SSPFA: Effective Stack Smashing Protection for Android OS

SSPFA: Effective Stack Smashing Protection for Android OS

[EN] In this paper, we detail why the stack smashing protector (SSP), one of the most effective techniques to mitigate stack bufferoverflow attacks, fails to protect the Android operating system and thus causes a false sense of security that affects all Androiddevices. We detail weaknesses of existi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Marco Gisbert, Héctor, Ripoll Ripoll, José Ismael
Format: Artikel
Sprache:eng
Schlagworte:
08.- Fomentar el crecimiento económico sostenido, inclusivo y sostenible, el empleo pleno y productivo, y el trabajo decente para todos
Android
ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES
Buffer overflow
Defenses
Mobile devices
Security
Stack smashing protector
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:[EN] In this paper, we detail why the stack smashing protector (SSP), one of the most effective techniques to mitigate stack bufferoverflow attacks, fails to protect the Android operating system and thus causes a false sense of security that affects all Androiddevices. We detail weaknesses of existing SSP implementations, revealing that current SSP is not secure. We propose SSPFA,the first effective and practical SSP for Android devices. SSPFA provides security against stack buffer overflows withoutchanging the underlying architecture. SSPFA has been implemented and tested on several real devices showing that it is notintrusive, and it is binary-compatible with Android applications. Extensive empirical validation has been carried out over theproposed solution. This work was partially funded by Universitat Politecnica de Valencia (Grant No. 20160251-ASLR-NG). Marco Gisbert, H.; Ripoll Ripoll, JI. (2019). SSPFA: Effective Stack Smashing Protection for Android OS. International Journal of Information Security. 18(4):519-532. https://doi.org/10.1007/s10207-018-00425-8 Buchanan, W.J., Chiale, S., Macfarlane, R.: A methodology for the security evaluation within third-party android marketplaces. Digit. Investig. 23(Supplement C), 88–98 (2017). https://doi.org/10.1016/j.diin.2017.10.002 Tian, D., Jia, X., Chen, J., Hu, C., Xue, J.: A practical online approach to protecting kernel heap buffers in kernel modules. China Commun. 1, 143–152 (2016) One, A.: Smashing the stack for fun and profit. Phrack, 7(49) (1996) Younan, Y., Pozza, D., Piessens, F., Joosen, W.: Extended protection against stack smashing attacks without performance loss. In: In Proceedings of ACSAC (2006) Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow Integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, Series CCS ’05, pp. 340–353. ACM, New York (2005). https://doi.org/10.1145/1102120.1102165 Wartell, R., Mohan, V., Hamlen, K.W., Lin, Z.: Binary stirring: self-randomizing instruction addresses of legacy x86 binary code. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, Series CCS ’12, pp. 157–168. ACM, New York (2012). https://doi.org/10.1145/2382196.2382216 Roglia, G.F., Martignoni, L., Paleari, R., Bruschi, D.: Surgically returning to randomized lib(c). In: Proceedings of the 2009 Annual Computer Security Applications Conference, Series ACSAC ’09, pp. 60–69. IEEE Computer Society, Washington (2009). https://