Psios bring your own privacy security to ios devices
Download
1 / 17

PSiOS: Bring Your Own Privacy & Security to iOS Devices - PowerPoint PPT Presentation


  • 116 Views
  • Uploaded on

PSiOS: Bring Your Own Privacy & Security to iOS Devices. Ahmad-Reza Sadeghi Werthmann ,Ralf Hund Thorsten Holz Lucas Davi Authors Sravya Avasarala Presenter. Outline. Introduction

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' PSiOS: Bring Your Own Privacy & Security to iOS Devices' - eitan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Psios bring your own privacy security to ios devices

PSiOS: Bring Your Own Privacy & Security to iOS Devices

Ahmad-Reza Sadeghi Werthmann ,Ralf Hund

Thorsten Holz

Lucas Davi

Authors

Sravya Avasarala

Presenter


Outline
Outline Devices

  • Introduction

  • Background and problem description

  • High level idea

  • Design of PSiOS

  • Implementation

  • Conclusion


Introduction
Introduction Devices

  • Smartphone and tablet computers have become ubiquitous

  • Privacy and security concerns arise

  • iOS assigns general sandboxing profile contradicts the least privilege principle

  • Developers must adhere to certain guidelines

  • Mitigation static analysis tool PSiOSto identify privacy leaks


  • No solid privacy framework for iOS Devices

  • Challenges: closed source nature and dynamic nature of Objective –C

  • Key Idea: detect and prevent privacy leaks by providing specific sandboxing profile to applications

  • Protection layer between applications and Objective-C runtime environment

  • Monitors application’s execution

  • Operates directly on application binary


Psios
PSiOS Devices

  • This framework policy is implemented in a tool- PSiOS

  • Provides user driven and fine grained sandboxing profile.

  • User driven  update sandboxing w/o recompiling

  • Fine grained  user or admin specifies privileges assigned to an application

  • Prevents attackers from exploiting vulnerabilities.


Background and problem description
Background and Problem Description Devices

  • 4 layers:

    • Application layer

    • Cocoa layer

    • Core Service layer

    • Core OS layer


Ios background
iOS background Devices

  • Generic sandboxingprofile

  • Objective-C frameworks-public and private

Problemdescription

  • iOS sandboxing is based on kernel module adopted from TurboBSD

  • Allows access to public frameworks

  • Several attacks reported

  • Supports sandboxing at kernel level

  • Provides coarse-grained sandboxing

  • Individual sandboxing rules can be bound to mobile apps using entitlement

  • Drawback of entitlement: requested by the developers and included in digital signature of the application.


High level idea
High Level Idea Devices

  • PSiOS: user-defined sandboxing profile for each application

  • New module between application layer and Cocoa touch layer policy enforcement

  • This component mediates every access request to Objective –C runtime and frameworks and system calls.

  • Enforces rules on every request and checks that the policy is not violated and then forwards request to destination

  • Control flow attacks are handled by enforcing CFI


Design of psios
Design of PSiOS Devices

  • 3 phases:

    • Static analysis(offline)

    • Binary rewriting(load-time)

    • CFI and policy enforcement(execution time)


  • Leverage DevicesMoCFI to derive CFG

  • Implement a static objective-c analyzer to identify used classes and methods

  • When app is launched, perform binary rewriting

  • Leverage binary rewriting to insert checkpoints into the app that will be reached whenever an app aims at accessing runtime, frameworks and system call wrapper

  • At execution time,

    • Objective-C analyzer handles incompleteness of static analysis process

    • CFI ensures control flow of app through CFG

    • Policy enforcement validates if requests adhere to given policy rules


  • Static Analysis: Devices

    • Implements Objective-C analyzer to identify all classes, methods and inheritance relationships

  • Binary Rewriting and Runtime Enforcement

    • Rewriting after app loader has verified application signature

    • PSiOS rewrites all access requests to the Objective-C runtime to insert checkpoints.

    • Objective-C analyzer requests runtime information that were not obtained during static analysis)

    • At execution, PSiOS ensures the request follows CFG and adheres to rules


  • Policy Enforcement: Devices

    • Supports 3 policy enforcement types: Log, Exit and Replace

    • Log: Ensures all policy violations are recorded by the system.

    • Exit: Restrictive, terminates process immediately on a policy violation

    • Replace: Allows the application to continue executing, but PSiOS replaces the return values of the Objective-C runtime with shadow data.



Architecture of psios1
Architecture of PSiOS Devices

  • PSiOS: user-defined sandboxing profile for each application

  • New module between application layer and Cocoa touch layer policy enforcement

  • This component mediates every access request to Objective –C runtime and frameworks and system calls.

  • Enforces rules on every request and checks that the policy is not violated and then forwards request to destination

  • Control flow attacks are handled by enforcing CFI


Implementation and evaluation
Implementation and Evaluation Devices

  • Implementation of PSiOS on a prototype that supports iOS version 4.3.2, 4.3.3, 5.0.1, and 5.1.1.

  • Evaluation using SpyPhone ( an iOS app specifically meant to steal sensitive information)

  • Applied PSiOS on various apps like Whatsapp, Facebook, Instagram.

  • Performance:

    • Negligible overhead

    • Slight slowdown of RAM speed


Conclusion
Conclusion Devices

  • A new policy enforcement framework for iOS

  • Fine grained control, application-specific and user-defined sandboxing for application without access to source code

  • Secure


Thank you
THANK DevicesYOU!!!


ad