SlideShare ist ein Scribd-Unternehmen logo

Embedded Fest 2019. Володимир Шанойло. High FIVE: Samsung integrity protection of Android applications

E
EmbeddedFest

Доповідь представить рішення з безпеки під назвою FIVE від компанії Samsung. Метою FIVE є моніторинг цілісності процесів Android та детектування зловмисних спроб модифікації оригінальних додатків та системних компонентів. Ми поговоримо про можливі сценарії атак, спрямованих на цілісність додатків, зануримось у процес встановлення Java-додатків та розкажемо про проблеми, пов'язані з підрахунком та подальшою перевіркою цілісності нативних та Java програм. Наостанок ми покажемо, як саме FIVE захищає цілісність Android-додатків на телефонах Samsung.

Bildung
1 von 22
High FIVE: Samsung integrity protection of Android applications Volodymyr Shanoilo, CISSP Samsung R&D Institute Ukraine
CONTENTS • Integrity-affecting attack scenarios • Integrity of native and Java applications • Chain of Trust • Introduction of FIVE solution • Conclusions
INTRODUCTION
DEFINE INTEGRITY Data integrity – assurance of the accuracy and consistency of data System integrity – absence of unauthorized modifications to the system Application integrity process memory integrity, ability of the app to do what it is supposed to do
IMPORTANCE • TrustZone apps need to verify authenticity and integrity of the client app • Highly secured device: kill all apps with broken integrity • Applications attestation
ATTACK SCENARIOS • Modify main executable on disk – Runs whenever the modified app is launched – Runs with privileges of the original app (can be System) – Trusted by a user • Modify shared library – Affects multiple applications – Harder to detect • Run-time modification
ATTACK TARGETS Native components • System daemons • System utilities • System libraries Java components • System services • .so modules (JNI) • User applications
MITIGATION: NATIVE COMPONENTS • ELF is never modified • Located on read-only partition • Protected by dm-verity
MITIGATION: JAVA COMPONENTS apk is protected • Java apk is signed by a developer • Signature is verified at installation time apk != installed app • Unpacking files to disk • Ahead of Time (AOT) optimization • No direct connection between original apk and installed app
ANDROID CHAIN OF TRUST
TrustZone CHAIN OF TRUST Bootloader ROM Secure Boot Key Secure Bootloader Bootloader Linux Kernel Android TIMA Periodic Kernel Measurements Signature Signature SignatureSignature https://images.samsung.com/is/content/samsung/p5/ch/business/enterprise-edition/Samsung_Knox_Whitepaper.pdf App FIVE TIMA Real-time Kernel Protection (Hypervisor)
SAMSUNG FIVEIle-based ntegrity rifier
COMPONENTS OF FIVE • Kernel module • Hooks to syscalls • Package Manager Patch • Android Run Time Patch • TrustZone application Linux Kernel TrustZone Android Kernel module Trusted app ART Patch Package Manager Patch Hooks
NATIVE COMPONENTS PROTECTION • Signed at build time with RSA • FIVE kernel module hooks exec(), clone(), fork(), mmap() – Signature checked at process start – Signature is checked at library mapping • dm-verity checks signature of /system and /vendor partitions • /system and /vendor partitions mounted as read-only
JAVA COMPONENTS • Application installation • Application start
Android JAVA COMPONENTS: INSTALLATION apk_signer Linux Kernel Kernel module SHA256 File for signing TrustZone HMAC Trusted app HMAC fcntl() fcntl() DUHK SHA256 dex2oat Package Manager .so apk dex Device-Unique Hardware Key (DUHK)
Linux Kernel TrustZone Kernel module SHA256 Android JAVA COMPONENTS: APP START fork() File for check HMAC Trusted app status DUHK SHA256 == HMAC ART mmap() fcntl() odex file .so file apk file hook hook ART Hooks Hooks Device-Unique Hardware Key (DUHK)
App2App2 .so App1 .so.so JAVA COMPONENTS: MISUSE • Attack: substitute application components – Inject component of one apk to another apk – All components are signed • Mitigation: use certificate record – HMAC – DUHK – Developer public key .so .so File HMAC Pub keySHA256 DUHK .so Certificate record
LEVELS OF TRUST Preloaded – All objects RSA-signed or dm-verity protected Mixed – at least one object is HMAC-signed No integrity – at least one object has no signature or is corrupted
RUN-TIME PROTECTION • ptrace() and process_vm_writev() syscalls hooked • If a trace is detected, integrity is reset Malicious Target App 010011010010 011110101101 110101010101 ptrace()
LIMITATIONS • Trust to Kernel – Compromised kernel -> compromised FIVE • No protection against vulnerabilities in the application itself – These attacks do not tamper integrity
Thank you! Icons used in the presentation are Designed by Freepik Designed by Yannick Lung Designed by fontawesome.com Designed by Zlatko Najdenovski under Creative Commons (Attribution 3.0 Unported) Designed by Alpár-Etele Méder under Creative Commons (Attribution 3.0 Unported)

Empfohlen

Securing Docker Containers
Securing Docker ContainersSecuring Docker Containers
Securing Docker ContainersBlack Duck by Synopsys
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliveryBlack Duck by Synopsys
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Kangaroot
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beMandi Walls
 
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Black Duck by Synopsys
 
Contain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidenceContain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidenceBlack Duck by Synopsys
 
Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)Nagaraju Repala
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckBlack Duck by Synopsys
 

Empfohlen

Securing Docker Containers
Securing Docker ContainersSecuring Docker Containers
Securing Docker ContainersBlack Duck by Synopsys
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliveryBlack Duck by Synopsys
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Kangaroot
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beMandi Walls
 
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Black Duck by Synopsys
 
Contain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidenceContain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidenceBlack Duck by Synopsys
 
Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)Hp fortify source code analyzer(sca)
Hp fortify source code analyzer(sca)Nagaraju Repala
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckBlack Duck by Synopsys
 
Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technologyFrank Victory
 
Building Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpecBuilding Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpecMandi Walls
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeHARMAN Services
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
CNIT 128: 3. Attacking iOS Applications (Part 2)
CNIT 128: 3. Attacking iOS Applications (Part 2)CNIT 128: 3. Attacking iOS Applications (Part 2)
CNIT 128: 3. Attacking iOS Applications (Part 2)Sam Bowne
 
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Perforce
 
Evaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkEvaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkSandeep Jayashankar
 
Building a high quality+ products with SCA
Building a high quality+ products with SCABuilding a high quality+ products with SCA
Building a high quality+ products with SCASuman Sourav
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...The Linux Foundation
 
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsAn Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsEnclaveSecurity
 
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Christian Schneider
 
Fortify dev ops (002)
Fortify dev ops (002)Fortify dev ops (002)
Fortify dev ops (002)Madhavan Marimuthu
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016The Linux Foundation
 
All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015NetSPI
 
XPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
XPDDS19: When Unikraft Meets Arm64 - Jia He, ArmXPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
XPDDS19: When Unikraft Meets Arm64 - Jia He, ArmThe Linux Foundation
 
Source Code Scanners
Source Code ScannersSource Code Scanners
Source Code ScannersPawel Krawczyk
 
Practical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourcePractical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourceBlack Duck by Synopsys
 
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil KumarAdopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil KumarXP Conference India
 
KARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live PatchingKARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live PatchingYue Chen
 
Application Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeApplication Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeDenis Gundarev
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 

Weitere ähnliche Inhalte

Was ist angesagt?

Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technologyFrank Victory
 
Building Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpecBuilding Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpecMandi Walls
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeHARMAN Services
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
CNIT 128: 3. Attacking iOS Applications (Part 2)
CNIT 128: 3. Attacking iOS Applications (Part 2)CNIT 128: 3. Attacking iOS Applications (Part 2)
CNIT 128: 3. Attacking iOS Applications (Part 2)Sam Bowne
 
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Perforce
 
Evaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkEvaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkSandeep Jayashankar
 
Building a high quality+ products with SCA
Building a high quality+ products with SCABuilding a high quality+ products with SCA
Building a high quality+ products with SCASuman Sourav
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...The Linux Foundation
 
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsAn Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsEnclaveSecurity
 
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Christian Schneider
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016The Linux Foundation
 
All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015NetSPI
 
XPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
XPDDS19: When Unikraft Meets Arm64 - Jia He, ArmXPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
XPDDS19: When Unikraft Meets Arm64 - Jia He, ArmThe Linux Foundation
 
Practical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourcePractical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourceBlack Duck by Synopsys
 
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil KumarAdopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil KumarXP Conference India
 
KARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live PatchingKARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live PatchingYue Chen
 

Was ist angesagt? (20)

Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technology
 
Building Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpecBuilding Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpec
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile Practice
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote World
 
CNIT 128: 3. Attacking iOS Applications (Part 2)
CNIT 128: 3. Attacking iOS Applications (Part 2)CNIT 128: 3. Attacking iOS Applications (Part 2)
CNIT 128: 3. Attacking iOS Applications (Part 2)
 
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
 
Evaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK FrameworkEvaluating container security with ATT&CK Framework
Evaluating container security with ATT&CK Framework
 
Building a high quality+ products with SCA
Building a high quality+ products with SCABuilding a high quality+ products with SCA
Building a high quality+ products with SCA
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
 
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
XPDS16: A Paravirtualized Interface for Socket Syscalls - Dimitri Stiliadis, ...
 
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsAn Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security Assessments
 
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
 
Fortify dev ops (002)
Fortify dev ops (002)Fortify dev ops (002)
Fortify dev ops (002)
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016
 
All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015
 
XPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
XPDDS19: When Unikraft Meets Arm64 - Jia He, ArmXPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
XPDDS19: When Unikraft Meets Arm64 - Jia He, Arm
 
Source Code Scanners
Source Code ScannersSource Code Scanners
Source Code Scanners
 
Practical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourcePractical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open Source
 
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil KumarAdopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
Adopting agile in an embedded platform Suryakiran Kasturi & Akhil Kumar
 
KARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live PatchingKARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live Patching
 

Ähnlich wie Embedded Fest 2019. Володимир Шанойло. High FIVE: Samsung integrity protection of Android applications

Application Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeApplication Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeDenis Gundarev
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 
CNIT 128 Ch 4: Android
CNIT 128 Ch 4: AndroidCNIT 128 Ch 4: Android
CNIT 128 Ch 4: AndroidSam Bowne
 
Application Virtualization overview - BayCUG
Application Virtualization overview - BayCUGApplication Virtualization overview - BayCUG
Application Virtualization overview - BayCUGDenis Gundarev
 
Android Penetration testing - Day 2
Android Penetration testing - Day 2 Android Penetration testing - Day 2
Android Penetration testing - Day 2Mohammed Adam
 
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015Ajin Abraham
 
Proactive Security AppSec Case Study
Proactive Security AppSec Case StudyProactive Security AppSec Case Study
Proactive Security AppSec Case StudyAndy Hoernecke
 
Android village @nullcon 2012
Android village @nullcon 2012 Android village @nullcon 2012
Android village @nullcon 2012 hakersinfo
 
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Ajin Abraham
 
Hacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSHacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSEC-Council
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseNetSPI
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldLINE Corporation
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Docker, Inc.
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseScott Sutherland
 

Ähnlich wie Embedded Fest 2019. Володимир Шанойло. High FIVE: Samsung integrity protection of Android applications (20)

Application Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeApplication Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternative
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
 
CNIT 128 Ch 4: Android
CNIT 128 Ch 4: AndroidCNIT 128 Ch 4: Android
CNIT 128 Ch 4: Android
 
