一种基于CFI保护的Android Native代码保护框架

doi:10.13190/j.jbupt.2018-017

北京邮电大学学报 ›› 2018, Vol. 41 ›› Issue (6): 1-6,13.doi: 10.13190/j.jbupt.2018-017

• 论文 • 下一篇

一种基于CFI保护的Android Native代码保护框架

张文¹, 刘文灵², 李晖², 陈泽², 牛少彰¹

1. 北京邮电大学智能通信软件与多媒体北京市重点实验室, 北京 100876;
2. 北京邮电大学网络空间安全学院, 北京 100876

收稿日期:2018-01-15 出版日期:2018-12-28 发布日期:2018-12-24
作者简介:张文(1981-),男,博士生,E-mail:roy.zhang@bupt.edu.cn;李晖(1970-),女,副教授.
基金资助:
国家自然科学基金项目（61628202）

A Protection Framework for Android Native Code Based on CFI

ZHANG Wen¹, LIU Wen-ling², LI Hui², CHEN Ze², NIU Shao-zhang¹

1. Beijing Key Laboratory of Intelligent Telecommunication Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China;
2. School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2018-01-15 Online:2018-12-28 Published:2018-12-24

摘要/Abstract

摘要： 针对Android应用的native代码面对的关键代码提取攻击和恶意代码植入攻击问题，提出了一个基于控制流完整性（CFI）保护的代码保护框架DroidCFI.该框架通过对被保护应用进行静态分析，提取其native代码的控制流特征，向开发者提供可视化策略配置视图设定关键函数，并根据策略配置生成对应的加固代码，与被保护应用的其他部分一起形成目标应用；目标应用在运行时，通过对关键函数进行动态CFI检查判定是否遭遇上述攻击，从而达到保护目的.实验结果表明，DroidCFI能够通过极小的性能开销实现对应用软件native代码的安全性保护.

关键词: native代码, 关键代码提取攻击, 恶意代码植入攻击, 控制流完整性保护

Abstract: A native code reinforcement framework based on control-flow integrity (CFI), DroidCFI is proposed, to prevent native code of Android applications from core code extraction and malicious injection. This framework can extract the control-flow features of subroutine invocation process by static analysis, provide developers with a visual policy configuration view to set the reinforced points, generate the reinforcement code based on the CFI policy, and integrate the verification module into the target application. Then a CFI check is enforced during the run-time of the application to defend against the malicious attack. Experiments show that DroidCFI can provide secure protection to native code of applications by minimal performance overhead.

Key words: native code, core code extraction attack, malicious code injection attack, control-flow integrity protect

中图分类号:

TN929.53

张文, 刘文灵, 李晖, 陈泽, 牛少彰. 一种基于CFI保护的Android Native代码保护框架[J]. 北京邮电大学学报, 2018, 41(6): 1-6,13.

ZHANG Wen, LIU Wen-ling, LI Hui, CHEN Ze, NIU Shao-zhang. A Protection Framework for Android Native Code Based on CFI[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(6): 1-6,13.

参考文献

[1] Abadi M, Budiu M, Erlingsson U, et al. A theory of secure control flow[C]//International Conference on Formal Engineering Methods and Software Engineering. Berlin:Springer, 2005:111-124.
[2] Abadi M, Budiu M, Erlingsson U, et al. Control-flow integrity[C]//Proceedings of the 12^th ACM Conference on Computer and Communications Security. New York:ACM, 2005:340-353.
[3] Abadi M, Budiu M, Erlingsson U, et al. Control-flow integrity principles, implementations, and applications[J]. ACM Transactions on Information and System Security, 2009, 13(1):4.
[4] Zhang Chao, Wei Tao, Chen Zhaofeng, et al. Practical control flow integrity and randomization for binary executables[C]//IEEE Symposium on Security and Privacy (SP). New York:IEEE Press, 2013:559-573.
[5] Zhang Mingwei, Sekar R. Control flow integrity for COTS binaries[C]//Proceedings of USENIX Conference on Security. Berkeley:USENIX Association, 2013:337-352.
[6] Zhang Mingwei, Sekar R. Control flow and code integrity for COTS binaries:An effective defense against real-world ROP attacks[C]//Proceedings of the 31^st Annual Computer Security Applications Conference. New York:ACM, 2015:91-100.
[7] Göktas E, Athanasopoulos E, Bos H, et al. Out of control:Overcoming control-flow integrity[C]//IEEE Symposium on Security and Privacy (SP). New York:IEEE Press, 2014:575-589.
[8] Mashtizadeh A J, Bittau A, Boneh D, et al. CCFI:cryptographically enforced control flow integrity[C]//22^nd ACM SIGSAC Conference on Computer and Communications Security (CCS). New York:ACM, 2015:941-951.
[9] Niu Ben, Tan Gang. RockJIT:securing just-in-time compilation using modular control-flow integrity[C]//Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2014:1317-1328.
[10] Criswell J, Dautenhahn N, Adve V. KCoFI:complete control-flow integrity for commodity operating system kernels[C]//IEEE Symposium on Security and Privacy (SP). New York:IEEE Press, 2014:292-307.
[11] van der Veen V, Andriesse D, Gökta?, et al. Practical context-sensitive CFI[C]//Proceedings of the 22^nd ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2015:927-940.
[12] Mohan V, Larsen P, Brunthaler S, et al. Opaque control-flow integrity[C]//Proc of the 22^nd Network and Distributed System Security Symposium. Washington, DC:Internet Society, 2015.
[13] Wang Minghua, Yin Heng, Bhaskar A V, et al. Binary code continent:finer-grained control flow integrity for stripped binaries[C]//Proceedings of the 31^st Annual Computer Security Applications Conference. New York:ACM, 2015:331-340.
[14] Ge Xinyang, Talele N, Payer M, et al. Fine-grained control-flow integrity for kernel software[C]//IEEE European Symposium on Security and Privacy (EuroS&P). New York:IEEE Press, 2016:179-194.
[15] Davi L, Dmitrienko A, Egele M, et al. MoCFI:a framework to mitigate control-flow attacks on smartphones[C]//Annual Network and Distributed System Security Symposium, San Diego, February 2012.
[16] Pewny J, Holz T. Control-flow restrictor:compiler-based CFI for iOS[C]//Proceedings of the 29^th Annual Computer Security Applications Conference. New York:ACM, 2013:309-318.
[17] Tice C, Roeder T, Collingbourne P, et al. Enforcing forward-edge control-flow integrity in GCC & LLVM[C]//Proceedings of USENIX Conference on Security. Berkeley:USENIX Association, 2014, 26:27-40.
[18] Payer M, Barresi A, Gross T R. Fine-grained control-flow integrity through binary hardening[C]//International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Berlin:Springer, 2015:144-164.

