Endre søk
Link to record
Permanent link

Direct link
BETA
Yalew, Sileshi Demesie
Publikasjoner (5 av 5) Visa alla publikasjoner
Guerra, M., Taubmann, B., Reiser, H. P., Yalew, S. D. & Correia, M. (2018). Introspection for ARM TrustZone with the ITZ library. In: Proceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018: . Paper presented at 18th IEEE International Conference on Software Quality, Reliability, and Security, QRS 2018, Lisbon, Portugal, 16 July 2018 through 20 July 2018 (pp. 123-134). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8424964.
Åpne denne publikasjonen i ny fane eller vindu >>Introspection for ARM TrustZone with the ITZ library
Vise andre…
2018 (engelsk)Inngår i: Proceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018, Institute of Electrical and Electronics Engineers (IEEE), 2018, s. 123-134, artikkel-id 8424964Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

TrustZone is an extension of the ARM architecture that allows software executed in ARM processors to be split in two environments: the normal world that runs a common operating system (e.g., Android or Linux) and its applications, and the secure world that runs security services or others that need to be isolated from the normal world. This work aims to provide support for analyzing the security status of the normal world from the secure world. For this purpose, we present a Virtual Machine Introspection (VMI) library that leverages the TrustZone architecture. VMI tools and the library run in the secure world and inspect the normal world. We present an experimental evaluation of the library in an i.MX53 development board.

sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers (IEEE), 2018
Emneord
Introspection, Trusted execution environments, TrustZone, Virtualization
HSV kategori
Identifikatorer
urn:nbn:se:kth:diva-234100 (URN)10.1109/QRS.2018.00026 (DOI)2-s2.0-85052328245 (Scopus ID)9781538677575 (ISBN)
Konferanse
18th IEEE International Conference on Software Quality, Reliability, and Security, QRS 2018, Lisbon, Portugal, 16 July 2018 through 20 July 2018
Merknad

QC 20180905

Tilgjengelig fra: 2018-09-05 Laget: 2018-09-05 Sist oppdatert: 2018-09-05bibliografisk kontrollert
Duarte, N. O., Yalew, S. D., Santos, N. & Correia, M. (2018). Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions. In: Proceedings Of The 15Th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services  (MOBIQUITOUS 2018). Paper presented at 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous 2018, New York, United States, 5 November 2018 through 7 November 2018 (pp. 302-311). Association for Computing Machinery (ACM)
Åpne denne publikasjonen i ny fane eller vindu >>Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions
2018 (engelsk)Inngår i: Proceedings Of The 15Th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services  (MOBIQUITOUS 2018), Association for Computing Machinery (ACM), 2018, s. 302-311Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The increase of personal data on mobile devices has been followed by legislation that forces service providers to process and maintain users' data under strict data protection policies. In this paper, we propose a new primitive for mobile applications called auditable mobile function (AMF) to help service providers enforcing such policies by enabling them to process sensitive data within users' devices and collecting proofs of function execution integrity. We present SafeChecker, a computation verification system that provides mobile application support for AMFs, and evaluate the practicality of different usage scenario AMFs on TrustZone-enabled hardware.

sted, utgiver, år, opplag, sider
Association for Computing Machinery (ACM), 2018
Serie
ACM International Conference Proceeding Series
Emneord
Verifiable computing, Trusted computing, Data protection regulations, Auditable mobile functions
HSV kategori
Identifikatorer
urn:nbn:se:kth:diva-243009 (URN)10.1145/3286978.3287015 (DOI)000455808300032 ()2-s2.0-85060018187 (Scopus ID)9781450360937 (ISBN)
Konferanse
15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous 2018, New York, United States, 5 November 2018 through 7 November 2018
Merknad

QC 20190204

Tilgjengelig fra: 2019-02-04 Laget: 2019-02-04 Sist oppdatert: 2019-02-04bibliografisk kontrollert
Yalew, S. D. (2018). Mobile Device Security with ARM TrustZone. (Doctoral dissertation). Stockholm: KTH Royal Institute of Technology
Åpne denne publikasjonen i ny fane eller vindu >>Mobile Device Security with ARM TrustZone
2018 (engelsk)Doktoravhandling, monografi (Annet vitenskapelig)
Abstract [en]

Mobile devices such as smartphones are becoming the majority of computing devices due to their evolving capabilities. Currently, service providers such as nancial and healthcare institutions oer services to their clients using smartphone applications (apps). Many of these apps run on Android, the most adopted mobile operating system (OS) today. Since smartphones are designed to be carried around all the time, many persons use them to store their private data. However, the popularity of Android and the open nature of its app marketplaces make it a prime target for malware. This situation puts data stored in smartphones in jeopardy, as it can be stealthily stolen or modied by malware that infects the device.

With the increasing popularity of smartphones and the increasing amount of personal data  stored on these devices, mobile device security has drawn signicant attention from both industry and academia. As a result, several security mechanisms and tools such as anti-malware software have been proposed for mobile OSs to improve the privacy of private data and to mitigate some of the security risks associated with mobile devices. However, these tools and mechanisms run in the device and assume that the mobile OS is trusted, i.e., that it is part of the trusted computing base (TCB). However, current malware often disables anti-malware software when it infects a device. For mobile phones this trend started more than a decade ago with malware such as the Metal Gear Trojan and Cabir.M, and continues to this day, e.g., with HijackRAT. In this work, we use the ARM TrustZone, a security extension for ARM processors that provides a hardware-assisted isolated environment, to implement security services that are protected from malware even if the mobile OS is compromised.

In this thesis, we investigate two approaches to address some of the security risks associated with Android-based devices. In the rst approach, we present security services to detect intrusions in mobile devices. We design and implement services for posture assessment (which evaluates the level of trust we can have in the device), for dynamic analysis (which performs dynamic (runtime) analysis of apps using traces of Android application programming interface (API) function calls and kernel syscalls to detect apps for malware), and for authenticity detection (which provides assurance of the authenticity and integrity of apps running on mobile devices). In the second approach, we design and implement a backup and recovery system to protect mobile devices from attacks caused by ransomware attacks, system errors, etc. Finally, we develop a software framework to facilitate the development of security services for mobile devices by combining components of the above services. As proof-of-concept, we implemented a prototype for each service and made experimental evaluations using an i.MX53 development board with an ARM processor with TrustZone.

sted, utgiver, år, opplag, sider
Stockholm: KTH Royal Institute of Technology, 2018. s. i-xiii, 180
Serie
TRITA-EECS-AVL ; 2018:71
Emneord
Android, ARM TrustZone, Malware Mobile Devices, Mobile Security, Trusted Computing
HSV kategori
Identifikatorer
urn:nbn:se:kth:diva-236975 (URN)978-91-7729-962-2 (ISBN)
Disputas
2018-11-14, C-6, Electrum 229, SE-164 40 Kista, Stockholm, 14:30 (engelsk)
Opponent
Veileder
Merknad

QC 20181023

Tilgjengelig fra: 2018-10-23 Laget: 2018-10-22 Sist oppdatert: 2018-10-24bibliografisk kontrollert
Yalew, S. D., Maguire Jr., G. Q., Haridi, S. & Correia, M. (2017). Hail to the Thief: Protecting Data from Mobile Ransomware with ransomSafeDroid. In: Gkoulalasdivanis, A Correia, MP Avresky, DR (Ed.), 2017 IEEE 16th International Symposium on Network Computing and Applications, NCA 2017: . Paper presented at 16th IEEE International Symposium on Network Computing and Applications, NCA 2017, Cambridge, United States, 30 October 2017 through 1 November 2017 (pp. 351-358). Institute of Electrical and Electronics Engineers (IEEE), 2017
Åpne denne publikasjonen i ny fane eller vindu >>Hail to the Thief: Protecting Data from Mobile Ransomware with ransomSafeDroid
2017 (engelsk)Inngår i: 2017 IEEE 16th International Symposium on Network Computing and Applications, NCA 2017 / [ed] Gkoulalasdivanis, A Correia, MP Avresky, DR, Institute of Electrical and Electronics Engineers (IEEE), 2017, Vol. 2017, s. 351-358Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The growing popularity of Android and the increasing amount of sensitive data stored in mobile devices have lead to the dissemination of Android ransomware. Ransomware is a class of malware that makes data inaccessible by blocking access to the device or, more frequently, by encrypting the data; to recover the data, the user has to pay a ransom to the attacker. A solution for this problem is to backup the data. Although backup tools are available for Android, these tools may be compromised or blocked by the ransomware itself. This paper presents the design and implementation of RANSOMSAFEDROID, a TrustZone based backup service for mobile devices. RANSOMSAFEDROID is protected from malware by leveraging the ARM TrustZone extension and running in the secure world. It does backup of files periodically to a secure local persistent partition and pushes these backups to external storage to protect them from ransomware. Initially, RANSOMSAFEDROID does a full backup of the device filesystem, then it does incremental backups that save the changes since the last backup. As a proof-of-concept, we implemented a RANSOMSAFEDROID prototype and provide a performance evaluation using an i.MX53 development board.

sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers (IEEE), 2017
HSV kategori
Identifikatorer
urn:nbn:se:kth:diva-225237 (URN)10.1109/NCA.2017.8171377 (DOI)000426971900053 ()2-s2.0-85046532213 (Scopus ID)9781538614655 (ISBN)
Konferanse
16th IEEE International Symposium on Network Computing and Applications, NCA 2017, Cambridge, United States, 30 October 2017 through 1 November 2017
Merknad

QC 20180403

Tilgjengelig fra: 2018-04-03 Laget: 2018-04-03 Sist oppdatert: 2018-05-22bibliografisk kontrollert
Yalew, S. D., Mendonca, P., Maguire Jr., G. Q., Haridi, S. & Correia, M. (2017). TruApp: A TrustZone-based Authenticity Detection Service for Mobile Apps. In: 2017 IEEE 13TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB): . Paper presented at 13th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), OCT 09-11, 2017, Rome, ITALY. IEEE
Åpne denne publikasjonen i ny fane eller vindu >>TruApp: A TrustZone-based Authenticity Detection Service for Mobile Apps
Vise andre…
2017 (engelsk)Inngår i: 2017 IEEE 13TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB), IEEE , 2017Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

In less than a decade, mobile apps became an integral part of our lives. In several situations it is important to provide assurance that a mobile app is authentic, i.e., that it is indeed the app produced by a certain company. However, this is challenging, as such apps can be repackaged, the user malicious, or the app tampered with by an attacker. This paper presents the design of TRUAPP, a software authentication service that provides assurance of the authenticity and integrity of apps running on mobile devices. TRUAPP provides such assurance, even if the operating system is compromised, by leveraging the ARM TrustZone hardware security extension. TRUAPP uses a set of techniques (static watermarking, dynamic watermarking, and cryptographic hashes) to verify the integrity of the apps. The service was implemented in a hardware board that emulates a mobile device, which was used to do a thorough experimental evaluation of the service.

sted, utgiver, år, opplag, sider
IEEE, 2017
Serie
IEEE International Conference on Wireless and Mobile Computing Networking and Communications-WiMOB, ISSN 2160-4886
HSV kategori
Identifikatorer
urn:nbn:se:kth:diva-222218 (URN)10.1109/WiMOB.2017.8115820 (DOI)000419818000108 ()2-s2.0-85041407068 (Scopus ID)978-1-5386-3839-2 (ISBN)
Konferanse
13th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), OCT 09-11, 2017, Rome, ITALY
Merknad

QC 20180205

Tilgjengelig fra: 2018-02-05 Laget: 2018-02-05 Sist oppdatert: 2019-04-15bibliografisk kontrollert
Organisasjoner