Mobile security
Mobile securityMobile security
Mobile security
 
Application Virtualization overview - BayCUG
Application Virtualization overview - BayCUGApplication Virtualization overview - BayCUG
Application Virtualization overview - BayCUG
 
Android Penetration testing - Day 2
Android Penetration testing - Day 2 Android Penetration testing - Day 2
Android Penetration testing - Day 2
 
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
 
Securing the Container Pipeline
Securing the Container PipelineSecuring the Container Pipeline
Securing the Container Pipeline
 
Containers and Security for DevOps
Containers and Security for DevOpsContainers and Security for DevOps
Containers and Security for DevOps
 
Proactive Security AppSec Case Study
Proactive Security AppSec Case StudyProactive Security AppSec Case Study
Proactive Security AppSec Case Study
 
Android village @nullcon 2012
Android village @nullcon 2012 Android village @nullcon 2012
Android village @nullcon 2012
 
128-ch4.pptx
128-ch4.pptx128-ch4.pptx
128-ch4.pptx
 
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
 
Hacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSHacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OS
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
 
Implementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok
 
Computer Fundamentals
Computer FundamentalsComputer Fundamentals
Computer Fundamentals
 
Computer fundamental
Computer fundamentalComputer fundamental
Computer fundamental
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 

Mehr von EmbeddedFest

Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practiceEmbedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practiceEmbeddedFest
 
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theoryEmbedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theoryEmbeddedFest
 
Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...
Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...
Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...EmbeddedFest
 
Embedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hood
Embedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hoodEmbedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hood
Embedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hoodEmbeddedFest
 
Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...
Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...
Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...EmbeddedFest
 
Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...
Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...
Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...EmbeddedFest
 
Embedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to Cloud
Embedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to CloudEmbedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to Cloud
Embedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to CloudEmbeddedFest
 
Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...
Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...
Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...EmbeddedFest
 
Embedded Fest 2019. Іван Пустовіт. From AOSP to Android powered device
Embedded Fest 2019. Іван Пустовіт. From AOSP to Android powered deviceEmbedded Fest 2019. Іван Пустовіт. From AOSP to Android powered device
Embedded Fest 2019. Іван Пустовіт. From AOSP to Android powered deviceEmbeddedFest
 

Mehr von EmbeddedFest (9)

Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practiceEmbedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
 
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theoryEmbedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
 
Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...
Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...
Embedded Fest 2019. Віталій Нужний. The Mobility Revolution: the Software tha...
 
Embedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hood
Embedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hoodEmbedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hood
Embedded Fest 2019. Игорь Опанюк. Das U-boot v2019: a look under the hood
 
Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...
Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...
Embedded Fest 2019. Константин Белоусов. Исключения и прерывания на amd64: ка...
 
Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...
Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...
Embedded Fest 2019. Dov Nimratz. Artificial Intelligence in Small Embedded Sy...
 
Embedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to Cloud
Embedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to CloudEmbedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to Cloud
Embedded Fest 2019. Антон Волошин. Connected Mobility: from Vehicle to Cloud
 
Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...
Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...
Embedded Fest 2019. Игорь Таненков и Игорь Успеньев. Action Recognition from ...
 
Embedded Fest 2019. Іван Пустовіт. From AOSP to Android powered device
Embedded Fest 2019. Іван Пустовіт. From AOSP to Android powered deviceEmbedded Fest 2019. Іван Пустовіт. From AOSP to Android powered device
Embedded Fest 2019. Іван Пустовіт. From AOSP to Android powered device
 

Kürzlich hochgeladen

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 

Kürzlich hochgeladen (20)

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Embedded Fest 2019. Володимир Шанойло. High FIVE: Samsung integrity protection of Android applications

