OMFW 2013: Dalvik Memory Analysis and a Call to ARMs - Joe Syle
We wanted to highlight a few of the talks that will be presented at OMFW 2013:
Dalvik Memory Analysis and a Call to ARMs. Joe Sylve (@jtsylve) Managing Partner, 504ENSICS Labs
This talk will detail our DARPA Cyber Fast Track research effort for parsing Dalvik-level constructs from memory captures of Android devices. These include (at least) all of the built-in types, class names, statics, methods and variables, and similar information with values for object instances. In our effort we also have created, a free GUI-based browser, called Dalvik Inspector, with browsing, searching, and automated Volatility plugin generation capabilities for analysis of the raw parsed data. This tool facilitates deep, standalone analysis of application-internal structure. This talk will conclude with a discussion and appeal to the research community in regards to open research problems that need to be addressed in order to make Android memory analysis viable for the community at large.