Toward a general collection methodology for Android devices

Vidas, Timothy; Zhang, Chengye; Christin, Nicolas

doi:10.1016/j.diin.2011.05.003

Cited by 128 publications

(84 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Several mobile phone forensic tools have been developed for specific operating systems such as Symbian [7], Windows Mobile [4] and Android [10]. However, since these tools are operating system dependent, they cannot be used to acquire data from Shanzhai phones.…”

Section: Related Workmentioning

confidence: 99%

Forensic Analysis of Pirated Chinese Shanzhai Mobile Phones

Fang

Jiang

Chow

et al. 2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Mobile phone use -and mobile phone piracy -have increased dramatically during the last decade. Because of the profits that can be made, more than four hundred pirated brands of mobile phones are available in China. These pirated phones, referred to as "Shanzhai phones," are often used by criminals because they are inexpensive and easy to obtain. However, the variety of pirated phones and the absence of documentation hinder the forensic analysis of these phones. This paper provides key details about the storage of the phonebook and call records in popular MediaTek Shanzhai mobile phones. This information can help investigators retrieve deleted call records and assist them in reconstructing the sequence of user activities.

show abstract

Section: Related Workmentioning

confidence: 99%

Forensic Analysis of Pirated Chinese Shanzhai Mobile Phones

Fang

Jiang

Chow

et al. 2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…Unlocking refers to gaining full access to the bootloader. This lets us replace the stock installation of the Android operating system on a phone with a custom version of the operating system (often referred to as a custom ROM) [45]. This will be required to disable the Touch to Beam UI as discussed in 4.4.6.…”

Section: Unlocking and Rooting The Phonementioning

confidence: 99%

Automating NFC message sending for good and evil

Brandt

Stamp

2014

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Automating NFC Message Sending for Good and Evil by Nikki Benecke BrandtNear Field Communication (NFC) is an emerging proximity wireless technology used for triggering automatic interactions between mobile devices. In standard NFC usage, one message is sent per device contact, then the devices must be physically separated and brought together again. In this paper, we present a mechanism for automatically sending multiple messages without any need to physically decouple the devices. After an introduction to NFC and related security issues, we discuss the motivation for-and an implementation of-an automation framework for sending repeated NFC messages without any need for human interaction. Then we consider how such an automated mechanism can be used for both a denial of service attack and as a platform for fuzz testing. We present experimental evidence on the efficacy of automated NFC as a vector for achieving these goals. We conclude with suggestions for future work and provide some overall insights.

show abstract

“…Taking advantage of kernel vulnerabilities, attacker acquires the ability to bypass system protection mechanisms and carry out some malicious behavior, such as gain root privilege and steal personal data. Privilege escalation attack, also known as root exploit, is the process of exploiting kernel vulnerabilities to obtain the highest privilege [3]. If a process gains the root privilege, it has access permission to access any data and obtains control over the whole system.…”

Section: Introductionmentioning

confidence: 99%

PtmxGuard: An Improved Method for Android Kernel to Prevent Privilege Escalation Attack

Kong

Liu

2017

ITM Web Conf.

View full text Add to dashboard Cite

Abstract-Vulnerabilities in Android kernel give opportunity for attacker to damage the system. Privilege escalation is one of the most dangerous attacks, as it helps attacker to gain root privilege by exploiting kernel vulnerabilities. Mitigation technologies, static detection methods and dynamic defense methods have been suggested to prevent privilege escalation attack, but they still have some disadvantages. In this paper, we propose an improved method named PtmxGuard to enhance Android kernel and defeat privilege escalation attack. We focus on a typical attack pattern that attacker hijacks the control flow of Android kernel to modify process credentials by corrupting critical global function pointers. PtmxGuard enforces Code Pointer Integrity to Android kernel, checks the accuracy and reliability of those pointers when they're triggered by related system calls, and intercepts the system calls when attack activities are detected. Experiment result demonstrates that PtmxGuard can defense privilege escalation attack effectively.

show abstract

Toward a general collection methodology for Android devices

Cited by 128 publications

References 8 publications

Forensic Analysis of Pirated Chinese Shanzhai Mobile Phones

Forensic Analysis of Pirated Chinese Shanzhai Mobile Phones

Automating NFC message sending for good and evil

PtmxGuard: An Improved Method for Android Kernel to Prevent Privilege Escalation Attack

Contact Info

Product

Resources

About