@sssgroup

CFI Goes Mobile: Control-Flow Integrity for Smartphones

, , , , , , , and . International Workshop on Trustworthy Embedded Devices (TrustED), (September 2011)

Abstract

Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.

Links and resources

Tags

community

  • @sss-group
  • @sssgroup
@sssgroup's tags highlighted