Protecting Mobile Devices from Physical Memory Attacks with - - PowerPoint PPT Presentation

protecting mobile devices from physical memory attacks
SMART_READER_LITE
LIVE PREVIEW

Protecting Mobile Devices from Physical Memory Attacks with - - PowerPoint PPT Presentation

Dec 26, 2022 8 likes •318 views

Protecting Mobile Devices from Physical Memory Attacks with Targeted Encryption Le Guan , Chen Cao, Sencun Zhu, Jingqiang Lin, Peng Liu, Yubin Xia, and Bo Luo Why do Physical-space Threats Concern for SmartPhones? Why do Physical-space Threats

slide-1
SLIDE 1

Protecting Mobile Devices from Physical Memory Attacks with Targeted Encryption

Le Guan, Chen Cao, Sencun Zhu, Jingqiang Lin, Peng Liu, Yubin Xia, and Bo Luo

slide-2
SLIDE 2

Why do Physical-space Threats Concern for SmartPhones?

slide-3
SLIDE 3

Why do Physical-space Threats Concern for SmartPhones?

  • Smartphones are easy to be lost
  • r stolen
  • Powered-on smartphones run

hundreds of background apps

  • Once stolen/lost, attackers

physically possess the smartphones and sensitive data retain on the phone

  • Password, bank account, health

data, etc.

https://patriotpower.ogsd.net/2650/news/the-lost-phone-retriever/

slide-4
SLIDE 4

Why do Physical-space Threats Concern for SmartPhones?

  • Smartphones are easy to be lost
  • r stolen
  • Powered-on smartphones run

hundreds of background apps

  • Once stolen/lost, attackers

physically possess the smartphones and sensitive data retain on the phone

  • Password, bank account, health

data, etc.

https://www.theexplode.com/stolen-phone-by-imei-number/

slide-5
SLIDE 5

Why do Physical-space Threats Concern for SmartPhones?

  • Smartphones are easy to be lost
  • r stolen
  • Powered-on smartphones run

hundreds of background apps

  • Once stolen/lost, attackers

physically possess the smartphones and sensitive data retain on the phone

  • Password, bank account, health

data, etc.

slide-6
SLIDE 6

Why do Physical-space Threats Concern for SmartPhones?

  • Smartphones are easy to be lost
  • r stolen
  • Powered-on smartphones run

hundreds of background apps

  • Once stolen/lost, attackers

physically possess the smartphones and sensitive data retain on the phone

  • Password, bank account, health

data, etc.

slide-7
SLIDE 7

Why do Physical-space Threats Concern for SmartPhones?

  • Smartphones are easy to be lost
  • r stolen
  • Powered-on smartphones run

hundreds of background apps

  • Once stolen/lost, attackers

physically possess the smartphones and sensitive data retain on the phone

  • Password, bank account, health

data, etc.

slide-8
SLIDE 8

DRAM is a Low-hanging Fruit for Attackers

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Bus

slide-9
SLIDE 9

DRAM is a Low-hanging Fruit for Attackers

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Bus

slide-10
SLIDE 10

DRAM is a Low-hanging Fruit for Attackers

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Bus

slide-11
SLIDE 11

DRAM is a Low-hanging Fruit for Attackers

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Bus

slide-12
SLIDE 12

DRAM is a Low-hanging Fruit for Attackers

  • When the smartphone is locked,

how can an attacker extract sensitive data?

  • Modern smartphones enforce

full disk encryption

  • Off-chip DRAM is problematic!

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Bus

slide-13
SLIDE 13

DRAM is a Low-hanging Fruit for Attackers

  • When the smartphone is locked,

how can an attacker extract sensitive data?

  • Modern smartphones enforce

full disk encryption

  • Off-chip DRAM is problematic!

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Bus

slide-14
SLIDE 14

Attacks to DRAM

slide-15
SLIDE 15

Attacks to DRAM

slide-16
SLIDE 16

Attacks to DRAM

  • DDR bus monitoring
  • Cold boot attack
slide-17
SLIDE 17

Attacks to DRAM

  • DDR bus monitoring
  • Cold boot attack

https://www.futureplus.com

slide-18
SLIDE 18

Attacks to DRAM

  • DDR bus monitoring
  • Cold boot attack

https://www1.informatik.uni-erlangen.de/frost

slide-19
SLIDE 19

MemVault – Memory Vault

  • Avoid using DRAM to store cleartext

sensitive data

Processor Core Logic Instruction Cache Data Cache On-Chip RAM/iRAM

External RAM Controller Off-Chip DRAM Off-Chip ROM

Immunity to Physical Attacks Capacity Controllability Intrusiveness OCRAM /iRAM ✓ ~ 128 - 256 KB Memory Mapped Not in used after booting Cache ✓ ~ 1 MB Transparent Always in used

slide-20
SLIDE 20

Why OCRAM/iRAM is immune to Physical Attacks?

