loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Alberto Magno Muniz Soares and Rafael Timóteo de Sousa Jr.

Affiliation: University of Brasília (UnB), Brazil

Keyword(s): Mobile Device Forensics, Memory Forensics, Memory Analysis, Android.

Abstract: This paper describes a technique for analysing objects in memory within the execution environment Android Runtime (ART) using a volatile memory data extraction. A study of the AOSP (Android Open Source Project) source code was necessary to understand the runtime environment used in the modern Android operating system, and software tools were developed allowing the location, extraction and interpretation of useful data for the forensic context. Built by the authors as extensions for the Volatility Framework, these tools help to locate, in a memory extraction from a device compliant with the ARM architecture, arbitrary instances of classes and their data properties.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 52.86.227.103

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Muniz Soares, A. and Jr., R. (2017). A Technique for Extraction and Analysis of Application Heap Objects within Android Runtime (ART). In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-209-7; ISSN 2184-4356, SciTePress, pages 147-156. DOI: 10.5220/0006204101470156

@conference{icissp17,
author={Alberto Magno {Muniz Soares}. and Rafael Timóteo de Sousa Jr..},
title={A Technique for Extraction and Analysis of Application Heap Objects within Android Runtime (ART)},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP},
year={2017},
pages={147-156},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006204101470156},
isbn={978-989-758-209-7},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP
TI - A Technique for Extraction and Analysis of Application Heap Objects within Android Runtime (ART)
SN - 978-989-758-209-7
IS - 2184-4356
AU - Muniz Soares, A.
AU - Jr., R.
PY - 2017
SP - 147
EP - 156
DO - 10.5220/0006204101470156
PB - SciTePress