Mexican Chapter - Chapter Status Report For 2013

Mexican Chapter - Chapter Status Report For 2013

ORGANIZATION:

Hugo Gonzalez - chapter leader
Rafael Llamas - member
Armin Garcia - member

DEPLOYMENTS:

We use the following tools in our research.

Kippo
Cuckoo
DroidBox
androguard
iHoneyC
honeyproxy

And we are working to develop new tools focused on android malware.

RESEARCH AND DEVELOPMENT:

We are working closely with the Canadian Honeynet Chapter, at this point we don’t have source code to show.
The research is going on Security Awareness, android malware, network forensics and botnets.
Some posts related with android malware analysis are posted on: http://asrevni.blogpost.com

FINDINGS:

A lot of android malware is repackaged, the bad guys have some sort of automatic way to create tons of “different” apps from the same malware.

GOALS:

For 2013:
Improve our skills on Android malware analysis 100%
Run security awareness in the University and the state 80%
Collaborate more with other chapters 80%
Develop new forensic challenges 20%
Help with the infrastructure team

The goals for 2014:
Develop infrastructure for android malware analysis.
Improve our knowledge on reversing malware.
Explore MacOSX malware
Contribute with androguard, cuckoo

MISC:

The new website will be at : http://mexican.honeynet.org
Project proposed for GSoC ‘13, not students.
Project proposed for GSoC ‘14.