Mobile and Mobile Banking Security

Mobile and Mobile Banking Security is a practical course designed to address the risks of using mobile devices for both personal, corporate and mobile banking applications. The aim of this course is to equip users of mobile devices and mobile applications with the knowledge and competences necessary to minimize the risks of owning devices such as Blackberry, iPhone, iPad and Android. Mobile users are exposed, virtually 24x7, to a wider range of attacks which could result in fi nancial loss, disclosure of confi dential and sensitive information. Through this course delegates will learn how to assess and maintain the security of mobile devices and applications as well as assessing the risks of using mobile devices in a wide range of day to day scenarios, from simply making and receiving calls to reading emails, using social sites, paying bills and transferring money. This is course is a must for any policy maker concerned with the risks introduced by mobile devices within the corporate environment.

“Acquire knowledge on insecurities involved in the infrastructure and mobile services”

 

Who Should Attend

This course is ideally suited for:

  • Law enforcement and Government officials
  • IT Consultants and auditors
  • Banking Officials
  • IT Managers
  • Mobile Content and Application Developers

“The class will benefit anyone who wants to gain practical knowledge in the domain of mobile network communications and mobile system security”

 

Prerequisites

The Course is “Hand-on” including a number of topics of technical nature. A general IT background is recommended.

Duration:2 days

Laptop Requirements

A laptop is required to be able to work through all the practical hands-n workshops. Failure to meet the requirements below may result in the delegate not being able to carry out one or more of the practical workshops and thus not taking full benefit for the course. The minimum laptop requirements are:

  • x86-compatible 1.5 Ghz CPU Minimum or higher
  • DVD Drive
  • 1GB RAM minimum or higher
  • 10 Gigabyte available hard drive space
  • The system must be capable of booting from a CD
  • VMware Player or VMware Workstation.

REMA I Toolkit

Each student will be given the Silensec Mobile and Mobile Banking Security course DVD, including additional software, guides and notes.

 

Course Outline

Day

Details
1 The first day will introduce the mobile protocol stack, beginning from the telecommunication technologies and communication protocols up to the modern mobile devices and operating systems and applications. The first days addresses attacks the telecommunication technologies and application protocols such as GSM call interception, SMS and MMS attacks.
2 The second day focuses on device-specific attacks delving into modern mobile Operating Systems such as Android, iOS and related applications and showing how they can affect the personal, financial and corporate security. After having looked at the range of attack vectors and current threats, the second day concludes by addressing strategies and solutions to manage the risks of mobile devices and applications.

Course Breakdown

Day 1
Module 1: Mobile Devices
1.1.    Types of devices
1.2.    Hardware architectures
Module 2: Mobile Communication Technologies
2.1.    Mobile Standards Organizations
2.2.    GSM, UMTS, GPRS ,EDGE
Module 3: Mobile Communication Technologies Attacks
3.1.    Calls interception, disconnecting calls
3.2.    Decrypting voice traffic
3.3.    Cloning attacks
Module 4: Mobile Communication Services and Protocols
4.1.    SMS spoofing and social engineering, SPAM
4.2.    SIM Toolkit security
Module 5: Mobile Devices Operating systems
5.1.    Android
5.2.    Blackberry
5.3.    Symbian
5.4.    Apple iOS
5.5.    Windows


Day 2
Module 6: Mobile Assets
6.1.    Data Assets
6.2.    Hardware Assets
6.3.    Identity Assets
Module 7: Threats
7.1.    Environmental
7.2.    Software
7.2.1.    Software Vulnerabilities
7.2.2.    Malicious Software
7.3.    Physical
Module 8: Threat Assessment and Mediation
Module 9: Tools and Software for Threat Mediation
9.1.    OS Protections
9.2.    Antivirus Software
9.3.    Remote Management Platforms

Why us?

"Our trainers are security consultants with many years of experience, highly dedicated to teach and share their knowledge."

"MMS is about acquiring practical skills and competence - not just theory."

"We focus on competance and low level understanding through hands-on excercises and real life scenarios"

 

Dr. Almerindo Graziano
CEO Silensec

About the Authors

George Nicolaou leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the head of Research and Development department of the Astalavista security community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Bogdan Alecu is Mobile Systems Consultant, specializing in mobile security. He received his BSc in Business Information Systems from the “Alexandru Ioan Cuza” University of Iasi. He has researched for many years in mobile security, starting with Voice over IP and continuing with GSM, discovering security flaws in the way VoIP was implemented by different companies and in the way binary SMS was implemented. Bogdan is a frequent speaker at international security conferences. His latest research in the GSM could allow a potential attacker to perform a remote SMS attack which can force mobile phones to send premium-rate text messages.
top
© 2012 Silensec. All Rights Reserved. Legal notice | Sitemap