Davi, Lucas ; Dmitrienko, Alexandra ; Egele, Manuel ; Fischer, Thomas ; Holz, Thorsten ; Hund, Ralf ; Nürnberger, Stefan ; Sadeghi, Ahmad-Reza (2012)
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones.
Conference or Workshop Item
Abstract
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones.
In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application's source code. For our reference implementation we chose Apple's iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google's Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2012 |
| Creators: | Davi, Lucas ; Dmitrienko, Alexandra ; Egele, Manuel ; Fischer, Thomas ; Holz, Thorsten ; Hund, Ralf ; Nürnberger, Stefan ; Sadeghi, Ahmad-Reza |
| Type of entry: | Bibliographie |
| Title: | MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones |
| Language: | German |
| Date: | February 2012 |
| Book Title: | 19th Annual Network & Distributed System Security Symposium (NDSS) |
| Corresponding Links: | |
| Abstract: | Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 platform, there is no such a solution for smartphones. In this paper, we present a novel framework, MoCFI (Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by enforcing CFI. We show that CFI on typical smartphone platforms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86, as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application's source code. For our reference implementation we chose Apple's iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our framework is also applicable to other ARM-based devices such as Google's Android. Our performance evaluation demonstrates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications. |
| Uncontrolled Keywords: | Security;Secure Things;Secure Architectures |
| Identification Number: | TUD-CS-2012-0001 |
| Divisions: | 20 Department of Computer Science 20 Department of Computer Science > System Security Lab Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Date Deposited: | 04 Aug 2016 10:13 |
| Last Modified: | 03 Jun 2018 21:31 |
| PPN: | |
| Corresponding Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Send an inquiry |
Options (only for editors)
 |
Show editorial Details |
Drucken
Impressum