSE team is part of the Information Security Team (InfoSec) at Cisco and is responsible for the security of Cisco's Cloud Hosted Services. Prior to joining Cisco, Anmol was a Senior Consultant with Ernst & Young LLP. In his role, he advised Fortune 500 clients on defining and improving Information Security programs and practices. He helped large corporations to reduce IT security risk and achieve regulatory compliance by improving their security posture.

Anmol holds a master's degree in Information Networking from Carnegie Mellon University. He also holds a Bachelor of Engineering degree in Computer Engineering. He served as Vice President of Alumni Relations for the Bay Area chapter of the Carnegie Mellon Alumni Association.In his free time, Anmol enjoys long walks on the beaches of San Francisco. He is a voracious reader of nonfiction books--especially, history and economics--and is an aspiring photographer.

Abhishek Dubey has a wide variety of experience in information security, including reverse engineering, malware analysis, and vulnerability detection. He is currently working as a Lead/Senior Engineer of the Security Services and Cloud Operations team at Cisco. Prior to joining Cisco, Abhishek was Senior Researcher in the Advanced Threat Research Group at Webroot Software.

Abhishek holds a master's degree in Information Security and Technology Management from Carnegie Mellon University and also holds a B.Tech degree in Computer Science and Engineering. He is currently pursuing studies in

作者簡介(中文翻譯)

Anmol Misra 是書籍 Defending the Cloud: Waging War in Cyberspace(Infinity Publishing,2011年12月)的貢獻作者。他的專業領域包括行動與應用程式安全、漏洞管理、應用程式及基礎設施安全評估,以及安全程式碼審查。

他目前擔任思科(Cisco)關鍵業務安全外部(CBSE)團隊的計畫經理。CBSE 團隊是思科資訊安全團隊(InfoSec)的一部分,負責思科雲端託管服務的安全性。在加入思科之前,Anmol 曾擔任安永會計師事務所(Ernst & Young LLP)的高級顧問。在他的職位上,他為《財富》500 強客戶提供建議,協助他們定義和改善資訊安全計畫及實務。他幫助大型企業降低 IT 安全風險,並透過改善其安全狀態來達成合規要求。

Anmol 擁有卡內基梅隆大學(Carnegie Mellon University)資訊網路碩士學位,並持有計算機工程的工程學士學位。他曾擔任卡內基梅隆校友會灣區分會的校友關係副會長。在空閒時間,Anmol 喜歡在舊金山的海灘上長時間散步。他是非小說類書籍的狂熱讀者,特別是歷史和經濟學,並且是一名有抱負的攝影師。

Abhishek Dubey 在資訊安全領域擁有廣泛的經驗,包括逆向工程、惡意軟體分析和漏洞檢測。他目前擔任思科安全服務與雲端運營團隊的首席/高級工程師。在加入思科之前,Abhishek 曾在 Webroot Software 的先進威脅研究小組擔任高級研究員。

Abhishek 擁有卡內基梅隆大學的資訊安全與技術管理碩士學位,並持有計算機科學與工程的 B.Tech 學位。他目前正在進行學習。

類似商品

最後瀏覽商品 (20)