- -

SSPFA: Effective Stack Smashing Protection for Android OS

RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia

Compartir/Enviar a

Citas

Estadísticas

  • Estadisticas de Uso

SSPFA: Effective Stack Smashing Protection for Android OS

Mostrar el registro sencillo del ítem

Ficheros en el ítem

Thumbnail
Nombre: Marco;Ripoll - ...
Tamaño: 954.6Kb
Formato: PDF
Descripción: Versión editorial
Abrir
dc.contributor.author Marco Gisbert, Héctor es_ES
dc.contributor.author Ripoll Ripoll, José Ismael es_ES
dc.date.accessioned 2020-09-24T12:28:30Z
dc.date.available 2020-09-24T12:28:30Z
dc.date.issued 2019-08 es_ES
dc.identifier.issn 1615-5262 es_ES
dc.identifier.uri http://hdl.handle.net/10251/150623
dc.description.abstract [EN] In this paper, we detail why the stack smashing protector (SSP), one of the most effective techniques to mitigate stack bufferoverflow attacks, fails to protect the Android operating system and thus causes a false sense of security that affects all Androiddevices. We detail weaknesses of existing SSP implementations, revealing that current SSP is not secure. We propose SSPFA,the first effective and practical SSP for Android devices. SSPFA provides security against stack buffer overflows withoutchanging the underlying architecture. SSPFA has been implemented and tested on several real devices showing that it is notintrusive, and it is binary-compatible with Android applications. Extensive empirical validation has been carried out over theproposed solution. es_ES
dc.description.sponsorship This work was partially funded by Universitat Politecnica de Valencia (Grant No. 20160251-ASLR-NG). es_ES
dc.language Inglés es_ES
dc.publisher Springer-Verlag es_ES
dc.relation.ispartof International Journal of Information Security es_ES
dc.rights Reserva de todos los derechos es_ES
dc.subject Security es_ES
dc.subject Buffer overflow es_ES
dc.subject Stack smashing protector es_ES
dc.subject Mobile devices es_ES
dc.subject Android es_ES
dc.subject Defenses es_ES
dc.subject.classification ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES es_ES
dc.title SSPFA: Effective Stack Smashing Protection for Android OS es_ES
dc.type Artículo es_ES
dc.identifier.doi 10.1007/s10207-018-00425-8 es_ES
dc.relation.projectID info:eu-repo/grantAgreement/UPV//20160251-ASLR-NG/ es_ES
dc.rights.accessRights Abierto es_ES
dc.contributor.affiliation Universitat Politècnica de València. Departamento de Informática de Sistemas y Computadores - Departament d'Informàtica de Sistemes i Computadors es_ES
dc.description.bibliographicCitation Marco Gisbert, H.; Ripoll Ripoll, JI. (2019). SSPFA: Effective Stack Smashing Protection for Android OS. International Journal of Information Security. 18(4):519-532. https://doi.org/10.1007/s10207-018-00425-8 es_ES
dc.description.accrualMethod S es_ES
dc.relation.publisherversion https://doi.org/10.1007/s10207-018-00425-8 es_ES
dc.description.upvformatpinicio 519 es_ES
dc.description.upvformatpfin 532 es_ES
dc.type.version info:eu-repo/semantics/publishedVersion es_ES
dc.description.volume 18 es_ES
dc.description.issue 4 es_ES
dc.relation.pasarela S\376440 es_ES
dc.contributor.funder Universitat Politècnica de València es_ES
dc.description.references Buchanan, W.J., Chiale, S., Macfarlane, R.: A methodology for the security evaluation within third-party android marketplaces. Digit. Investig. 23(Supplement C), 88–98 (2017). https://doi.org/10.1016/j.diin.2017.10.002 es_ES
dc.description.references Tian, D., Jia, X., Chen, J., Hu, C., Xue, J.: A practical online approach to protecting kernel heap buffers in kernel modules. China Commun. 1, 143–152 (2016) es_ES
dc.description.references One, A.: Smashing the stack for fun and profit. Phrack, 7(49) (1996) es_ES
dc.description.references Younan, Y., Pozza, D., Piessens, F., Joosen, W.: Extended protection against stack smashing attacks without performance loss. In: In Proceedings of ACSAC (2006) es_ES
dc.description.references Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow Integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, Series CCS ’05, pp. 340–353. ACM, New York (2005). https://doi.org/10.1145/1102120.1102165 es_ES
