Skip to Main content Skip to Navigation
Conference papers

Categorizing Mobile Device Malware Based on System Side-Effects

Abstract : Malware targeting mobile devices is an ever increasing threat. The most insidious type of malware resides entirely in volatile memory and does not leave a trail of persistent artifacts. Such malware requires novel detection and capture methods in order to be reliably identified, analyzed and mitigated. This chapter proposes malware categorization and detection techniques based on measurable system side-effects observed in an exploited mobile device. Using the Stagefright family of exploits as a case study, common system side-effects produced as a result of attempted exploitation are identified. These system side-effects are leveraged to trigger volatile memory (i.e., RAM) collection by memory acquisition tools (e.g., LiME) to enable analysis of the malware.
Document type :
Conference papers
Complete list of metadata

Cited literature [15 references]  Display  Hide  Download
Contributor : Hal Ifip <>
Submitted on : Friday, February 23, 2018 - 3:50:41 PM
Last modification on : Friday, February 23, 2018 - 3:51:54 PM
Long-term archiving on: : Friday, May 25, 2018 - 2:16:37 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Zachary Grimmett, Jason Staggs, Sujeet Shenoi. Categorizing Mobile Device Malware Based on System Side-Effects. 13th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2017, Orlando, FL, United States. pp.203-219, ⟨10.1007/978-3-319-67208-3_12⟩. ⟨hal-01716405⟩



Record views


Files downloads