Visible to the public Protecting mobile devices from physical memory attacks with targeted encryption

TitleProtecting mobile devices from physical memory attacks with targeted encryption
Publication TypeConference Paper
Year of Publication2019
AuthorsGuan, Le, Cao, Chen, Zhu, Sencun, Lin, Jingqiang, Liu, Peng, Xia, Yubin, Luo, Bo
Conference NameProceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks
Date Publishedmay
PublisherAssociation for Computing Machinery
Conference LocationMiami, Florida
ISBN Number978-1-4503-6726-4
Keywordscomposability, memory encryption, Metrics, Physical attack, pubcrawl, taint analysis
AbstractSensitive data in a process could be scattered over the memory of a computer system for a prolonged period of time. Unfortunately, DRAM chips were proven insecure in previous studies. The problem becomes worse in the mobile environment, in which users' smartphones are easily lost or stolen. The powered-on phones may contain sensitive data in the vulnerable DRAM chips. In this paper, we propose MemVault, a mechanism to protect sensitive data in Android devices against physical memory attacks. MemVault keeps track of the propagation of well-marked sensitive data sources, and selectively encrypts tainted sensitive memory contents in the DRAM chip. When a tainted object is accessed, MemVault redirects the access to the internal RAM (iRAM), where the cipher-text object is decrypted transparently. iRAM is a system-on-chip (SoC) component which is by nature immune to physical memory exploits. We have implemented a MemVault prototype system, and have evaluated it with extensive experiments. Our results validate that MemVault effectively eliminates the occurrences of clear-text sensitive objects in DRAM chips, and imposes acceptable overheads.
URLhttps://doi.org/10.1145/3317549.3319721
DOI10.1145/3317549.3319721
Citation Keyguan_protecting_2019