TU Darmstadt / ULB / TUbiblio

MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones

Davi, Lucas ; Dmitrienko, Alexandra ; Egele, Manuel ; Fischer, Thomas ; Holz, Thorsten ; Hund, Ralf ; Nürnberger, Stefan ; Sadeghi, Ahmad-Reza (2012)
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones.
Conference or Workshop Item, Bibliographie

Abstract

Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones.

In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application's source code. For our reference implementation we chose Apple's iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google's Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.

Item Type: Conference or Workshop Item
Erschienen: 2012
Creators: Davi, Lucas ; Dmitrienko, Alexandra ; Egele, Manuel ; Fischer, Thomas ; Holz, Thorsten ; Hund, Ralf ; Nürnberger, Stefan ; Sadeghi, Ahmad-Reza
Type of entry: Bibliographie
Title: MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones
Language: German
Date: February 2012
Book Title: 19th Annual Network & Distributed System Security Symposium (NDSS)
Corresponding Links:
Abstract:

Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones.

In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application's source code. For our reference implementation we chose Apple's iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google's Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.

Uncontrolled Keywords: Security;Secure Things;Secure Architectures
Identification Number: TUD-CS-2012-0001
Divisions: 20 Department of Computer Science
20 Department of Computer Science > System Security Lab
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Date Deposited: 04 Aug 2016 10:13
Last Modified: 03 Jun 2018 21:31
PPN:
Corresponding Links:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details