Security for Apple iOS Mobile Applications


Apple is Popular with Mobile Developers

With billions of apps downloaded from the Apple app store, Apple iOS support is near-mandatory for mobile developers. The range of apps available is continuing to grow as well, as digital media providers, enterprises and other software developers are taking their core apps and making them available for mobile consumers. This means that more and more, critical code is being globally distributed on Apple iOS devices as feature-rich apps provide consumers with mobile access to premium content and sensitive information.

iOS Apps are Vulnerable

Like other mobile code or for that matter, desktop code or embedded code, Apple apps are vulnerable to discovery and compromise. Readily available toolkits can be used by hackers to compromise Apple iOS code through:

  • Readily available toolkits can be used by hackers to compromise Apple iOS code through:
    • Reverse-engineering
    • Disassembly
    • Debugging
    • Malware insertion
  • iOS apps can be exploited on jailbroken device
  • In a matter of minutes, hackers can compromise critical business & security policies
  • Mobile device management (MDM) and home-grown solutions alone are not enough as they can be easily by-passed by sophisticated hackers targeting the application.

Top iOS Mobile App Threats

  1. Tampering with Jailbreak-Detection Logic
  2. Repackaging of iOS App IPA’s
  3. Reverse-Engineering and Exploitation of Objective-C Class Interfaces and Message Passing
  4. Exposure and Exploitation of Program Symbols
  5. Exposure and Exploitation of Unencrypted String Literals
  6. Tampering with Critical Decision-Making Control Flows
  7. Intercepting and Compromising System Library API’s
  8. Reverse-Engineering and Tampering with Cryptographic Keys and Operations
  9. Reverse-Engineering and Intercepting Credentials
  10. Reverse-Engineering and Lifting Proprietary Algorithms

See How To Hack An App Video Series to learn more.


Arxan’s Solution For Apple iOS

Arxan’s EnsureIT for Apple iOS delivers automated embedded software protection that is easy to deploy, durable and resilient. EnsureIT defends, detects and reacts to attempted attacks by deploying various security techniques (called Guards) directly into the software code of each application. Our approach involves layered protection of diverse Guard types that provide control, trust and tamper-resistance for the application.

Core Features

  • Tamper resistant jailbreak detection
  • Tunable security for mobile platforms and their application offerings
  • Layered network of protections, with no single point of failure
  • Requires no changes to source code
  • Support within Xcode
  • Support for the ARM processor
  • Command line interface to integrate into build environment

Guards at work to protect iOS 24/7:

EnsureIT leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against tampering, piracy, and theft. The following table summarizes the types of Guards that can be leveraged to protect iOS apps:

iOS_Defense_In_Depth

 

The functions performed by each of these Guards are described below: 

Class of DefenseGuard TypeFunction
DEFENDObfuscationTransforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original
Objective-C RenamingRenames symbol information found in metadata to ensure hackers do not have a “high-way map” of the code structure to prevent information leakage
String EncryptionEncrypts string literals and decryption at run -time
Resource VerificationProtects against static modification of files located in application package
DETECTDebugger DetectionDetects whether a program has been executing in a debugging environment
ChecksumDetects whether a program has been modified by computing checksum within a specified range
Jailbreak DetectionDetects if an app is running in a jailbroken environment, and can trigger customized reactions to safeguard critical information
DamageDamages a specified range at runtime with random bytes or user-specified bytes
Swizzle DetectionDetects Objective-C method swizzling
Hook DetectionDetects whether an attacker has overridden a called function that resides in a system library or within the application
REACTRepairSelf-repairs any damaged or tampered code/data

 


The following exhibit shows where EnsureIT® is applied in order to transform an unprotected application into a protected application. EnsureIT® Guards are applied at the Bit Code and Executable code levels.

EnsureIT_process