  • DDR bus monitoring
  • No external pins
  • Cold boot attack
  • Attacker cannot remove OCRAM/iRAM and install it to another machine
  • SoC bootup code is mandatory for SoC to reboot
  • The code clears OCRAM/iRAM automatically
slide-21
SLIDE 21

Questions to Answer

  • iRAM has limited size
  • Encrypt data on DRAM
  • Leave “hot” data in cleartext in iRAM
  • Performance overhead
  • Only encrypt sensitive data
  • How to determine sensitive data?
  • Let developers tell us
  • Developers cannot tell if intermediate results are sensitive
  • Taint analysis based on TaintDroid
  • Developers only determine the taint source
slide-22
SLIDE 22

MemVault – Overview

DRAM Tainted Object Taint Source Stack Frames Dummy Stack Frame Encrypted Object DRAM iRAM Vault T2 S T1 T1 S T2 S T2 Untainted Object

slide-23
SLIDE 23

MemVault – Stack Protection

Stack Frame 0 Stack Frame 1 Stack Frame 1 Current Frame Pointer (FP) Grow Downwards 0x00000000 0xFFFFFFFF

  • Local variables on the

interpreter stack

  • If a variable is tainted, the stack

frame is moved to iRAM

  • No tainted value is ever written

to the original stack frame

  • New stack frame in iRAM has a

pointer to track the origin stack frame for stack maintenance

slide-24
SLIDE 24

MemVault – Object Protection

Object in the DRAM Trampoline Object in the iRAM

  • A trampoline for each object
  • If pointer to trampoline is NULL,

the object is never tainted

  • If the trampoline pointer is non-

NULL, the object might be tainted and the object is encrypted

  • If iramObj is null, the encrypted
  • bject is decrypted to iRAM
  • If iramObj is non-null, the cleartext
  • bject is directly addressable
  • Next and previous for LRU
  • iRAM has limited space
  • Cleartext references for GC
slide-25
SLIDE 25

Key Management

  • Key is randomly generated per app
  • AES in CTR mode
  • Virtual address of the object is used as IV
  • Key and key schedules are also kept in iRAM
  • Key is discarded when the app terminates
slide-26
SLIDE 26

Implementation

  • On top of TaintDroid (port to Android 4.4.3)
  • Encryption/decryption is implemented as a redirection layer of the

interpreter

Instruction Format Instruction Semantics Instrumentation move-op-R vA vA ← R S_DS & S_IS iget-op vA vB fC vA ← vB(fC) R & S_DS & S_IS … … … S_IS: Switch to iRAM stack, if working on DRAM stack and the resulting stack is tainted S_DS: Switch to DRAM stack, if working on iRAM stack and the resulting stack is untainted R: Redirect object access if necessary

slide-27
SLIDE 27

Evaluation

  • WordPress
  • Password
  • BankDroid
  • Account Number
  • Password
  • KeePass
  • MasterKey
  • Password
  • K-9 email client
  • Password
  • Email

private synchronized void loadAccount(Preferences preferences) { Storage storage = preferences.getStorage(); mStoreUri = Base64.decode(storage.getString(mUuid + ".storeUri", null)); + MemVault.addTaintArray(mStoreUri); ... } Code snippet of K-9 email client

slide-28
SLIDE 28

Evaluation - Performance

A n d r

  • i

d T a i n t D r

  • i

d M e m V a u l t A n d r

  • i

d T a i n t D r

  • i

d M e m V a u l t A n d r

  • i

d T a i n t D r

  • i

d M e m V a u l t A n d r

  • i

d T a i n t D r

  • i

d M e m V a u l t 100 200 300 400 500 600

K-9 KeePass BankDroid

Power Consumption (Joules/hour) Net CPU LCD

WordPress

TaintDroid + 18.8% MemVault + 37.2 % WordPress BankDroid KeePass K-9 Android 985 239 79 269 TaintDroid 1001 247 82 277 MemVault 1008 248 83 277 App Start Time (in ms) Additional Power Consumption

slide-29
SLIDE 29

Comparison with Existing Memory Encryption Solutions

Architecture Software Environment Granularity Code Modification Memory Limitation Overhead Cryptkeeper x86 Linux 4 KB None ✓ 1.09x∼9.00x RamCrypt x86 Linux 4 KB None ✓ 1.25x∼2.70x Bear ARM Micro-Kernel 16B ~ 128 KB Significant ✓ 1.50x∼3.40x Esorics’17 x86 Linux 16 B None/Significa nt ✓ 1.17x∼10.00x+ Case ARM Slef-contained Whole app Significant 32 KB 1.03x Sentry ARM Android 4 KB None ✓ 1.48x∼2.74x MemVault ARM Android Object Trivial ✓ 1.37x

slide-30
SLIDE 30

Conclusion

  • MemVault is able to minimize the exposure of sensitive data in DRAM
  • MemVault only needs minor modifications to the source code
  • MemVault selectively encrypts sensitive data to improve performance
  • Limitations
  • MemVault only protects data within Dalvik virtual machine
  • E.g., the buffer of the touchscreen driver cannot be protected
  • TaintDroid has false negative
  • Future direction
  • Chip level full memory encryption (like Intel SGX or AMD SME)
slide-31
SLIDE 31

Thanks!

leguan@cs.uga.edu