Memory Forensics of Insecure Android Inter-app Communications
Mark Vella, Rachel Cilia
2017
Abstract
Android is designed in a way to promote the implementation of user task flows among multiple applications inside mobile devices. Consequently, app permissions may be leaked to malicious apps without users noticing any compromise to their devices’ security. In this work we explore the possibility of detecting insecure inter-app communications inside memory dumps, with forensic analysis results indicating the possibility of doing so across the various layers of Android’s architecture. Yet, for the detailed evidence reconstruction that could be required during digital investigation, current capabilities have to be complemented with evidence collected through live forensics. We propose that this process should still be based on carving forensic artifacts directly from memory.
DownloadPaper Citation
in Harvard Style
Vella M. and Cilia R. (2017). Memory Forensics of Insecure Android Inter-app Communications . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 481-486. DOI: 10.5220/0006215504810486
in Bibtex Style
@conference{icissp17,
author={Mark Vella and Rachel Cilia},
title={Memory Forensics of Insecure Android Inter-app Communications},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={481-486},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006215504810486},
isbn={978-989-758-209-7},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Memory Forensics of Insecure Android Inter-app Communications
SN - 978-989-758-209-7
AU - Vella M.
AU - Cilia R.
PY - 2017
SP - 481
EP - 486
DO - 10.5220/0006215504810486