Security for Apple iOS Mobile Applications


Apple is Popular with Mobile Developers

With billions of apps downloaded from the Apple app store, Apple iOS support is near-mandatory for mobile developers. The range of apps available is continuing to grow as well, as digital media providers, enterprises and other software developers are taking their core apps and making them available for mobile consumers. This means that more and more, critical code is being globally distributed on Apple iOS devices as feature-rich apps provide consumers with mobile access to premium content and sensitive information.

iOS Apps are Vulnerable

Like other mobile code or for that matter, desktop code or embedded code, Apple apps are vulnerable to discovery and compromise. Readily available toolkits can be used by hackers to compromise Apple iOS code through:

  • Readily available toolkits can be used by hackers to compromise Apple iOS code through:
    • Reverse-engineering
    • Disassembly
    • Debugging
    • Malware insertion
  • iOS apps can be exploited on jailbroken device
  • In a matter of minutes, hackers can compromise critical business & security policies
  • Mobile device management (MDM) and home-grown solutions alone are not enough as they can be easily by-passed by sophisticated hackers targeting the application.

Top iOS Mobile App Threats

1.Tampering with Jailbreak-Detection Logic 
2.Repackaging of iOS App IPA’s
3.Reverse-Engineering and Exploitation of Objective-C Class Interfaces and Message Passing
4.Exposure and Exploitation of Program Symbols
5.Exposure and Exploitation of Unencrypted String Literals
6.Tampering with Critical Decision-Making Control Flows 
7.Intercepting and Compromising System Library API’s 
8.Reverse-Engineering and Tampering with Cryptographic Keys and Operations
9.Reverse-Engineering and Intercepting Credentials
10.Reverse-Engineering and Lifting Proprietary Algorithms

 

See How To Hack An App Video Series to learn more.  


Arxan's Solution For Apple iOS

Arxan’s EnsureIT for Apple iOS delivers automated embedded software protection that is easy to deploy, durable and resilient. EnsureIT defends, detects and reacts to attempted attacks by deploying various security techniques (called Guards) directly into the software code of each application. Our approach involves layered protection of diverse Guard types that provide control, trust and tamper-resistance for the application.

Core Features

  • Tamper resistant jailbreak detection
  • Tunable security for mobile platforms and their application offerings
  • Layered network of protections, with no single point of failure
  • Requires no changes to source code
  • Support within Xcode
  • Support for the ARM processor
  • Command line interface to integrate into build environment

Guards at work to protect iOS 24/7:

EnsureIT leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against tampering, piracy, and theft. The following table summarizes the types of Guards that can be leveraged to protect iOS apps:

iOS_Defense_In_Depth

 

The functions performed by each of these Guards are described below: 

Class of Defense Guard Type Function
DEFEND Obfuscation Transforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original
  Objective-C Renaming Renames symbol information found in metadata to ensure hackers do not have a “high-way map” of the code structure to prevent information leakage 
  String Encryption Encrypts string literals and decryption at run -time
  Resource Verification Protects against static modification of files located in application package
DETECT Debugger Detection Detects whether a program has been executing in a debugging environment
  Checksum Detects whether a program has been modified by computing checksum within a specified range
  Jailbreak Detection Detects if an app is running in a jailbroken environment, and can trigger customized reactions to safeguard critical information
  Damage

Damages a specified range at runtime with random bytes or user-specified bytes

  Swizzle Detection Detects Objective-C method swizzling
  Hook Detection Detects whether an attacker has overridden a called function that resides in a system library or within the application
REACT Repair Self-repairs any damaged or tampered code/data

 


The following exhibit shows where EnsureIT® is applied in order to transform an unprotected application into a protected application. EnsureIT® Guards are applied at the Bit Code and Executable code levels.  

EnsureIT_process

 


 

Terms of Use|Site Map

Ā© 2014 Arxan Technologies, Inc. All Rights Reserved.