Using open source tools to investigate malware in the Android operating system

  • Author(s) / Creator(s)
  • The Android operating system is increasingly exposed to a growing list of dangerous malware attacks, these attacks cost users and businesses. There is considerable research into Android malware detection, malware behavior, interaction and permissions. However, there is much less research effort around digital forensic on the Android platform, which has been the victim of the malware. Very recent enhancements to the open source Volatility framework
    make it a useful memory image forensic tool to investigate Android malware. Android memory forensics is immature, it is also complicated to conduct compared to other popular operating systems. In this paper, we explore and document the processes of building an open source Android forensics investigation environment, planting samples of Android malware, acquiring Android memory images of these samples and the forensic investigation of them. This research will facilitate future memory forensics investigation of Android systems and Android malware analysis.

  • Date created
  • Subjects / Keywords
  • Type of Item
    Research Material
  • DOI
  • License
    Attribution-NonCommercial 4.0 International