Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices

Abstract : This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.
Type de document :
Communication dans un congrès
Christos Douligeris; Nineta Polemi; Athanasios Karantjias; Winfried Lamersdorf. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-399, pp.178-185, 2013, Collaborative, Trusted and Privacy-Aware e/m-Services. 〈10.1007/978-3-642-37437-1_15〉
Liste complète des métadonnées

Littérature citée [6 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01470532
Contributeur : Hal Ifip <>
Soumis le : vendredi 17 février 2017 - 15:02:28
Dernière modification le : vendredi 17 février 2017 - 15:16:28
Document(s) archivé(s) le : jeudi 18 mai 2017 - 14:32:21

Fichier

978-3-642-37437-1_15_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Dimitris Apostolopoulos, Giannis Marinakis, Christoforos Ntantogian, Christos Xenakis. Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices. Christos Douligeris; Nineta Polemi; Athanasios Karantjias; Winfried Lamersdorf. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-399, pp.178-185, 2013, Collaborative, Trusted and Privacy-Aware e/m-Services. 〈10.1007/978-3-642-37437-1_15〉. 〈hal-01470532〉

Partager

Métriques

Consultations de la notice

177

Téléchargements de fichiers

156