一种基于CFI保护的Android Native代码保护框架

A Protection Framework for Android Native Code Based on CFI

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	章晨宇温向明陈亚文. 蜂窝移动网络低成本高精度授时[J]. 北京邮电大学学报, 2023, 46(1): 103-108.
[2]	郭令奇褚智贤廖建新王敬宇陆璐. 意图驱动的自智网络资源按需服务[J]. 北京邮电大学学报, 2022, 45(6): 85-91.
[3]	初星河, 路兆铭, 王鲁晗, 武穆清, 温向明. 多径信号辅助的网联车辆无线协作定位[J]. 北京邮电大学学报, 2021, 44(2): 116-123.
[4]	张天魁, 王筱斐, 杨立伟, 杨鼎成. 移动网络SFC部署与计算资源分配联合算法[J]. 北京邮电大学学报, 2021, 44(1): 7-13.
[5]	吕廷杰, 宋罗娜, 滕颖蕾, 丰业媛. 面向生态可持续的下一代通信网络架构与评价体系[J]. 北京邮电大学学报, 2020, 43(6): 18-26,35.
[6]	何建华, 赵辉, 徐晓斌, 闫蕾, 王尚广. 基于改进双层LT码的天基物联网数据收集方法[J]. 北京邮电大学学报, 2020, 43(6): 118-125.
[7]	马璐, 刘铭, 李超, 路兆铭, 马欢. 面向6G边缘网络的云边协同计算任务调度算法[J]. 北京邮电大学学报, 2020, 43(6): 66-73.
[8]	管婉青, 张海君, 路兆铭. 基于DRL的6G多租户网络切片智能资源分配算法[J]. 北京邮电大学学报, 2020, 43(6): 132-139.
[9]	罗轶, 王雨婷, 施荣华, 严梦纯, 曾豪. 能量采集衬底式认知协作中继网络安全中断概率分析[J]. 北京邮电大学学报, 2020, 43(3): 105-111,124.
[10]	李君瑶, 常永宇, 曾天一. 大规模3D MIMO中基于信道相关的LOS/NLOS识别算法[J]. 北京邮电大学学报, 2020, 43(1): 1-7.
[11]	蒋芳, 张南飞, 胡艳军, 王翊. 基于BP神经网络的CSI无源目标分类方法[J]. 北京邮电大学学报, 2020, 43(1): 40-45.
[12]	任佳智, 田辉, 聂高峰. 基于本地内容流行度预测的主动缓存策略[J]. 北京邮电大学学报, 2020, 43(1): 80-91.
[13]	徐九韵, 孙忠顺, 张如如. 基于链路预测的手机节能方法[J]. 北京邮电大学学报, 2020, 43(1): 8-13,27.
[14]	李晓辉, 杜洋帆, 石潇竹, 杨胥. 基于信道模糊关联识别的NLOS测距误差补偿算法[J]. 北京邮电大学学报, 2020, 43(1): 21-27.
[15]	李鹏, 王德勇, 师文喜, 姜志国. 大数据环境下基于深度学习的行人再识别[J]. 北京邮电大学学报, 2019, 42(6): 29-34.