SlideShare a Scribd company logo
Native Code Execution Control for Attack Mitigation
on Android
3rd Annual ACM CCS Workshop on Security and Privacy in Smartphones and
Mobile Devices (SPSM)
Rafael Fedler, Marcel Kulicke, and Julian Schütte, November 8, 2013
Motivation and Teaser
Currently, native code can be downloaded and executed at runtime on
Android devices
Includes (root) exploits
All current root exploits are native code

Allows for adding code after app installation, thus circumventing user
and package manager authority
Should not be possible in our opinion

Any app with Internet access can download and execute root exploits
w/o any hindrance

Our approach: To control local privilege escalation attacks and
malware building upon them, control native code execution

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 1
© Fraunhofer
Native Code Execution Control for Attack Mitigation
on Android
Background
Malware on Android
Basic observations: Exploits and native code usage
Native code execution on Android
Approach
Binaries
Libraries
Discussion
Shortcomings
Comparison to other approaches
Conclusion

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 2
© Fraunhofer
Malware on Android
Classification
Trivial classification:
1. Malware using root exploits
2. Malware not using root exploits
For obvious reasons, 1. much more dangerous:
Droppers or disguised, seemingly legitimate apps can silently install
malicious apps from the net, circumventing the package manager and
permission system
If no NAND write protection: Irremovable installation of malicious apps to
/system partition (usually mounted read-only)
Apps installed on /system get access to potentially hazardous
permissions (protection level signatureOrSystem)
Generally, it can do anything and everything; Android’s sandboxing
mechanism no longer applies
Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 3
© Fraunhofer
Malware on Android
Classification (2) & Further problems
Class 2, on the other hand...
Has to trick the user into manually installing malware
Far more limited control over device
Can be uninstalled by user
Trivial conclusion: Root exploits problematic – Cpt. Obvious
Additional problems:
Device vendors’ patch policy
Patches take many months, if supplied at all
End of life for products often < 1.5 years
Consequence: Many devices vulnerable to exploits for very long time

Antivirus software extremely easy to fool
Root exploits downloaded at runtime completely invisible to AV
Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 4
© Fraunhofer
Exploits and native code usage
Basic observations
1. All current root exploits exclusively implemented as native code
Reasons:
C header files → ease of development
System call interfaces for privilege escalation
Some creative tricks, e.g., excessive spawning of processes to hit
RLIMIT_NPROC (RageAgainstTheCage)
Flexibility for memory manipulation and system interaction

Currently only as standalone binaries, no libraries

2. Less than 5% of all apps in Google Play Store use native code at all
Mostly libraries, almost no binaries

Our conclusion: Control native code to control exploits, without
affecting most apps at all

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 5
© Fraunhofer
Background
Native code execution on Android

Two (official) ways:
1. Binaries
Process, ProcessBuilder, Runtime API classes from within apps
Need to be marked executable beforehand (!)

2. Libraries
System API class: load() and loadLibrary() from within apps
No need to mark executable before executing

3. Inofficial: Load/map machine code into memory space, make instruction
pointer point to beginning of code
Only works from within native code, not from within apps in Dalvik

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 6
© Fraunhofer
Background
Native code execution on Android

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 7
© Fraunhofer
Background
Advanced malware: Typical chain of actions until infection

1. Initial propagation
Disguised as a legitimate app
Repackaged
Update of legitimate app after hijacking of developer’s account and
signing key
etc.

2. Download of root exploit at runtime, in case it is not shipped with app
package file
3. Mark exploit executable with chmod
4. Execute root exploit and carry out payload

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 8
© Fraunhofer
Native Code Execution Control for Attack Mitigation
on Android
Background
Malware on Android
Basic observations: Exploits and native code usage
Native code execution on Android
Approach
Binaries
Libraries
Discussion
Shortcomings
Comparison to other approaches
Conclusion

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 9
© Fraunhofer
Approach
Basic idea

Do not break native code execution, but control what can be executed by
whom
Mandatory or Discretionary (Android permission based) Access Control
solutions possible
Different approaches in the following

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 10
© Fraunhofer
Approach
Binaries
Control ability to set the executable bit
No scenario where an app should mark anything executable at runtime
Undermines the system’s & user’s authority over runnable software on
device
Apps should ship all software at install time and not be able to download
& execute code from the net at runtime

−→ default case: disallow setting the executable bit for files
Exception: directories (different semantics of executable bit)
Checks to be integrated into (f)chmod system call interface in kernel
Could be circumvented if integrated into chmod utility or libc stub by
invoking syscall

No problem for preshipped binaries: file system image manipulation

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 11
© Fraunhofer
Approach
Binaries: Potential exceptions
Problem with last slide’s MAC approach: Device owners want to root, too
Potential MAC or DAC remedies:
1. UID or GID based exceptions
Introduce option into AndroidManifest.xml and let package manager mark
specified binaries executable + according permission
(would still prevent download & execution at runtime)
Whitelist root (UID 0) and shell (UID 2000) user s.t. they can still mark
binaries as executable → device owners can run root exploits via USB access
Introduce permission for apps to set executable bit & introduce
corresponding GID

2. Permission-based exceptions
Introduce permissions into Process, ProcessBuilder and Runtime
classes’ methods for executing binaries
If dangerous protection level: DAC
If signature or signatureOrSystem protection level: MAC

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 12
© Fraunhofer
Approach
Libraries
Controlling binaries alone would trigger a shift to native libraries
Three approaches:
1. Loader- and filesystem-based
Require executable bit also for libraries & make System.load() and
System.loadLibrary() check for it
Thus, the aforementioned measures for binaries would apply to libraries too

2. Permission-based
Secure the System class with a permission
To be granted by users at installation time
Retains possibility to still play games

3. Path-based
Restrict System.load() and System.loadLibrary() to default
path for preinstalled libraries
Allows developers to still use preshipped libraries, but no own native code

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 13
© Fraunhofer
Native Code Execution Control for Attack Mitigation
on Android
Background
Malware on Android
Basic observations: Exploits and native code usage
Native code execution on Android
Approach
Binaries
Libraries
Discussion
Shortcomings
Comparison to other approaches
Conclusion

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 14
© Fraunhofer
Discussion
Shortcomings

mmap() some code + just jump into it
mmap() can only be called from within native code → initial protection
still provided
Tampering with mmap() at kernel level can break library loading
mechanisms and much more

Return-oriented programming inside preshipped libraries/binaries
Exploits targeting Dalvik not covered

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 15
© Fraunhofer
Discussion
Comparison to other approaches

SEAndroid: achieves the same (and even more)
Requires extensive policies, not very lightweight, needs configuration

Removing executability of any native code added after device
manufacturing altogether
Our approach obviously more flexible

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 16
© Fraunhofer
Discussion
Conclusion

Different levels of strictness and protection possible (MAC or DAC)
Not perfect, but...
lightweight compared to MAC approaches s.a. SEAndroid
no policies required
flexible
Users may (DAC: permission-based) or may not (MAC) grant apps permission
to still run native code
Openness to modification retained

All current root exploits would fail
Hurdles of exploitation strongly increased
95% of apps not affected at all as they do not run native code

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 17
© Fraunhofer
Contact Information
Rafael Fedler, Marcel Kulicke, and Julian Schütte
Group Mobile Security
Department Service & Application Security
Fraunhofer Research Institution for
Applied and Integrated Security (AISEC)
Address: Parkring 4
85748 Garching (near Munich)
Germany
Internet: http://www.aisec.fraunhofer.de
Phone:
Fax:
E-Mail:

+49 89 3229986-173
+49 89 3229986-299
rafael.fedler@aisec.fraunhofer.de

Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 18
© Fraunhofer

More Related Content

What's hot

Denial of Service Attack Defense Techniques
Denial of Service Attack Defense TechniquesDenial of Service Attack Defense Techniques
Denial of Service Attack Defense Techniques
IRJET Journal
 
Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection Presentation
Mustafash79
 
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
qqlan
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized Security
Sophos Benelux
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
Marcelo Silva
 
Advanced fuzzing in the vo ip space
Advanced fuzzing in the vo ip spaceAdvanced fuzzing in the vo ip space
Advanced fuzzing in the vo ip space
UltraUploader
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEs
Ashley Zupkus
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
rahul kundu
 
Panda Security - Endpoint Protection
Panda Security - Endpoint ProtectionPanda Security - Endpoint Protection
Panda Security - Endpoint Protection
Panda Security
 
NIDS ppt
NIDS pptNIDS ppt
NIDS ppt
Mahendar Reddy
 
UTM - The Complete Security Box
UTM - The Complete Security BoxUTM - The Complete Security Box
UTM - The Complete Security Box
Sophos
 
Euro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesEuro mGov Securing Mobile Services
APT - Project
APT - Project APT - Project
APT - Project
Dev Lavaniya
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
MarketingArrowECS_CZ
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
Andrew Ryan
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Akhil Kumar
 
"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman
Rinaldi Rampen
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
MarketingArrowECS_CZ
 
Intrusion prevention systems
Intrusion prevention systemsIntrusion prevention systems
Intrusion prevention systems
samis
 

What's hot (20)

Denial of Service Attack Defense Techniques
Denial of Service Attack Defense TechniquesDenial of Service Attack Defense Techniques
Denial of Service Attack Defense Techniques
 
Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection Presentation
 
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized Security
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
 
Advanced fuzzing in the vo ip space
Advanced fuzzing in the vo ip spaceAdvanced fuzzing in the vo ip space
Advanced fuzzing in the vo ip space
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEs
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Panda Security - Endpoint Protection
Panda Security - Endpoint ProtectionPanda Security - Endpoint Protection
Panda Security - Endpoint Protection
 
NIDS ppt
NIDS pptNIDS ppt
NIDS ppt
 
UTM - The Complete Security Box
UTM - The Complete Security BoxUTM - The Complete Security Box
UTM - The Complete Security Box
 
Euro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesEuro mGov Securing Mobile Services
Euro mGov Securing Mobile Services
 
APT - Project
APT - Project APT - Project
APT - Project
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman"CERT Secure Coding Standards" by Dr. Mark Sherman
"CERT Secure Coding Standards" by Dr. Mark Sherman
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
 
Intrusion prevention systems
Intrusion prevention systemsIntrusion prevention systems
Intrusion prevention systems
 

Similar to Native Code Execution Control for Attack Mitigation on Android

Getting started with Android pentesting
Getting started with Android pentestingGetting started with Android pentesting
Getting started with Android pentesting
Minali Arora
 
Getting started with android
Getting started with androidGetting started with android
Getting started with android
Vandana Verma
 
Mobile application security
Mobile application securityMobile application security
Mobile application security
Shubhneet Goel
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
Ishan Girdhar
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013
Stephan Chenette
 
Android Seminar BY Suleman Khan.pdf
Android Seminar BY Suleman Khan.pdfAndroid Seminar BY Suleman Khan.pdf
Android Seminar BY Suleman Khan.pdf
NomanKhan869872
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devices
IOSR Journals
 
Android
AndroidAndroid
Android
aktash12
 
Android ppt
Android pptAndroid ppt
Android Applications
Android ApplicationsAndroid Applications
Android Applications
Nazeer Hussain University
 
Android ppt
Android ppt Android ppt
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
nullowaspmumbai
 
Comodo advanced endpoint protection
Comodo advanced endpoint protectionComodo advanced endpoint protection
Comodo advanced endpoint protection
David Waugh
 
Android
AndroidAndroid
Android
Tapan Khilar
 
Android 130923124440-phpapp01
Android 130923124440-phpapp01Android 130923124440-phpapp01
Android 130923124440-phpapp01
rajesh kumar
 
Mobile Application Development powerpoint
Mobile Application Development powerpointMobile Application Development powerpoint
Mobile Application Development powerpoint
JohnLagman3
 
Fuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementFuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day Management
Codenomicon
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
IJCNCJournal
 
IRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection MethodsIRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection Methods
IRJET Journal
 
Android Overview
Android OverviewAndroid Overview
Android Overview
Raju Kadam
 

Similar to Native Code Execution Control for Attack Mitigation on Android (20)

Getting started with Android pentesting
Getting started with Android pentestingGetting started with Android pentesting
Getting started with Android pentesting
 
Getting started with android
Getting started with androidGetting started with android
Getting started with android
 
Mobile application security
Mobile application securityMobile application security
Mobile application security
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013
 
Android Seminar BY Suleman Khan.pdf
Android Seminar BY Suleman Khan.pdfAndroid Seminar BY Suleman Khan.pdf
Android Seminar BY Suleman Khan.pdf
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devices
 
Android
AndroidAndroid
Android
 
Android ppt
Android pptAndroid ppt
Android ppt
 
Android Applications
Android ApplicationsAndroid Applications
Android Applications
 
Android ppt
Android ppt Android ppt
Android ppt
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
 
Comodo advanced endpoint protection
Comodo advanced endpoint protectionComodo advanced endpoint protection
Comodo advanced endpoint protection
 
Android
AndroidAndroid
Android
 
Android 130923124440-phpapp01
Android 130923124440-phpapp01Android 130923124440-phpapp01
Android 130923124440-phpapp01
 
Mobile Application Development powerpoint
Mobile Application Development powerpointMobile Application Development powerpoint
Mobile Application Development powerpoint
 
Fuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementFuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day Management
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
 
IRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection MethodsIRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection Methods
 
Android Overview
Android OverviewAndroid Overview
Android Overview
 

More from Fraunhofer AISEC

Fraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vornFraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vorn
Fraunhofer AISEC
 
Internet of (Every)Thing
Internet of (Every)ThingInternet of (Every)Thing
Internet of (Every)Thing
Fraunhofer AISEC
 
App Ray: 10000 Apps
App Ray: 10000 AppsApp Ray: 10000 Apps
App Ray: 10000 Apps
Fraunhofer AISEC
 
Produktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische GeräteProduktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische Geräte
Fraunhofer AISEC
 
Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013
Fraunhofer AISEC
 
Marktchancen mit IT-Sicherheit
Marktchancen mit IT-SicherheitMarktchancen mit IT-Sicherheit
Marktchancen mit IT-Sicherheit
Fraunhofer AISEC
 
Cybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for SecurityCybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for Security
Fraunhofer AISEC
 
Sicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der ITSicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der IT
Fraunhofer AISEC
 
Tech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on AndroidTech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on Android
Fraunhofer AISEC
 
PEP - Protecting Electronic Products
PEP - Protecting Electronic ProductsPEP - Protecting Electronic Products
PEP - Protecting Electronic ProductsFraunhofer AISEC
 
Firmware Encryption and Secure Remote Update
Firmware Encryption and Secure Remote UpdateFirmware Encryption and Secure Remote Update
Firmware Encryption and Secure Remote Update
Fraunhofer AISEC
 
Infografik Produktschutz
Infografik ProduktschutzInfografik Produktschutz
Infografik Produktschutz
Fraunhofer AISEC
 
Cyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der WissenschaftCyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der Wissenschaft
Fraunhofer AISEC
 
Produktschutz Infografik
Produktschutz InfografikProduktschutz Infografik
Produktschutz Infografik
Fraunhofer AISEC
 
IKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealthIKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealth
Fraunhofer AISEC
 
Innovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht ForschungInnovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht Forschung
Fraunhofer AISEC
 
Alan Turing
Alan Turing Alan Turing
Alan Turing
Fraunhofer AISEC
 
Sicherheit im Smart Grid
Sicherheit im Smart GridSicherheit im Smart Grid
Sicherheit im Smart Grid
Fraunhofer AISEC
 
40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg
Fraunhofer AISEC
 
Security for Automotive with Multicore-based Embedded Systems
Security for Automotive with Multicore-based Embedded SystemsSecurity for Automotive with Multicore-based Embedded Systems
Security for Automotive with Multicore-based Embedded Systems
Fraunhofer AISEC
 

More from Fraunhofer AISEC (20)

Fraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vornFraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vorn
 
Internet of (Every)Thing
Internet of (Every)ThingInternet of (Every)Thing
Internet of (Every)Thing
 
App Ray: 10000 Apps
App Ray: 10000 AppsApp Ray: 10000 Apps
App Ray: 10000 Apps
 
Produktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische GeräteProduktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische Geräte
 
Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013
 
Marktchancen mit IT-Sicherheit
Marktchancen mit IT-SicherheitMarktchancen mit IT-Sicherheit
Marktchancen mit IT-Sicherheit
 
Cybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for SecurityCybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for Security
 
Sicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der ITSicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der IT
 
Tech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on AndroidTech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on Android
 
PEP - Protecting Electronic Products
PEP - Protecting Electronic ProductsPEP - Protecting Electronic Products
PEP - Protecting Electronic Products
 
Firmware Encryption and Secure Remote Update
Firmware Encryption and Secure Remote UpdateFirmware Encryption and Secure Remote Update
Firmware Encryption and Secure Remote Update
 
Infografik Produktschutz
Infografik ProduktschutzInfografik Produktschutz
Infografik Produktschutz
 
Cyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der WissenschaftCyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der Wissenschaft
 
Produktschutz Infografik
Produktschutz InfografikProduktschutz Infografik
Produktschutz Infografik
 
IKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealthIKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealth
 
Innovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht ForschungInnovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht Forschung
 
Alan Turing
Alan Turing Alan Turing
Alan Turing
 
Sicherheit im Smart Grid
Sicherheit im Smart GridSicherheit im Smart Grid
Sicherheit im Smart Grid
 
40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg
 
Security for Automotive with Multicore-based Embedded Systems
Security for Automotive with Multicore-based Embedded SystemsSecurity for Automotive with Multicore-based Embedded Systems
Security for Automotive with Multicore-based Embedded Systems
 

Recently uploaded

How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Zilliz
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 

Recently uploaded (20)

How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 

Native Code Execution Control for Attack Mitigation on Android

  • 1. Native Code Execution Control for Attack Mitigation on Android 3rd Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM) Rafael Fedler, Marcel Kulicke, and Julian Schütte, November 8, 2013
  • 2. Motivation and Teaser Currently, native code can be downloaded and executed at runtime on Android devices Includes (root) exploits All current root exploits are native code Allows for adding code after app installation, thus circumventing user and package manager authority Should not be possible in our opinion Any app with Internet access can download and execute root exploits w/o any hindrance Our approach: To control local privilege escalation attacks and malware building upon them, control native code execution Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 1 © Fraunhofer
  • 3. Native Code Execution Control for Attack Mitigation on Android Background Malware on Android Basic observations: Exploits and native code usage Native code execution on Android Approach Binaries Libraries Discussion Shortcomings Comparison to other approaches Conclusion Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 2 © Fraunhofer
  • 4. Malware on Android Classification Trivial classification: 1. Malware using root exploits 2. Malware not using root exploits For obvious reasons, 1. much more dangerous: Droppers or disguised, seemingly legitimate apps can silently install malicious apps from the net, circumventing the package manager and permission system If no NAND write protection: Irremovable installation of malicious apps to /system partition (usually mounted read-only) Apps installed on /system get access to potentially hazardous permissions (protection level signatureOrSystem) Generally, it can do anything and everything; Android’s sandboxing mechanism no longer applies Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 3 © Fraunhofer
  • 5. Malware on Android Classification (2) & Further problems Class 2, on the other hand... Has to trick the user into manually installing malware Far more limited control over device Can be uninstalled by user Trivial conclusion: Root exploits problematic – Cpt. Obvious Additional problems: Device vendors’ patch policy Patches take many months, if supplied at all End of life for products often < 1.5 years Consequence: Many devices vulnerable to exploits for very long time Antivirus software extremely easy to fool Root exploits downloaded at runtime completely invisible to AV Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 4 © Fraunhofer
  • 6. Exploits and native code usage Basic observations 1. All current root exploits exclusively implemented as native code Reasons: C header files → ease of development System call interfaces for privilege escalation Some creative tricks, e.g., excessive spawning of processes to hit RLIMIT_NPROC (RageAgainstTheCage) Flexibility for memory manipulation and system interaction Currently only as standalone binaries, no libraries 2. Less than 5% of all apps in Google Play Store use native code at all Mostly libraries, almost no binaries Our conclusion: Control native code to control exploits, without affecting most apps at all Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 5 © Fraunhofer
  • 7. Background Native code execution on Android Two (official) ways: 1. Binaries Process, ProcessBuilder, Runtime API classes from within apps Need to be marked executable beforehand (!) 2. Libraries System API class: load() and loadLibrary() from within apps No need to mark executable before executing 3. Inofficial: Load/map machine code into memory space, make instruction pointer point to beginning of code Only works from within native code, not from within apps in Dalvik Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 6 © Fraunhofer
  • 8. Background Native code execution on Android Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 7 © Fraunhofer
  • 9. Background Advanced malware: Typical chain of actions until infection 1. Initial propagation Disguised as a legitimate app Repackaged Update of legitimate app after hijacking of developer’s account and signing key etc. 2. Download of root exploit at runtime, in case it is not shipped with app package file 3. Mark exploit executable with chmod 4. Execute root exploit and carry out payload Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 8 © Fraunhofer
  • 10. Native Code Execution Control for Attack Mitigation on Android Background Malware on Android Basic observations: Exploits and native code usage Native code execution on Android Approach Binaries Libraries Discussion Shortcomings Comparison to other approaches Conclusion Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 9 © Fraunhofer
  • 11. Approach Basic idea Do not break native code execution, but control what can be executed by whom Mandatory or Discretionary (Android permission based) Access Control solutions possible Different approaches in the following Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 10 © Fraunhofer
  • 12. Approach Binaries Control ability to set the executable bit No scenario where an app should mark anything executable at runtime Undermines the system’s & user’s authority over runnable software on device Apps should ship all software at install time and not be able to download & execute code from the net at runtime −→ default case: disallow setting the executable bit for files Exception: directories (different semantics of executable bit) Checks to be integrated into (f)chmod system call interface in kernel Could be circumvented if integrated into chmod utility or libc stub by invoking syscall No problem for preshipped binaries: file system image manipulation Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 11 © Fraunhofer
  • 13. Approach Binaries: Potential exceptions Problem with last slide’s MAC approach: Device owners want to root, too Potential MAC or DAC remedies: 1. UID or GID based exceptions Introduce option into AndroidManifest.xml and let package manager mark specified binaries executable + according permission (would still prevent download & execution at runtime) Whitelist root (UID 0) and shell (UID 2000) user s.t. they can still mark binaries as executable → device owners can run root exploits via USB access Introduce permission for apps to set executable bit & introduce corresponding GID 2. Permission-based exceptions Introduce permissions into Process, ProcessBuilder and Runtime classes’ methods for executing binaries If dangerous protection level: DAC If signature or signatureOrSystem protection level: MAC Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 12 © Fraunhofer
  • 14. Approach Libraries Controlling binaries alone would trigger a shift to native libraries Three approaches: 1. Loader- and filesystem-based Require executable bit also for libraries & make System.load() and System.loadLibrary() check for it Thus, the aforementioned measures for binaries would apply to libraries too 2. Permission-based Secure the System class with a permission To be granted by users at installation time Retains possibility to still play games 3. Path-based Restrict System.load() and System.loadLibrary() to default path for preinstalled libraries Allows developers to still use preshipped libraries, but no own native code Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 13 © Fraunhofer
  • 15. Native Code Execution Control for Attack Mitigation on Android Background Malware on Android Basic observations: Exploits and native code usage Native code execution on Android Approach Binaries Libraries Discussion Shortcomings Comparison to other approaches Conclusion Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 14 © Fraunhofer
  • 16. Discussion Shortcomings mmap() some code + just jump into it mmap() can only be called from within native code → initial protection still provided Tampering with mmap() at kernel level can break library loading mechanisms and much more Return-oriented programming inside preshipped libraries/binaries Exploits targeting Dalvik not covered Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 15 © Fraunhofer
  • 17. Discussion Comparison to other approaches SEAndroid: achieves the same (and even more) Requires extensive policies, not very lightweight, needs configuration Removing executability of any native code added after device manufacturing altogether Our approach obviously more flexible Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 16 © Fraunhofer
  • 18. Discussion Conclusion Different levels of strictness and protection possible (MAC or DAC) Not perfect, but... lightweight compared to MAC approaches s.a. SEAndroid no policies required flexible Users may (DAC: permission-based) or may not (MAC) grant apps permission to still run native code Openness to modification retained All current root exploits would fail Hurdles of exploitation strongly increased 95% of apps not affected at all as they do not run native code Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 17 © Fraunhofer
  • 19. Contact Information Rafael Fedler, Marcel Kulicke, and Julian Schütte Group Mobile Security Department Service & Application Security Fraunhofer Research Institution for Applied and Integrated Security (AISEC) Address: Parkring 4 85748 Garching (near Munich) Germany Internet: http://www.aisec.fraunhofer.de Phone: Fax: E-Mail: +49 89 3229986-173 +49 89 3229986-299 rafael.fedler@aisec.fraunhofer.de Native Code Execution Control for Attack Mitigation on Android | Rafael Fedler | November 8, 2013 | 18 © Fraunhofer