Our session will cover an introduction to Android Rootkits, looking at how to use live memory forensics techniques and Dynamic Binary Instrumentation techniques to analyze the rootkits in Android, using applied machine learning to the memory forensics activity to produce actionable threat intel.

RSA® Conference, the world’s leading information security conferences and expositions, concluded its 30th annual event, which took place as a fully virtual experience this week. This year’s theme was Resilience, and in honor of all that the cybersecurity industry has accomplished over the past three decades, offered a must-attend celebration of thought leadership and education.


More than 20,000 people registered to view 449 sessions including, keynotes, track sessions, interactive programs, tutorials, seminars, and many special digital-first programs that focused on best practices and innovation. The content covered many of the industry’s most pressing topics, including privacy, machine learning and artificial intelligence, analytics, anti-fraud, policy and government, and risk management and governance.

Android Rootkits: Analysis from Userland and Kernelland

Conference: RSA Conference 2021

Abstract

Post a comment

Related work

New Memory Forensics Techniques to Defeat Device Monitoring Malware

Meticulously Modern Mobile Manipulations

Hiding Process Memory via Anti-Forensic Techniques

Death to the IOC: What's Next in Threat Intelligence

Demigod: The Art of Emulating Kernel Rootkits

A New Trend for the Blue Team - Using a Practical Symbolic Engine to Detect Evasive Forms of Malware/Ransomware