Categorizing Mobile Device Malware Based on System Side-Effects - Archive ouverte HAL Access content directly
Conference Papers Year : 2017

Categorizing Mobile Device Malware Based on System Side-Effects

(1) , (1) , (1)
1
Jason Staggs
  • Function : Author
Sujeet Shenoi
  • Function : Author
  • PersonId : 991346

Abstract

Malware targeting mobile devices is an ever increasing threat. The most insidious type of malware resides entirely in volatile memory and does not leave a trail of persistent artifacts. Such malware requires novel detection and capture methods in order to be reliably identified, analyzed and mitigated. This chapter proposes malware categorization and detection techniques based on measurable system side-effects observed in an exploited mobile device. Using the Stagefright family of exploits as a case study, common system side-effects produced as a result of attempted exploitation are identified. These system side-effects are leveraged to trigger volatile memory (i.e., RAM) collection by memory acquisition tools (e.g., LiME) to enable analysis of the malware.
Fichier principal
Vignette du fichier
456364_1_En_12_Chapter.pdf (134.22 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01716405 , version 1 (23-02-2018)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Zachary Grimmett, Jason Staggs, Sujeet Shenoi. Categorizing Mobile Device Malware Based on System Side-Effects. 13th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2017, Orlando, FL, United States. pp.203-219, ⟨10.1007/978-3-319-67208-3_12⟩. ⟨hal-01716405⟩
31 View
105 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More