First I will provide an introduction to security of Android Apps: we will take a look at them through the eyes of a security engineer, looking at examples of how to reverse engineer them to look for possible security issues through 'Behavioral Analysis'. I will also discuss the limitations of manual research. Then, I will introduce an automated way to scan android devices using an "Automated Security Evaluation Framework" (A S E F). Then I will discuss the framework's design, showing a live demo of how it works, and how to use it. We will also go over interesting results and statistics covering the scope of the tool's functionality and outcome. I will demonstrate how to expand this idea and solve complex problems with most practical ways. I will also discuss what future versions of 'A S E F' has to offer and at the same time will make it available as an Open Source Project.
Parth holds a Masters in Networking & Security from San Jose State University in 2008, and ever since has been working in the field of Security with companies in SF Bay Area. He designed and developed the Secure Tap Transfer Protocol while working with Ricoh Innovation Inc. - California Research Lab, which allows handheld devices to establish a secure communication. Parth also worked with Connexed Inc to harden the security of their Surveillance Camera infrastructure. For the past 3 years working with Qualys Inc., Parth has been in charge of the release cycles, QA process and infrastructure of the Vulnerability Management product. His major focus there has been to build Automation tools to enhance the infrastructure, expand the product and take it to the next level. His most recent interest involves making a contribution in the field of Android Security through Automation. Parth is also very passionate about tennis, cars, movies, food, wine and debates.