Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2013

Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices

Dimitris Apostolopoulos
  • Fonction : Auteur
  • PersonId : 1001844
Giannis Marinakis
  • Fonction : Auteur
  • PersonId : 1001845
Christoforos Ntantogian
  • Fonction : Auteur
  • PersonId : 1001846
Christos Xenakis
  • Fonction : Auteur
  • PersonId : 1001847

Résumé

This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.
Fichier principal
Vignette du fichier
978-3-642-37437-1_15_Chapter.pdf (257.79 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01470532 , version 1 (17-02-2017)

Licence

Paternité

Identifiants

Citer

Dimitris Apostolopoulos, Giannis Marinakis, Christoforos Ntantogian, Christos Xenakis. Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. pp.178-185, ⟨10.1007/978-3-642-37437-1_15⟩. ⟨hal-01470532⟩
159 Consultations
606 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More