Skip to Main content Skip to Navigation
Conference papers

Smartphone Volatile Memory Acquisition for Security Analysis and Forensics Investigation

Abstract : In this paper, we first identify the need to be equipped with the capability to perform raw volatile memory data acquisition from live smartphones. We then investigate and discuss the potential of different approaches to achieve this task on Symbian smartphones. Based on our initial analysis, we propose a simple, flexible and portable approach which can have a full-coverage view of the memory space, to acquire the raw volatile memory data from commercial Symbian smartphones. We develop the tool to conduct the proof-of-concept experiments on the phones, and are able to acquire the volatile memory data successfully. A discussion on the problems we have encountered, the solutions we have proposed and the observations we have made in this research is provided. With the acquired data, we conduct an analysis on the memory images of the identified memory regions of interest, and propose a methodology for the purpose of in-depth malware security and forensics analysis.
Document type :
Conference papers
Complete list of metadata

Cited literature [25 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, February 9, 2017 - 5:23:52 PM
Last modification on : Thursday, February 9, 2017 - 5:37:20 PM
Long-term archiving on: : Wednesday, May 10, 2017 - 2:46:32 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Vrizlynn L. Thing, Zheng-Leong Chua. Smartphone Volatile Memory Acquisition for Security Analysis and Forensics Investigation. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. pp.217-230, ⟨10.1007/978-3-642-39218-4_17⟩. ⟨hal-01463829⟩



Record views


Files downloads