  • 1. High FIVE: Samsung integrity protection of Android applications Volodymyr Shanoilo, CISSP Samsung R&D Institute Ukraine
  • 2. CONTENTS • Integrity-affecting attack scenarios • Integrity of native and Java applications • Chain of Trust • Introduction of FIVE solution • Conclusions
  • 4. DEFINE INTEGRITY Data integrity – assurance of the accuracy and consistency of data System integrity – absence of unauthorized modifications to the system Application integrity process memory integrity, ability of the app to do what it is supposed to do
  • 5. IMPORTANCE • TrustZone apps need to verify authenticity and integrity of the client app • Highly secured device: kill all apps with broken integrity • Applications attestation
  • 6. ATTACK SCENARIOS • Modify main executable on disk – Runs whenever the modified app is launched – Runs with privileges of the original app (can be System) – Trusted by a user • Modify shared library – Affects multiple applications – Harder to detect • Run-time modification
  • 7. ATTACK TARGETS Native components • System daemons • System utilities • System libraries Java components • System services • .so modules (JNI) • User applications
  • 8. MITIGATION: NATIVE COMPONENTS • ELF is never modified • Located on read-only partition • Protected by dm-verity
  • 9. MITIGATION: JAVA COMPONENTS apk is protected • Java apk is signed by a developer • Signature is verified at installation time apk != installed app • Unpacking files to disk • Ahead of Time (AOT) optimization • No direct connection between original apk and installed app
  • 11. TrustZone CHAIN OF TRUST Bootloader ROM Secure Boot Key Secure Bootloader Bootloader Linux Kernel Android TIMA Periodic Kernel Measurements Signature Signature SignatureSignature https://images.samsung.com/is/content/samsung/p5/ch/business/enterprise-edition/Samsung_Knox_Whitepaper.pdf App FIVE TIMA Real-time Kernel Protection (Hypervisor)
  • 13. COMPONENTS OF FIVE • Kernel module • Hooks to syscalls • Package Manager Patch • Android Run Time Patch • TrustZone application Linux Kernel TrustZone Android Kernel module Trusted app ART Patch Package Manager Patch Hooks
  • 14. NATIVE COMPONENTS PROTECTION • Signed at build time with RSA • FIVE kernel module hooks exec(), clone(), fork(), mmap() – Signature checked at process start – Signature is checked at library mapping • dm-verity checks signature of /system and /vendor partitions • /system and /vendor partitions mounted as read-only
  • 15. JAVA COMPONENTS • Application installation • Application start
  • 16. Android JAVA COMPONENTS: INSTALLATION apk_signer Linux Kernel Kernel module SHA256 File for signing TrustZone HMAC Trusted app HMAC fcntl() fcntl() DUHK SHA256 dex2oat Package Manager .so apk dex Device-Unique Hardware Key (DUHK)
  • 17. Linux Kernel TrustZone Kernel module SHA256 Android JAVA COMPONENTS: APP START fork() File for check HMAC Trusted app status DUHK SHA256 == HMAC ART mmap() fcntl() odex file .so file apk file hook hook ART Hooks Hooks Device-Unique Hardware Key (DUHK)
  • 18. App2App2 .so App1 .so.so JAVA COMPONENTS: MISUSE • Attack: substitute application components – Inject component of one apk to another apk – All components are signed • Mitigation: use certificate record – HMAC – DUHK – Developer public key .so .so File HMAC Pub keySHA256 DUHK .so Certificate record
  • 19. LEVELS OF TRUST Preloaded – All objects RSA-signed or dm-verity protected Mixed – at least one object is HMAC-signed No integrity – at least one object has no signature or is corrupted
  • 20. RUN-TIME PROTECTION • ptrace() and process_vm_writev() syscalls hooked • If a trace is detected, integrity is reset Malicious Target App 010011010010 011110101101 110101010101 ptrace()
  • 21. LIMITATIONS • Trust to Kernel – Compromised kernel -> compromised FIVE • No protection against vulnerabilities in the application itself – These attacks do not tamper integrity
  • 22. Thank you! Icons used in the presentation are Designed by Freepik Designed by Yannick Lung Designed by fontawesome.com Designed by Zlatko Najdenovski under Creative Commons (Attribution 3.0 Unported) Designed by Alpár-Etele Méder under Creative Commons (Attribution 3.0 Unported)