Stack Layout Randomization with Minimal Rewriting of Android Binaries

  • Yu Liang
  • Xinjie Ma
  • Daoyuan Wu
  • Xiaoxiao Tang
  • Debin Gao
  • Guojun Peng
  • Chunfu Jia
  • Huanguo Zhang
Conference paper

DOI: 10.1007/978-3-319-30840-1_15

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9558)
Cite this paper as:
Liang Y. et al. (2016) Stack Layout Randomization with Minimal Rewriting of Android Binaries. In: Kwon S., Yun A. (eds) Information Security and Cryptology - ICISC 2015. ICISC 2015. Lecture Notes in Computer Science, vol 9558. Springer, Cham

Abstract

Stack-based attacks typically require that attackers have a good understanding of the stack layout of the victim program. In this paper, we leverage specific features on ARM architecture and propose a practical technique that introduces randomness to the stack layout when an Android application executes. We employ minimal binary rewriting on the Android app that produces randomized executable of the same size which can be executed on an unmodified Android operating system. Our experiments on applying this randomization on the most popular 20 free Android apps on Google Play show that the randomization coverage of functions increases from 65 % (by a state-of-the-art randomization approach) to 97.6 % with, on average, 4 and 7 bits of randomness applied to each 16-bit and 32-bit function, respectively. We also show that it is effective in defending against stack-based memory vulnerabilities and real-world ROP attacks.

Keywords

Memory layout randomization Android security 

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Yu Liang
    • 1
  • Xinjie Ma
    • 2
  • Daoyuan Wu
    • 3
  • Xiaoxiao Tang
    • 3
  • Debin Gao
    • 3
  • Guojun Peng
    • 1
  • Chunfu Jia
    • 2
  • Huanguo Zhang
    • 1
  1. 1.Wuhan UniversityWuhanChina
  2. 2.Nankai UniversityTianjinChina
  3. 3.Singapore Management UniversitySingaporeSingapore

Personalised recommendations