dc.description.references Wartell, R., Mohan, V., Hamlen, K.W., Lin, Z.: Binary stirring: self-randomizing instruction addresses of legacy x86 binary code. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, Series CCS ’12, pp. 157–168. ACM, New York (2012). https://doi.org/10.1145/2382196.2382216 es_ES
dc.description.references Roglia, G.F., Martignoni, L., Paleari, R., Bruschi, D.: Surgically returning to randomized lib(c). In: Proceedings of the 2009 Annual Computer Security Applications Conference, Series ACSAC ’09, pp. 60–69. IEEE Computer Society, Washington (2009). https://doi.org/10.1109/ACSAC.2009.16 es_ES
dc.description.references Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-oriented programming: systems, languages, and applications. ACM Trans. Inf. Syst. Secur. 15(1), 2:1–2:34 (2012). https://doi.org/10.1145/2133375.2133377 es_ES
dc.description.references Pappas, V., Polychronakis, M., Keromytis, A.: Smashing the gadgets: hindering return-oriented programming using in-place code randomization. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 601–615 (2012) es_ES
dc.description.references S. R. to Thwart Return Oriented Programming in Embedded Systems, Stack Redundancy to Thwart Return Oriented Programming in Embedded Systems, IEEE Embedded Systems Letters, vol. (first on-line), pp. 1–1 (2018) es_ES
dc.description.references Moula, V., Niksefat, S.: ROPK++: an enhanced ROP attack detection framework for Linux operating system. In: International Conference on Cyber Security And Protection Of Digital Services (Cyber Security). IEEE (2017) es_ES
dc.description.references Das, S., Zhang, W., Liu, Y.: A fine-grained control flow integrity approach against runtime memory attacks for embedded systems. IEEE Trans. Very Large Scale Integr. VLSI Syst. 25, 3193–3207 (2016) es_ES
dc.description.references Alam, M., Roy, D.B., Bhattacharya, S., Govindan, V., Chakraborty, R.S., Mukhopadhyay, D.: SmashClean: a hardware level mitigation to stack smashing attacks in OpenRISC. In: ACM/IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE), pp. 1–4. IEEE (2016) es_ES
dc.description.references Kananizadeh, S., Kononenko, K.: Development of dynamic protection against timing channels. Int. J. Inf. Secur. 16, 641–651 (2017) es_ES
dc.description.references Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a board range of memory error exploits. In: Proceedings of the 12th Conference on USENIX Security Symposium—volume 12, Series SSYM’03, p. 8. USENIX Association, Berkeley (2003). http://dl.acm.org/citation.cfm?id=1251353.1251361 . Accessed 18 Jan 2019 es_ES
dc.description.references Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.-R.: Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 574–588. IEEE (2013) es_ES
dc.description.references Kumar, K.S., Kisore, N.R.: Protection against buffer overflow attacks through runtime memory layout randomization. In: International Conference on Information Technology (ICIT). IEEE (2014) es_ES
dc.description.references Oberheide, J.: A look at ASLR in Android ice cream sandwich 4.0 (2012). https://www.duosecurity.com/blog/a-look-at-aslr-in-android-ice-cream-sandwich-4-0 . Accessed 18 Jan 2019 es_ES
dc.description.references Zabrocki, A.P.: Scraps of notes on remote stack overflow exploitation (2010). http://www.phrack.org/issues.html?issue=67&id=13#article . Accessed 18 Jan 2019 es_ES
dc.description.references Saito, T., Watanabe, R., Kondo, S., Sugawara, S., Yokoyama, M.: A survey of prevention/mitigation against memory corruption attacks. In: 19th International Conference on Network-Based Information Systems (NBiS). IEEE (2016) es_ES
dc.description.references Meike, G.B.: Inside the Android OS: Building, Customizing, Managing and Operating Android System Services, illustrated ed., P. Education, Ed. Pearson Education, vol. 1 (2018). https://www.amazon.com/Inside-Android-OS-Customizing-Operating/dp/0134096347?SubscriptionId=0JYN1NVW651KCA56C102&tag=techkie-20&linkCode=xm2&camp=2025&creative=165953&creativeASIN=0134096347 . Accessed 18 Jan 2019 es_ES
dc.description.references Cowan, C., Pu, C., Maier, D., Hintongif, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX Security Symposium, pp. 63–78 (1998) es_ES
dc.description.references ’xorl’: Linux GLibC stack canary values (2010). http://xorl.wordpress.com/2010/10/14/linux-glibc-stack-canary-values/ . Accessed 18 Jan 2019 es_ES
dc.description.references Lee, B., Lu, L., Wang, T., Kim, T., Lee, W.: From zygote to morula: fortifying weakened ASLR on Android. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, Series SP ’14, pp. 424–439. IEEE Computer Society, Washington (2014). https://doi.org/10.1109/SP.2014.34 es_ES
dc.description.references Miller, D.: Security measures in OpenSSH (2007). http://www.openbsd.org/papers/openssh-measures-asiabsdcon2007-slides.pdf . Accessed 18 Jan 2019 es_ES
dc.description.references Molnar, I.: Exec shield, new Linux security feature (2003). https://lwn.net/Articles/31032/ . Accessed 18 Jan 2019 es_ES
dc.description.references Wagle, P., Cowan, C.: StackGuard: simple stack smash protection for GCC. In: Proceedings of the GCC Developers Summit, pp. 243–256 (2003) es_ES
dc.description.references Etoh, H.: GCC extension for protecting applications from stack-smashing attacks (ProPolice) (2003). http://www.trl.ibm.com/projects/security/ssp/ . Accessed 18 Jan 2019 es_ES
dc.description.references Erb, C., Collins, M., Greathouse, J. L.: Dynamic buffer overflow detection for GPGPUs. In: IEEE/ACM International Symposium on Code Generation and Optimization (CGO), pp. 61–73 IEEE (2017) es_ES
dc.description.references Molnar, I.: Stackprotector updates for v3.14 (2014). https://lwn.net/Articles/584278/ es_ES
dc.description.references Shen, H.: Add a new option “-fstack-protector-strong” (2012). http://gcc.gnu.org/ml/gcc-patches/2012-06/msg00974.html . Accessed 18 Jan 2019 es_ES
dc.description.references Guan, X., Ji, J., Jiang, J., Zhang, S.: Stack overflow protection device, method, and related compiler and computing device, August 22 2013, uS Patent App. 13/772,858. https://www.google.com/patents/US20130219373 . Accessed 18 Jan 2019 es_ES
dc.description.references Backes, M., Bugiel, S., Derr, E.: Reliable third-party library detection in Android and its security applications. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Series. CCS ’16, pp. 356–367. ACM, New York (2016) es_ES
dc.description.references Greenberg, A.: SC magazine: trojanized Android apps steal authentication tokens, put accounts at risk (2014). www.scmagazine.com/trojanized-android-apps-steal-authentication-tokens-put-accounts-at-risk/article/342208/ es_ES
dc.description.references Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Conference on Security, Series SEC’11, pp. 21–21. USENIX Association, Berkeley (2011) http://dl.acm.org/citation.cfm?id=2028067.2028088 . Accessed 18 Jan 2019 es_ES
dc.description.references Poll: How often do you reboot? (2014). http://www.androidcentral.com/poll-how-often-do-you-reboot . Accessed 18 Jan 2019 es_ES
dc.description.references Wang, H., Li, H., Li, L., Guo, Y., Xu, G.: Why are android apps removed from Google play? A large-scale empirical study. In Proceedings of the 15th International Conference on Mining Software Repositories, Series MSR ’18, pp. 231–242. ACM, New York (2018). http://doi.acm.org/10.1145/3196398.3196412 es_ES
dc.description.references Marco-Gisbert, H., Ripoll, I.: Preventing brute force attacks against stack canary protection on networking servers. In: 12th International Symposium on Network Computing and Applications, pp. 243–250 (2013) es_ES
dc.description.references Petsios, T., Kemerlis, V.P., Polychronakis, M., Keromytis, A.D.: DynaGuard: armoring canary-based protections against brute-force attacks. In: Proceedings of the 31st Annual Computer Security Applications Conference, Series ACSAC 2015, pp. 351–360. ACM, New York (2015). http://doi.acm.org/10.1145/2818000.2818031 es_ES
dc.subject.ods 08.- Fomentar el crecimiento económico sostenido, inclusivo y sostenible, el empleo pleno y productivo, y el trabajo decente para todos es_ES


Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem