On return oriented programming threats in Android runtime

Android has taken a large share of operating systems forsmart devices including smartphones, and has been an attractive target to theattackers. The arms race between attackers and defenders typically occurs ontwo front lines — the latest attacking technology and the latest updates to theoperating sy...

Full description

Saved in:
Bibliographic Details
Main Authors: RAJA, Akshaya Venkateswara, LEE, Jehyun, GAO, Debin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2017
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/4023
https://ink.library.smu.edu.sg/context/sis_research/article/5025/viewcontent/pst17__1_.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Android has taken a large share of operating systems forsmart devices including smartphones, and has been an attractive target to theattackers. The arms race between attackers and defenders typically occurs ontwo front lines — the latest attacking technology and the latest updates to theoperating system (including defense mechanisms deployed). In terms of attackingtechnology, Return-Oriented Programming (ROP) is one of the most sophisticatedattack methods on Android devices. In terms of the operating system updates,Android Runtime (ART) was the latest and biggest change to the Android family.In this paper, we investigate the extent to which Android Runtime (ART) makesReturn-Oriented Programming (ROP) attacks easier or more difficulty. Inparticular, we show that by updating system libraries and adoptingAhead-of-Time compiling instead of Justin-Time compiling in the ARTarchitecture, a larger number and more diverse gadgets are disclosed to ROPattackers, which serve as direct ingredients to ROP attacks. We show thatbetween three and six times more gadgets are found on the ART adopted versionsof Android due to the new ART runtime. Moreover, in constrained situationswhere an attacker requires specific instructions and target registers, Androidrunning ART provides up to 30% more conditional coverage than pre-ART Androiddoes. We additionally demonstrate a sample ROP attack on postART Android thatwould not have been possible on pre-ART Android.