| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Retrofitting Mobile Devices for Capturing Memory-Resident Malware Based on System Side-Effects
Abstract : Sophisticated memory-resident malware that target mobile phone platforms can be extremely difficult to detect and capture. However, triggering volatile memory captures based on observable system side-effects exhibited by malware can harvest live memory that contains memory-resident malware. This chapter describes a novel approach for capturing memory-resident malware on an Android device for future analysis. The approach is demonstrated by making modifications to the Android debuggerd daemon to capture memory while a vulnerable process is being exploited on a Google Nexus 5 phone. The implementation employs an external hardware device to store a memory capture after successful exfiltration from the compromised mobile device.
Cited literature [12 references]
https://hal.inria.fr/hal-02534602
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Tuesday, April 7, 2020 - 10:37:00 AM
Last modification on : Tuesday, April 7, 2020 - 10:42:41 AM
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Tuesday, April 7, 2020 - 10:37:00 AM
Last modification on : Tuesday, April 7, 2020 - 10:42:41 AM
File
488399_1_En_4_Chapter.pdf
Files produced by the author(s)
Licence
Distributed under a Creative Commons Attribution 4.0 International License