Davi, Lucas ; Dmitrienko, Alexandra ; Egele, Manuel ; Fischer, Thomas ; Holz, Thorsten ; Hund, Ralf ; Nürnberger, Stefan ; Sadeghi, Ahmad-Reza (2012)
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones.
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones.
In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application's source code. For our reference implementation we chose Apple's iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google's Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2012 |
| Autor(en): | Davi, Lucas ; Dmitrienko, Alexandra ; Egele, Manuel ; Fischer, Thomas ; Holz, Thorsten ; Hund, Ralf ; Nürnberger, Stefan ; Sadeghi, Ahmad-Reza |
| Art des Eintrags: | Bibliographie |
| Titel: | MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones |
| Sprache: | Deutsch |
| Publikationsjahr: | Februar 2012 |
| Buchtitel: | 19th Annual Network & Distributed System Security Symposium (NDSS) |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones. In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application's source code. For our reference implementation we chose Apple's iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google's Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications. |
| Freie Schlagworte: | Security;Secure Things;Secure Architectures |
| ID-Nummer: | TUD-CS-2012-0001 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 04 Aug 2016 10:13 |
| Letzte Änderung: | 03 Jun 2018 21:31 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum