Skip to main content
SpringerLink
Log in

ASLR and ROP Attack Mitigations for ARM-Based Android Devices

  • Conference paper
  • First Online:
Book cover Security in Computing and Communications (SSCC 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 746))

Included in the following conference series:

Abstract

ASLR (address space layout randomization) and ROP (return oriented programming) attacks have been happening for years on the PC platform. Android devices are ripe for these same attacks. Android has made mitigation efforts, mostly in the Zygote (mother of all Java processes), which is presently exposed to a vast number of ASLR bypassing exploits. We carefully re-analyzed the Zygote process creation model. We include mitigations not only for ASLR but also for ROP attacks. We demonstrate that Android becomes robust against most of the ROP exploits by running such attacks on the device, in the presence of our solution. We compare our solution with existing solutions and show that ours is a more effective approach to mitigate ASLR and ROP attacks on ARM based Android devices. Our changes do not interfere with the normal functioning of the Android device and can be easily incorporated as a secure replacement for the existing Zygote that is presently exposed to a vast number of ASLR bypassing vulnerabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/sashs/Ropper.

  2. 2.

    https://github.com/Samsung/ADBI.

  3. 3.

    http://valgrind.org/.

  4. 4.

    http://www.dynamorio.org/.

  5. 5.

    http://www.talosintelligence.com/.

  6. 6.

    http://public.avast.com/caro2011/.

  7. 7.

    https://github.com/benwaffle/DynamoRIO-shadow-stack.

References

  • Drake, J.: Stagefright: scary code in the heart of Android. BlackHat USA, August 2015. Slides: https://www.blackhat.com/docs/us-15/materials/us-15-Drake-Stagefright-Scary-Code-In-The-Heart-Of-Android.pdf, video: https://www.youtube.com/watch?v=71YP65UANP0

  • Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 298–307. ACM (2004). http://www.hovav.net/dist/asrandom.pdf

  • Shacham, H.: The geometry of innocent flesh on the bone: return-into-LIBC without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552–561. ACM (2007)

    Google Scholar 

  • Kornau, T.: Return oriented programming for the ARM architecture. Master’s thesis, Ruhr-Universitat Bochum, Germany (2010). http://zynamics.com/downloads/kornau-tim-diplomarbeit-rop.pdf

  • Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-18178-8_30

    Chapter  Google Scholar 

  • Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. Presented as Part of the 22nd USENIX Security Symposium (USENIX Security 2013), pp. 447–462 (2013)

    Google Scholar 

  • Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 559–572. ACM (2010). http://cseweb.ucsd.edu/~hovav/dist/noret-ccs.pdf

  • Backes, M., Bugiel, S., Schranz, O., von Styp-Rekowsky, P., Weisgerber, S.: ARTist: the Android runtime instrumentation and security toolkit. arXiv preprint arXiv:1607.06619 (2016)

  • Huang, Z., Zheng, T., Liu, J.: A dynamic detection method against ROP attack on ARM platform. In: Proceedings of the Second International Workshop on Software Engineering for Embedded Systems, pp. 51–57. IEEE Press (2012)

    Google Scholar 

  • Lee, B., Lu, L., Wang, T., Kim, T., Lee, W.: From Zygote to Morula: fortifying weakened ASLR on Android. In: IEEE Symposium on Security and Privacy (2014)

    Google Scholar 

  • Shetti, P.: Enhancing the security of Zygote/Morula in Android Lollipop. Master’s thesis, Amrita Vishwa Vidyapeetham, Ettimadai, Tamil Nadu, India, June 2015. Advisor: Prabhaker Mateti. http://cecs.wright.edu/~pmateti/Students/

  • Carlini, N., Wagner, D.: ROP is still dangerous: breaking modern defenses. In: USENIX Security, vol. 14 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Amrita Center for Cybersecurity Systems and Networks, Amritapuri, India

    Vivek Parikh

  2. Amrita School of Engineering, Amritapuri, India

    Vivek Parikh

  3. Amrita Vishwa Vidyapeetham, Amrita University, Amritapuri, India

    Vivek Parikh

  4. Wright State University, Dayton, OH, 45435, USA

    Prabhaker Mateti

Authors
  1. Vivek Parikh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Prabhaker Mateti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Vivek Parikh or Prabhaker Mateti .

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management Kerala (IIITMK), Trivandrum, Kerala, India

    Sabu M. Thampi

  2. University of Murcia , Murcia, Spain

    Gregorio Martínez Pérez

  3. Federal University of Santa Catarina , Florianópolis, Santa Catarina, Brazil

    Carlos Becker Westphall

  4. RMIT University , Melbourne, Victoria, Australia

    Jiankun Hu

  5. National Sun Yat-sen University , Kaohsiung, Taiwan

    Chun I. Fan

  6. University of Murcia, Murcia, Spain

    Félix Gómez Mármol

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Parikh, V., Mateti, P. (2017). ASLR and ROP Attack Mitigations for ARM-Based Android Devices. In: Thampi, S., Martínez Pérez, G., Westphall, C., Hu, J., Fan, C., Gómez Mármol, F. (eds) Security in Computing and Communications. SSCC 2017. Communications in Computer and Information Science, vol 746. Springer, Singapore. https://doi.org/10.1007/978-981-10-6898-0_29

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-6898-0_29

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-6897-3

  • Online ISBN: 978-981-10-6898-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation