AGGRANDIZING THE BEAST'S LIMBS: PATULOUS CODE REUSE ATTACK ON ARM ARCHITECTURE

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

AMINMANSOUR FARZANE; SHAHRIARI HAMID REZA

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY Year:2016 | Volume:8 | Issue:1 Page(s): 39-52

Download Full-Text

Persian Verion

View:

489

Download:

378

Cites:

Information Journal Paper

Title

AGGRANDIZING THE BEAST'S LIMBS: PATULOUS CODE REUSE ATTACK ON ARM ARCHITECTURE

Author(s)

AMINMANSOUR FARZANE | SHAHRIARI HAMID REZA | Issue Writer Certificate

Keywords

CODE REUSE ATTACKQ2

ARM ARCHITECTUREQ2

ANDROIDQ2

RETURN ORIENTED PROGRAMMINGQ2

Abstract

Since smartphones are usually personal devices full of private information, they are a popular target for a vast variety of real-world attacks such as CODE REUSE ATTACK (CRA). CRAs enable attackers to execute any arbitrary algorithm on a device without injecting an executable code. Since the standard platform for mobile devices is ARM ARCHITECTURE, we concentrate on available ARM-based CRAs. Currently, three types of CRAs are proposed on ARM ARCHITECTURE including Return2ZP, ROP, and BLX-attack in accordance to three sub-models available on X86. Ret2Libc, ROP, and JOP. In this paper, we have considered some unique aspects of ARM ARCHITECTURE to provide a general model for CODE REUSE ATTACKs called Patulous CODE REUSE ATTACK (PCRA). Our attack applies all available machine instructions that change Program Counter (PC) as well as direct or indirect branches in order to deploy the principles of CRA convention. We have demonstrated the effectiveness of our approach by defining five different sub-models of PCRA, explaining the algorithm of finding PCRA gadgets, introducing a useful set of gadgets, and providing a sample proof of concept exploit on ANDROID 4.4 platform.

Cites

No record.

References

No record.

Cite

APA: Copy

AMINMANSOUR, FARZANE, & SHAHRIARI, HAMID REZA. (2016). AGGRANDIZING THE BEAST'S LIMBS: PATULOUS CODE REUSE ATTACK ON ARM ARCHITECTURE. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 8(1 ), 39-52. SID. https://sid.ir/paper/241798/en

Vancouver: Copy

AMINMANSOUR FARZANE, SHAHRIARI HAMID REZA. AGGRANDIZING THE BEAST'S LIMBS: PATULOUS CODE REUSE ATTACK ON ARM ARCHITECTURE. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY[Internet]. 2016;8(1 ):39-52. Available from: https://sid.ir/paper/241798/en

IEEE: Copy

FARZANE AMINMANSOUR, and HAMID REZA SHAHRIARI, “AGGRANDIZING THE BEAST'S LIMBS: PATULOUS CODE REUSE ATTACK ON ARM ARCHITECTURE,” THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 8, no. 1 , pp. 39–52, 2016, [Online]. Available: https://sid.ir/paper/241798/en

Related Journal Papers