Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices

Abstract : This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.
Document type :
Conference papers
Christos Douligeris; Nineta Polemi; Athanasios Karantjias; Winfried Lamersdorf. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-399, pp.178-185, 2013, Collaborative, Trusted and Privacy-Aware e/m-Services. 〈10.1007/978-3-642-37437-1_15〉
Liste complète des métadonnées

Cited literature [6 references]  Display  Hide  Download

https://hal.inria.fr/hal-01470532
Contributor : Hal Ifip <>
Submitted on : Friday, February 17, 2017 - 3:02:28 PM
Last modification on : Friday, February 17, 2017 - 3:16:28 PM
Document(s) archivé(s) le : Thursday, May 18, 2017 - 2:32:21 PM

File

978-3-642-37437-1_15_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Dimitris Apostolopoulos, Giannis Marinakis, Christoforos Ntantogian, Christos Xenakis. Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices. Christos Douligeris; Nineta Polemi; Athanasios Karantjias; Winfried Lamersdorf. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-399, pp.178-185, 2013, Collaborative, Trusted and Privacy-Aware e/m-Services. 〈10.1007/978-3-642-37437-1_15〉. 〈hal-01470532〉

Share

Metrics

Record views

168

Files downloads

108