Abstract
This paper investigates whether authentication credentials in the volatile memory of Android mobile devices can be discovered using freely available tools. The experiments that we carried out for each application included two different sets: In the first set, our goal was to check if we could recover our own submitted credentials from the memory dump of the mobile device. In the second set of experiments, the goal was to find patterns that can indicate where the credentials are located in a memory dump of an Android device. The results revealed that the majority of the Android applications are vulnerable to credentials discovery even in case of applications that their security is critical, such as web banking and password manager applications. © IFIP International Federation for Information Processing 2013.
Author supplied keywords
Cite
CITATION STYLE
Apostolopoulos, D., Marinakis, G., Ntantogian, C., & Xenakis, C. (2013). Discovering authentication credentials in volatile memory of Android mobile devices. In IFIP Advances in Information and Communication Technology (Vol. 399, pp. 178–185). Springer New York LLC. https://doi.org/10.1007/978-3-642-37437-1_15
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
