Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices
Identifieur interne : 000010 ( Hal/Corpus ); précédent : 000009; suivant : 000011Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices
Auteurs : Dimitris Apostolopoulos ; Giannis Marinakis ; Christoforos Ntantogian ; Christos XenakisSource :
English descriptors
- mix :
Abstract
This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.
Url:
DOI: 10.1007/978-3-642-37437-1_15
Links to Exploration step
Hal:hal-01470532Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en">Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices</title><author><name sortKey="Apostolopoulos, Dimitris" sort="Apostolopoulos, Dimitris" uniqKey="Apostolopoulos D" first="Dimitris" last="Apostolopoulos">Dimitris Apostolopoulos</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author><author><name sortKey="Marinakis, Giannis" sort="Marinakis, Giannis" uniqKey="Marinakis G" first="Giannis" last="Marinakis">Giannis Marinakis</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author><author><name sortKey="Ntantogian, Christoforos" sort="Ntantogian, Christoforos" uniqKey="Ntantogian C" first="Christoforos" last="Ntantogian">Christoforos Ntantogian</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author><author><name sortKey="Xenakis, Christos" sort="Xenakis, Christos" uniqKey="Xenakis C" first="Christos" last="Xenakis">Christos Xenakis</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">HAL</idno><idno type="RBID">Hal:hal-01470532</idno><idno type="halId">hal-01470532</idno><idno type="halUri">https://hal.inria.fr/hal-01470532</idno><idno type="url">https://hal.inria.fr/hal-01470532</idno><idno type="doi">10.1007/978-3-642-37437-1_15</idno><date when="2013-04-25">2013-04-25</date><idno type="wicri:Area/Hal/Corpus">000010</idno></publicationStmt><sourceDesc><biblStruct><analytic><title xml:lang="en">Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices</title><author><name sortKey="Apostolopoulos, Dimitris" sort="Apostolopoulos, Dimitris" uniqKey="Apostolopoulos D" first="Dimitris" last="Apostolopoulos">Dimitris Apostolopoulos</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author><author><name sortKey="Marinakis, Giannis" sort="Marinakis, Giannis" uniqKey="Marinakis G" first="Giannis" last="Marinakis">Giannis Marinakis</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author><author><name sortKey="Ntantogian, Christoforos" sort="Ntantogian, Christoforos" uniqKey="Ntantogian C" first="Christoforos" last="Ntantogian">Christoforos Ntantogian</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author><author><name sortKey="Xenakis, Christos" sort="Xenakis, Christos" uniqKey="Xenakis C" first="Christos" last="Xenakis">Christos Xenakis</name><affiliation><hal:affiliation type="institution" xml:id="struct-379528" status="VALID"> <orgName>University of Piraeus</orgName> <desc> <address> <addrLine>80, M. Karaoli & A. Dimitriou St., 18534 Piraeus</addrLine> <country key="GR"></country> </address> <ref type="url">http://www.unipi.gr/unipi/en/</ref> </desc> </hal:affiliation></affiliation></author></analytic><idno type="DOI">10.1007/978-3-642-37437-1_15</idno></biblStruct></sourceDesc></fileDesc><profileDesc><textClass><keywords scheme="mix" xml:lang="en"><term>Android</term><term>Android applications</term><term>credentials discovery</term><term>mobile security</term><term>volatile memory acquisition</term></keywords></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.</div></front></TEI><hal api="V3"> <titleStmt> <title xml:lang="en">Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices</title> <author role="aut"> <persName> <forename type="first">Dimitris</forename> <surname>Apostolopoulos</surname> </persName> <email type="md5">96d8bdb14fe6b30b35039a570aa5cee2</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492116</idno> <affiliation ref="#struct-379528"></affiliation> </author> <author role="aut"> <persName> <forename type="first">Giannis</forename> <surname>Marinakis</surname> </persName> <email type="md5">9005d3e1fd0b81843d0547c340d843b8</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492117</idno> <affiliation ref="#struct-379528"></affiliation> </author> <author role="aut"> <persName> <forename type="first">Christoforos</forename> <surname>Ntantogian</surname> </persName> <email type="md5">47efe7b37702bfa68f3ed9fdbd1a8098</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492118</idno> <affiliation ref="#struct-379528"></affiliation> </author> <author role="aut"> <persName> <forename type="first">Christos</forename> <surname>Xenakis</surname> </persName> <email type="md5">f13eae2425f1bf126f37bd3e3b51885a</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492119</idno> <affiliation ref="#struct-379528"></affiliation> </author> <editor role="depositor"> <persName> <forename>Hal</forename> <surname>Ifip</surname> </persName> <email type="md5">2073ac78024b6e13f2714db96e9b1e63</email> <email type="domain">inria.fr</email> </editor> </titleStmt> <editionStmt> <edition n="v1" type="current"> <date type="whenSubmitted">2017-02-17 15:02:28</date> <date type="whenModified">2017-02-17 15:16:28</date> <date type="whenReleased">2017-02-17 15:16:28</date> <date type="whenProduced">2013-04-25</date> <date type="whenEndEmbargoed">2016-01-01</date> <ref type="file" target="https://hal.inria.fr/hal-01470532/document"> <date notBefore="2016-01-01"></date> </ref> <ref type="file" subtype="author" n="1" target="https://hal.inria.fr/hal-01470532/file/978-3-642-37437-1_15_Chapter.pdf"> <date notBefore="2016-01-01"></date> </ref> </edition> <respStmt> <resp>contributor</resp> <name key="200187"> <persName> <forename>Hal</forename> <surname>Ifip</surname> </persName> <email type="md5">2073ac78024b6e13f2714db96e9b1e63</email> <email type="domain">inria.fr</email> </name> </respStmt> </editionStmt> <publicationStmt> <distributor>CCSD</distributor> <idno type="halId">hal-01470532</idno> <idno type="halUri">https://hal.inria.fr/hal-01470532</idno> <idno type="halBibtex">apostolopoulos:hal-01470532</idno> <idno type="halRefHtml">Christos Douligeris; Nineta Polemi; Athanasios Karantjias; Winfried Lamersdorf. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-399, pp.178-185, 2013, Collaborative, Trusted and Privacy-Aware e/m-Services. 〈10.1007/978-3-642-37437-1_15〉</idno> <idno type="halRef">Christos Douligeris; Nineta Polemi; Athanasios Karantjias; Winfried Lamersdorf. 12th Conference on e-Business, e-Services, and e-Society (I3E), Apr 2013, Athens, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-399, pp.178-185, 2013, Collaborative, Trusted and Privacy-Aware e/m-Services. 〈10.1007/978-3-642-37437-1_15〉</idno> <availability status="restricted"> <licence target="http://creativecommons.org/licenses/by/">Attribution</licence> </availability> </publicationStmt> <seriesStmt> <idno type="stamp" n="IFIP-WG" p="IFIP">IFIP-WG</idno> <idno type="stamp" n="IFIP-WG6-11" p="IFIP-WG">IFIP-WG6-11</idno> <idno type="stamp" n="IFIP-TC" p="IFIP">IFIP-TC</idno> <idno type="stamp" n="IFIP-TC6" p="IFIP-TC">IFIP-TC6</idno> <idno type="stamp" n="IFIP-I3E" p="IFIP">IFIP-I3E</idno> <idno type="stamp" n="IFIP-AICT-399" p="IFIP-AICT">IFIP-AICT-399</idno> <idno type="stamp" n="IFIP-AICT" p="IFIP">IFIP-AICT</idno> <idno type="stamp" n="IFIP">IFIP</idno> </seriesStmt> <notesStmt> <note type="commentary">Part 5: Adoption Issues in e/m-Services</note> <note type="audience" n="2">International</note> <note type="invited" n="0">No</note> <note type="popular" n="0">No</note> <note type="peer" n="1">Yes</note> <note type="proceedings" n="1">Yes</note> </notesStmt> <sourceDesc> <biblStruct> <analytic> <title xml:lang="en">Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices</title> <author role="aut"> <persName> <forename type="first">Dimitris</forename> <surname>Apostolopoulos</surname> </persName> <email type="md5">96d8bdb14fe6b30b35039a570aa5cee2</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492116</idno> <affiliation ref="#struct-379528"></affiliation> </author> <author role="aut"> <persName> <forename type="first">Giannis</forename> <surname>Marinakis</surname> </persName> <email type="md5">9005d3e1fd0b81843d0547c340d843b8</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492117</idno> <affiliation ref="#struct-379528"></affiliation> </author> <author role="aut"> <persName> <forename type="first">Christoforos</forename> <surname>Ntantogian</surname> </persName> <email type="md5">47efe7b37702bfa68f3ed9fdbd1a8098</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492118</idno> <affiliation ref="#struct-379528"></affiliation> </author> <author role="aut"> <persName> <forename type="first">Christos</forename> <surname>Xenakis</surname> </persName> <email type="md5">f13eae2425f1bf126f37bd3e3b51885a</email> <email type="domain">unipi.gr</email> <idno type="halauthorid">1492119</idno> <affiliation ref="#struct-379528"></affiliation> </author> </analytic> <monogr> <title level="m">IFIP Advances in Information and Communication Technology</title> <meeting> <title>12th Conference on e-Business, e-Services, and e-Society (I3E)</title> <date type="start">2013-04-25</date> <date type="end">2013-04-26</date> <settlement>Athens</settlement> <country key="GR">Greece</country> </meeting> <editor>Christos Douligeris</editor> <editor>Nineta Polemi</editor> <editor>Athanasios Karantjias</editor> <editor>Winfried Lamersdorf</editor> <imprint> <publisher>Springer</publisher> <biblScope unit="serie">Collaborative, Trusted and Privacy-Aware e/m-Services</biblScope> <biblScope unit="volume">AICT-399</biblScope> <biblScope unit="pp">178-185</biblScope> <date type="datePub">2013</date> </imprint> </monogr> <idno type="doi">10.1007/978-3-642-37437-1_15</idno> </biblStruct> </sourceDesc> <profileDesc> <langUsage> <language ident="en">English</language> </langUsage> <textClass> <keywords scheme="author"> <term xml:lang="en">Android</term> <term xml:lang="en">Android applications</term> <term xml:lang="en">mobile security</term> <term xml:lang="en">volatile memory acquisition</term> <term xml:lang="en">credentials discovery</term> </keywords> <classCode scheme="halDomain" n="info">Computer Science [cs]</classCode> <classCode scheme="halDomain" n="info.info-ni">Computer Science [cs]/Networking and Internet Architecture [cs.NI]</classCode> <classCode scheme="halTypology" n="COMM">Conference papers</classCode> </textClass> <abstract xml:lang="en">This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications.</abstract> <particDesc> <org type="consortium">TC 6</org> <org type="consortium">WG 6.11</org> </particDesc> </profileDesc> </hal></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Musique/explor/XenakisV1/Data/Hal/Corpus
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000010 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Hal/Corpus/biblio.hfd -nk 000010 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Musique
|area= XenakisV1
|flux= Hal
|étape= Corpus
|type= RBID
|clé= Hal:hal-01470532
|texte= Discovering Authentication Credentials in Volatile Memory of Android Mobile Devices
}}
| This area was generated with Dilib version V0.6.33. |  |