TY - GEN
T1 - Protecting mobile devices from physical memory attacks with targeted encryption
AU - Guan, Le
AU - Cao, Chen
AU - Zhu, Sencun
AU - Lin, Jingqiang
AU - Liu, Peng
AU - Xia, Yubin
AU - Luo, Bo
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
PY - 2019/5/15
Y1 - 2019/5/15
N2 - Sensitive data in a process could be scattered over the memory of a computer system for a prolonged period of time. Unfortunately, DRAM chips were proven insecure in previous studies. The problem becomes worse in the mobile environment, in which users' smartphones are easily lost or stolen. The powered-on phones may contain sensitive data in the vulnerable DRAM chips. In this paper, we propose MemVault, a mechanism to protect sensitive data in Android devices against physical memory attacks. MemVault keeps track of the propagation of well-marked sensitive data sources, and selectively encrypts tainted sensitive memory contents in the DRAM chip. When a tainted object is accessed, MemVault redirects the access to the internal RAM (iRAM), where the cipher-text object is decrypted transparently. iRAM is a system-on-chip (SoC) component which is by nature immune to physical memory exploits. We have implemented a MemVault prototype system, and have evaluated it with extensive experiments. Our results validate that MemVault effectively eliminates the occurrences of clear-text sensitive objects in DRAM chips, and imposes acceptable overheads.
AB - Sensitive data in a process could be scattered over the memory of a computer system for a prolonged period of time. Unfortunately, DRAM chips were proven insecure in previous studies. The problem becomes worse in the mobile environment, in which users' smartphones are easily lost or stolen. The powered-on phones may contain sensitive data in the vulnerable DRAM chips. In this paper, we propose MemVault, a mechanism to protect sensitive data in Android devices against physical memory attacks. MemVault keeps track of the propagation of well-marked sensitive data sources, and selectively encrypts tainted sensitive memory contents in the DRAM chip. When a tainted object is accessed, MemVault redirects the access to the internal RAM (iRAM), where the cipher-text object is decrypted transparently. iRAM is a system-on-chip (SoC) component which is by nature immune to physical memory exploits. We have implemented a MemVault prototype system, and have evaluated it with extensive experiments. Our results validate that MemVault effectively eliminates the occurrences of clear-text sensitive objects in DRAM chips, and imposes acceptable overheads.
UR - http://www.scopus.com/inward/record.url?scp=85066741051&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85066741051&partnerID=8YFLogxK
U2 - 10.1145/3317549.3319721
DO - 10.1145/3317549.3319721
M3 - Conference contribution
AN - SCOPUS:85066741051
T3 - WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks
SP - 34
EP - 44
BT - WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks
PB - Association for Computing Machinery, Inc
T2 - 12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019
Y2 - 15 May 2019 through 17 May 2019
ER -