Quality, Reliability and Security Study of Vendor Customized Android Applications

Jingzheng Wu, Zhifei Wu, Mutian Yang, Tianyue Luo, Yanjun Wu, Yongji Wang

Android now has 83 percent of the smartphone market, many vendors benefiting from market growth. It is generally accepted that the world’s major vendors have better quality assurance for their products. However, because of the fragmentation of Android platform, the different quality management system and the different ability of developers, the vendor customized Android applications suffer from the quality, reliability and security problems. In this paper, we designed QRS framework to assess the quality of the vendor customized applications. In particular, we defined 7 quality, reliability and security related rules, and reversed all the customized applications of 12 representative Android smartphones. The evaluation results show that even if the world’s major vendors still lack of quality assurance, and almost all of the customized applications extracted from the examined smartphones have at least one quality, reliability or security related problem. We suggest the vendors should strictly test the quality of their products.

Outsourcing Secure Two-Party Computation as a Black Box

Henry Carter, Benjamin Mood, Patrick Traynor, Kevin Butler

Secure multiparty computation (SMC) offers a technique to preserve functionality and data privacy in mobile applications. Current protocols that make this costly cryptographic construction feasible on mobile devices securely outsource the bulk of the computation to a cloud provider. However, these outsourcing techniques are built on specific secure computation assumptions and tools, and applying new SMC ideas to the outsourced setting requires the protocols to be completely rebuilt and proven secure. In this work, we develop a generic technique for lifting any secure two-party computation protocol into an outsourced two-party SMC protocol. By augmenting the function being evaluated with auxiliary consistency checks and input values, we can create an outsourced protocol with low overhead cost. Our implementation and evaluation show that in the best case, our outsourcing additions execute within the confidence intervals of two servers running the same computation, and consume approximately the same bandwidth. In addition, the mobile device itself uses minimal bandwidth over a single round of communication. This work demonstrates that efficient outsourcing is possible with any underlying SMC scheme, and provides an outsourcing protocol that is efficient and directly applicable to current and future SMC techniques.

Dereference Under the Influence (DUI) – You Can’t Afford It

Hong Hu, Zheng Leong Chua, Prateek Saxena, Zhenkai Liang

One way to enhance software security is to isolate important code and data. In such a mechanism, different components/programs are isolated from each other, and access is only provided through limited interfaces. However, the interface still provides attackers with a channel to influence the code being protected, where normal code can be leveraged by attackers to perform arbitrary memory accesses. In this paper, we present a systematic method to detect such dereference under the influence (DUI) vulnerability through binary analysis. Our solution detects DUI and estimates the attackers’ capability that can be obtained through DUI exploits. Our evaluation shows that our approach can accurately identify code vulnerable to DUIs in real-world software components and programs.

Korean Shellcode with ROP Based Decoding

Ji-Hyeon Yoon, Hae Young Lee

Although we can hide shellcode in plain text (e.g., English shellcode), due to the signature of its decoder, it can be detected by defensive measures. In this paper, we present an approach to hide shellcode in Unicode encoded Korean text and to reconstruct it based on return-oriented programming. In our approach, shellcode is hidden within Korean text in the form of Chinese characters. By overwriting return addresses on the stack, control flow is directed through existing instructions, so that shellcode is reconstructed and then executed. Our approach is simple, yet it may be effective against payload inspection as well as last branch recording based defensive measures. With some modifications, we may hide shellcode in East Asian text and reconstruct other plain text encoded shellcode without the use of a decoder.

SIPD: A Practical SDN-based IP Spoofing Defense Method

Chen Li, Yu Ding, Tongxin Li, Jun Li, Xinhui Han

IP spoofing has become one of major threats to the Internet, while popular defense methods like ingress/egress filtering cannot stop IP spoofing effectively.  This poster introduces SIPD, a feasible and scalable SDN-based IP spoofing defense method, which runs on the SDN controller and is compatible with the OpenFlow specification. It can automatically generate filtering rules and corporate with other SDNs that support SIPD. SIPD enforced SDN can detect all the intra-AS IP spoofing packets and most of the inter-AS IP spoofing packets.

Chobham: Taming JIT-ROP Attacks

Ben Niu, Gang Tan

The JIT-ROP attack is an advanced ROP attack form targeting modern web browsers. It uses JavaScript to dynamically read code pages, harvest ROP gadgets, and compile the attack payload using these gadgets. To the best of our knowledge, there is no known defense against JIT-ROP.

We present an approach dubbed Chobham to taming JIT-ROP. Considering the entire browser as a JIT compiler, Chobham adopts RockJIT to secure the browser’s code and the JITcompiled code. Since RockJIT enforces fine-grained control-flow integrity, it makes chaining ROP gadgets significantly hard. Then, three additional methods are proposed to further secure the web browser. First, Chobham deploys input-triggered CFG generation to further improve the precision of the enforced CFG. Second, Chobham randomizes the order of callee-saved registers in function epilogues at load time, which makes it hard for attackers to reliably control registers using call-preceded gadgets. Third, Chobham allocates a dedicated heap zone for all sensitive C++ and JavaScript objects (e.g., DOM nodes), and sanitizes such objects’ data access methods to ensure their accesses fall in the heap zone. The code and stack are never in the heap zone to prevent the JavaScript code from reading code pages.

Effectiveness and Soundness of Commercial Password Strength Meters

Shukun Yang, Shouling Ji, Xin Hu, and Raheem Beyah

We present a novel and comprehensive examination of the effectiveness and soundness of commercial password meters and their impacts on password security. The experiments are backed with a collection of state-of-the-art password cracking algorithms in both academia and industry. We show that some of the popular meters are stunningly inaccurate.

Detecting Browser-Based Probing Attacks via Behavior Analysis

Yue Chen, Yaoqi Jia, Jian Mao, Zhenkai Liang

We develop a solution to automatically detect probing behaviors in malicious websites. We intercept essential API calls, which are among the interfaces between major browser components, such as the document object model (DOM) and the JavaScript engine. As an example, the behaviors we monitor include DOM modification and system resource access. We then analyze the behaviors intercepted, and detect the abnormal behaviors demonstrated by the malicious websites.