On return oriented programming threats in Android runtime

On return oriented programming threats in Android runtime

Android has taken a large share of operating systems forsmart devices including smartphones, and has been an attractive target to theattackers. The arms race between attackers and defenders typically occurs ontwo front lines — the latest attacking technology and the latest updates to theoperating sy...

Full description

Saved in:
Bibliographic Details
Main Authors: RAJA, Akshaya Venkateswara, LEE, Jehyun, GAO, Debin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2017
Subjects:
Android Runtime
Return-Oriented Programming
Software attacks
Information Security
OS and Networks
Online Access:https://ink.library.smu.edu.sg/sis_research/4023
https://ink.library.smu.edu.sg/context/sis_research/article/5025/viewcontent/pst17__1_.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-5025
record_format dspace
spelling sg-smu-ink.sis_research-50252018-05-28T03:57:26Z On return oriented programming threats in Android runtime RAJA, Akshaya Venkateswara LEE, Jehyun GAO, Debin Android has taken a large share of operating systems forsmart devices including smartphones, and has been an attractive target to theattackers. The arms race between attackers and defenders typically occurs ontwo front lines — the latest attacking technology and the latest updates to theoperating system (including defense mechanisms deployed). In terms of attackingtechnology, Return-Oriented Programming (ROP) is one of the most sophisticatedattack methods on Android devices. In terms of the operating system updates,Android Runtime (ART) was the latest and biggest change to the Android family.In this paper, we investigate the extent to which Android Runtime (ART) makesReturn-Oriented Programming (ROP) attacks easier or more difficulty. Inparticular, we show that by updating system libraries and adoptingAhead-of-Time compiling instead of Justin-Time compiling in the ARTarchitecture, a larger number and more diverse gadgets are disclosed to ROPattackers, which serve as direct ingredients to ROP attacks. We show thatbetween three and six times more gadgets are found on the ART adopted versionsof Android due to the new ART runtime. Moreover, in constrained situationswhere an attacker requires specific instructions and target registers, Androidrunning ART provides up to 30% more conditional coverage than pre-ART Androiddoes. We additionally demonstrate a sample ROP attack on postART Android thatwould not have been possible on pre-ART Android. 2017-08-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4023 info:doi/10.1109/PST.2017.00038 https://ink.library.smu.edu.sg/context/sis_research/article/5025/viewcontent/pst17__1_.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android Runtime Return-Oriented Programming Software attacks Information Security OS and Networks
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Android Runtime
Return-Oriented Programming
Software attacks
Information Security
OS and Networks
spellingShingle Android Runtime
Return-Oriented Programming
Software attacks
Information Security
OS and Networks
RAJA, Akshaya Venkateswara
LEE, Jehyun
GAO, Debin
On return oriented programming threats in Android runtime
description Android has taken a large share of operating systems forsmart devices including smartphones, and has been an attractive target to theattackers. The arms race between attackers and defenders typically occurs ontwo front lines — the latest attacking technology and the latest updates to theoperating system (including defense mechanisms deployed). In terms of attackingtechnology, Return-Oriented Programming (ROP) is one of the most sophisticatedattack methods on Android devices. In terms of the operating system updates,Android Runtime (ART) was the latest and biggest change to the Android family.In this paper, we investigate the extent to which Android Runtime (ART) makesReturn-Oriented Programming (ROP) attacks easier or more difficulty. Inparticular, we show that by updating system libraries and adoptingAhead-of-Time compiling instead of Justin-Time compiling in the ARTarchitecture, a larger number and more diverse gadgets are disclosed to ROPattackers, which serve as direct ingredients to ROP attacks. We show thatbetween three and six times more gadgets are found on the ART adopted versionsof Android due to the new ART runtime. Moreover, in constrained situationswhere an attacker requires specific instructions and target registers, Androidrunning ART provides up to 30% more conditional coverage than pre-ART Androiddoes. We additionally demonstrate a sample ROP attack on postART Android thatwould not have been possible on pre-ART Android.
format text
author RAJA, Akshaya Venkateswara
LEE, Jehyun
GAO, Debin
author_facet RAJA, Akshaya Venkateswara
LEE, Jehyun
GAO, Debin
author_sort RAJA, Akshaya Venkateswara
title On return oriented programming threats in Android runtime
title_short On return oriented programming threats in Android runtime
title_full On return oriented programming threats in Android runtime
title_fullStr On return oriented programming threats in Android runtime
title_full_unstemmed On return oriented programming threats in Android runtime
title_sort on return oriented programming threats in android runtime
publisher Institutional Knowledge at Singapore Management University
publishDate 2017
url https://ink.library.smu.edu.sg/sis_research/4023
https://ink.library.smu.edu.sg/context/sis_research/article/5025/viewcontent/pst17__1_.pdf
_version_ 1770574133894053888

Similar Items