1 / 17

PSiOS: Bring Your Own Privacy & Security to iOS Devices

PSiOS: Bring Your Own Privacy & Security to iOS Devices. Ahmad-Reza Sadeghi Werthmann ,Ralf Hund Thorsten Holz Lucas Davi Authors Sravya Avasarala Presenter. Outline. Introduction

eitan
Télécharger la présentation

PSiOS: Bring Your Own Privacy & Security to iOS Devices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PSiOS: Bring Your Own Privacy & Security to iOS Devices Ahmad-Reza Sadeghi Werthmann ,Ralf Hund Thorsten Holz Lucas Davi Authors Sravya Avasarala Presenter

  2. Outline • Introduction • Background and problem description • High level idea • Design of PSiOS • Implementation • Conclusion

  3. Introduction • Smartphone and tablet computers have become ubiquitous • Privacy and security concerns arise • iOS assigns general sandboxing profile contradicts the least privilege principle • Developers must adhere to certain guidelines • Mitigation static analysis tool PSiOSto identify privacy leaks

  4. No solid privacy framework for iOS • Challenges: closed source nature and dynamic nature of Objective –C • Key Idea: detect and prevent privacy leaks by providing specific sandboxing profile to applications • Protection layer between applications and Objective-C runtime environment • Monitors application’s execution • Operates directly on application binary

  5. PSiOS • This framework policy is implemented in a tool- PSiOS • Provides user driven and fine grained sandboxing profile. • User driven  update sandboxing w/o recompiling • Fine grained  user or admin specifies privileges assigned to an application • Prevents attackers from exploiting vulnerabilities.

  6. Background and Problem Description • 4 layers: • Application layer • Cocoa layer • Core Service layer • Core OS layer

  7. iOS background • Generic sandboxingprofile • Objective-C frameworks-public and private Problemdescription • iOS sandboxing is based on kernel module adopted from TurboBSD • Allows access to public frameworks • Several attacks reported • Supports sandboxing at kernel level • Provides coarse-grained sandboxing • Individual sandboxing rules can be bound to mobile apps using entitlement • Drawback of entitlement: requested by the developers and included in digital signature of the application.

  8. High Level Idea • PSiOS: user-defined sandboxing profile for each application • New module between application layer and Cocoa touch layer policy enforcement • This component mediates every access request to Objective –C runtime and frameworks and system calls. • Enforces rules on every request and checks that the policy is not violated and then forwards request to destination • Control flow attacks are handled by enforcing CFI

  9. Design of PSiOS • 3 phases: • Static analysis(offline) • Binary rewriting(load-time) • CFI and policy enforcement(execution time)

  10. Leverage MoCFI to derive CFG • Implement a static objective-c analyzer to identify used classes and methods • When app is launched, perform binary rewriting • Leverage binary rewriting to insert checkpoints into the app that will be reached whenever an app aims at accessing runtime, frameworks and system call wrapper • At execution time, • Objective-C analyzer handles incompleteness of static analysis process • CFI ensures control flow of app through CFG • Policy enforcement validates if requests adhere to given policy rules

  11. Static Analysis: • Implements Objective-C analyzer to identify all classes, methods and inheritance relationships • Binary Rewriting and Runtime Enforcement • Rewriting after app loader has verified application signature • PSiOS rewrites all access requests to the Objective-C runtime to insert checkpoints. • Objective-C analyzer requests runtime information that were not obtained during static analysis) • At execution, PSiOS ensures the request follows CFG and adheres to rules

  12. Policy Enforcement: • Supports 3 policy enforcement types: Log, Exit and Replace • Log: Ensures all policy violations are recorded by the system. • Exit: Restrictive, terminates process immediately on a policy violation • Replace: Allows the application to continue executing, but PSiOS replaces the return values of the Objective-C runtime with shadow data.

  13. Architecture of PSiOS

  14. Architecture of PSiOS • PSiOS: user-defined sandboxing profile for each application • New module between application layer and Cocoa touch layer policy enforcement • This component mediates every access request to Objective –C runtime and frameworks and system calls. • Enforces rules on every request and checks that the policy is not violated and then forwards request to destination • Control flow attacks are handled by enforcing CFI

  15. Implementation and Evaluation • Implementation of PSiOS on a prototype that supports iOS version 4.3.2, 4.3.3, 5.0.1, and 5.1.1. • Evaluation using SpyPhone ( an iOS app specifically meant to steal sensitive information) • Applied PSiOS on various apps like Whatsapp, Facebook, Instagram. • Performance: • Negligible overhead • Slight slowdown of RAM speed

  16. Conclusion • A new policy enforcement framework for iOS • Fine grained control, application-specific and user-defined sandboxing for application without access to source code • Secure

  17. THANKYOU!!!

More Related