TY - CHAP AU - Müller, T. AU - Spreitzenbarth, M. PY - 2013 DA - 2013// TI - FROST: forensic recovery of scrambled telephones BT - Proceedings of the 11th International Conference on Applied Cryptography and Network Security. ACNS’13 PB - Springer CY - Berlin, Heidelberg ID - Müller2013 ER - TY - STD TI - Evaluating the privacy of Android mobile applications under forensic analysis. Comput. Secur. 42:, 66–76 (2014). doi:http://dx.doi.org/10.1016/j.cose.2014.01.004. http://www.sciencedirect.com/science/article/pii/S0167404814000157. UR - http://www.sciencedirect.com/science/article/pii/S0167404814000157 ID - ref2 ER - TY - BOOK AU - Pettersson, T. PY - 2007 DA - 2007// TI - Cryptographic key recovery from Linux memory dumps PB - Presentation, Chaos Communication Camp CY - Finowfurt near Berlin, Germany ID - Pettersson2007 ER - TY - CHAP AU - Gutmann, P. e. t. e. r. PY - 2001 DA - 2001// TI - Data remanence in semiconductor devices BT - Proceedings of the 10th Conference on USENIX Security Symposium - Vol. 10. SSYM’01 PB - USENIX Association CY - Berkeley, CA, USA ID - Gutmann2001 ER - TY - CHAP AU - Gruhn, M. AU - Müller, T. PY - 2013 DA - 2013// TI - On the practicability of cold boot attacks BT - Eighth International Conference on Availability, Reliability and Security (ARES ’13) PB - IEEE Computer Society CY - Washington, DC, USA UR - https://doi.org/10.1109/ARES.2013.52 DO - 10.1109/ARES.2013.52 ID - Gruhn2013 ER - TY - STD TI - ARM security technology: building a secure system using TrustZone technology. http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. Accessed Dec 2015. UR - http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf ID - ref6 ER - TY - CHAP AU - Agarwal, R. AU - Kothari, S. PY - 2015 DA - 2015// TI - Review of digital forensic investigation frameworks BT - Information Science and Applications. Lecture Notes in Electrical Engineering, vol. 339 PB - Springer CY - Berlin, Heidelberg ID - Agarwal2015 ER - TY - BOOK AU - Hoog, A. PY - 2011 DA - 2011// TI - Android forensics: investigation, analysis and mobile security for Google Android PB - Elsevier CY - Amsterdam, Netherlands ID - Hoog2011 ER - TY - CHAP AU - Chan, E. M. AU - Carlyle, J. C. AU - David, F. M. AU - Farivar, R. AU - Campbell, R. H. PY - 2008 DA - 2008// TI - BootJacker: Compromising computers using forced restarts BT - Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS ’08 PB - ACM CY - New York, NY, USA UR - https://doi.org/10.1145/1455770.1455840 DO - 10.1145/1455770.1455840 ID - Chan2008 ER - TY - JOUR AU - Haldermanand, A. J. AU - Schoen, S. D. AU - Heninger, N. AU - William, C. AU - William, P. AU - Calandrino, J. A. AU - Feldman, A. J. AU - Appelbaum, J. AU - Felten, E. W. PY - 2009 DA - 2009// TI - Lest we remember: cold-boot attacks on encryption keys JO - Commun. ACM VL - 52 UR - https://doi.org/10.1145/1506409.1506429 DO - 10.1145/1506409.1506429 ID - Haldermanand2009 ER - TY - STD TI - Center for Information Technology Policy at Princeton University, Memory Research Project Source Code (2015). https://citp.princeton.edu/research/memory/code. UR - https://citp.princeton.edu/research/memory/code ID - ref11 ER - TY - STD TI - J Sylve, Android Mind Reading: Memory Acquisition and Analysis with DMD and Volatility. ShmooCon’12 (2012). ID - ref12 ER - TY - STD TI - Azimuth Security: Dan Rosenberg: Re-visiting the Exynos memory mapping bug. http://blog.azimuthsecurity.com/2013/02/re-visiting-exynos-memory-mapping-bug.html. Accessed Dec 2015. UR - http://blog.azimuthsecurity.com/2013/02/re-visiting-exynos-memory-mapping-bug.html ID - ref13 ER - TY - CHAP AU - Devine, C. AU - Vissian, G. PY - 2009 DA - 2009// TI - Compromission physique par le bus PCI BT - Proceedings of SSTIC ’09 PB - Thales Security Systems CY - Ulm, Germany ID - Devine2009 ER - TY - STD TI - M Becher, M Dornseif, CN Klein, in CanSecWest. FireWire: all your memory are belong to us, (2005). ID - ref15 ER - TY - STD TI - C Maartmann-Moe, Adventures with Daisy in Thunderbolt-DMA-land: Hacking Macs through the Thunderbolt interface (2012). http://www.breaknenter.org/2012/02/adventures-with-daisy-in-thunderbolt-dma-land-hacking-macs-through-the-thunderbolt-interface. UR - http://www.breaknenter.org/2012/02/adventures-with-daisy-in-thunderbolt-dma-land-hacking-macs-through-the-thunderbolt-interface ID - ref16 ER - TY - CHAP AU - Weinmann, R. -. P. PY - 2012 DA - 2012// TI - Baseband attacks: remote exploitation of memory corruptions in cellular protocol stacks BT - Proceedings of the 6th USENIX Conference on Offensive Technologies. WOOT’12 PB - USENIX Association CY - Berkeley, CA, USA ID - Weinmann2012 ER - TY - STD TI - Rocker team flashing interface: RIFF Box. http://riffbox.org. Accessed Dec 2015. UR - http://riffbox.org ID - ref18 ER - TY - STD TI - VLL Thing, K-Y Ng, E-C Chang. Live memory forensics of mobile phones, vol. 7 (ElsevierAmsterdam, Netherlands, 2010), pp. 74–82. ID - ref19 ER - TY - CHAP AU - Apostolopoulos, D. AU - Marinakis, G. AU - Ntantogian, C. AU - Xenakis, C. PY - 2013 DA - 2013// TI - Discovering authentication credentials in volatile memory of Android mobile devices BT - Collaborative, Trusted and Privacy-Aware e/m-Services. IFIP Advances in Information and Communication Technology, volu. 399 PB - Springer CY - Berlin, Heidelberg ID - Apostolopoulos2013 ER - TY - CHAP AU - Hilgers, C. AU - Macht, H. AU - Müller, T. AU - Spreitzenbarth, M. PY - 2014 DA - 2014// TI - Post-mortem memory analysis of cold-booted android devices BT - Proceedings of the 2014 Eighth International Conference on IT Security Incident Management & IT Forensics. IMF ’14 PB - IEEE Computer Society CY - Washington, DC, USA ID - Hilgers2014 ER - TY - JOUR AU - Sylve, J. AU - Case, A. AU - Marziale, L. AU - Richard, G. G. PY - 2012 DA - 2012// TI - Acquisition and analysis of volatile memory from android devices JO - Digital Invest VL - 8 UR - https://doi.org/10.1016/j.diin.2011.10.003 DO - 10.1016/j.diin.2011.10.003 ID - Sylve2012 ER - TY - CHAP AU - Müller, T. AU - Freiling, F. C. AU - Dewald, A. PY - 2011 DA - 2011// TI - TRESOR runs encryption securely outside RAM BT - Proceedings of the 20th USENIX Conference on Security. SEC’11 PB - USENIX Association CY - Berkeley, CA, USA ID - Müller2011 ER - TY - CHAP AU - Götzfried, J. AU - Müller, T. PY - 2013 DA - 2013// TI - ARMORED: CPU-bound encryption for Android-driven ARM devices BT - Proceedings of the 2013 International Conference on Availability, Reliability and Security. ARES ’13 PB - IEEE Computer Society CY - Washington, DC, USA UR - https://doi.org/10.1109/ARES.2013.23 DO - 10.1109/ARES.2013.23 ID - Götzfried2013 ER - TY - CHAP AU - Müller, T. AU - Taubmann, B. AU - Freiling, F. C. PY - 2012 DA - 2012// TI - TreVisor: OS-independent software-based full disk encryption secure against main memory attacks BT - Proceedings of the 10th International Conference on Applied Cryptography and Network Security. ACNS’12 PB - Springer CY - Berlin, Heidelberg ID - Müller2012 ER - TY - CHAP AU - Skillen, A. AU - Barrera, D. AU - van Oorschot, P. C. PY - 2013 DA - 2013// TI - Deadbolt: Locking down Android disk encryption BT - Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. SPSM ’13 PB - ACM CY - New York, NY, USA UR - https://doi.org/10.1145/2516760.2516771 DO - 10.1145/2516760.2516771 ID - Skillen2013 ER - TY - CHAP AU - Colp, P. AU - Zhang, J. AU - Gleeson, J. AU - Suneja, S. AU - de Lara, E. AU - Raj, H. AU - Saroiu, S. AU - Wolman, A. PY - 2015 DA - 2015// TI - Protecting data on smartphones and tablets from memory attacks BT - Proceedings of the 20th Int. Conference on Architectural Support for Programming Languages and Operating Systems. ASPLOS ’15 PB - ACM CY - New York, NY, USA ID - Colp2015 ER - TY - CHAP AU - Zhang, N. AU - Sun, K. AU - Lou, W. AU - Hou, S. AU - Jajodia, Y. T. PY - 2015 DA - 2015// TI - Now you see me: hide and seek in physical address space BT - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ASIA CCS ’15 PB - ACM CY - New York, NY, USA ID - Zhang2015 ER - TY - STD TI - R Carbone, C Bean, M Salois, An In-Depth Analysis of the Cold Boot Attack: Can It Be Used for Sound Forensic Memory Acquisition? (2011). ID - ref29 ER - TY - CHAP AU - Chen, P. M. AU - Noble, B. D. PY - 2001 DA - 2001// TI - When virtual is better than real BT - Proceedings of the Eighth Workshop on Hot Topics in Operating Systems. HOTOS ’01 PB - IEEE Computer Society CY - Washington, DC, USA UR - https://doi.org/10.1109/HOTOS.2001.990073 DO - 10.1109/HOTOS.2001.990073 ID - Chen2001 ER - TY - STD TI - The Volatility Foundation: open source memory forensics. http://volatilityfoundation.org. Accessed Dec 2015. UR - http://volatilityfoundation.org ID - ref31 ER - TY - STD TI - Joey Hewitt: GitHub - Scintill/keysearch: Search an Android RAM dump for Linux Dm-crypt (incl. LUKS/cryptsetup) Keys. https://github.com/scintill/keysearch. Accessed Dec 2015. UR - https://github.com/scintill/keysearch ID - ref32 ER - TY - STD TI - CyanogenMod: CyanogenMod Android kernel Samsung Jf. https://github.com/CyanogenMod/android_kernel_samsung_jf. Accessed Dec 2015. UR - https://github.com/CyanogenMod/android_kernel_samsung_jf ID - ref33 ER - TY - STD TI - Glass Echidna: Heimdall. http://glassechidna.com.au/heimdall. Accessed Dec 2015. UR - http://glassechidna.com.au/heimdall ID - ref34 ER - TY - STD TI - XDA Developers: What is the Samsung Anyway Jig?http://xda-developers.com/what-is-the-samsung-anyway-jig. Accessed Dec 2015. UR - http://xda-developers.com/what-is-the-samsung-anyway-jig ID - ref35 ER - TY - STD TI - Google: ADB Fastboot Install - A script to install ADB & Fastboot on Mac OS X and/or Linux. https://code.google.com/p/adb-fastboot-install. Accessed Dec 2015. UR - https://code.google.com/p/adb-fastboot-install ID - ref36 ER - TY - STD TI - S Lindenlauf, H Hofken, M Schuba, in 10th International Conference on Availability, Reliability and Security (ARES ’15). Cold boot attacks on DDR2 and DDR3 SDRAM (IEEE, 2015), pp. 287–292. http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=7299495. UR - http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=7299495 ID - ref37 ER - TY - CHAP AU - Huber, M. AU - Horsch, J. AU - Velten, M. AU - Weiß, M. AU - Wessel, S. PY - 2015 DA - 2015// TI - A secure architecture for operating system-level virtualization on mobile devices BT - 11th International Conf. on Information Security and Cryptology - Inscrypt PB - Springer CY - Berlin, Heidelberg ID - Huber2015 ER - TY - STD TI - CodeAurora Forum: (l)ittle (k)ernel based Android bootloader. https://codeaurora.org/blogs/little-kernel-based-android-bootloader. Accessed Dec 2015. UR - https://codeaurora.org/blogs/little-kernel-based-android-bootloader ID - ref39 ER -