Ändra sökning
Länk till posten
Permanent länk

Direktlänk
BETA
Yalew, Sileshi Demesie
Publikationer (5 of 5) Visa alla publikationer
Guerra, M., Taubmann, B., Reiser, H. P., Yalew, S. D. & Correia, M. (2018). Introspection for ARM TrustZone with the ITZ library. In: Proceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018: . Paper presented at 18th IEEE International Conference on Software Quality, Reliability, and Security, QRS 2018, Lisbon, Portugal, 16 July 2018 through 20 July 2018 (pp. 123-134). Institute of Electrical and Electronics Engineers (IEEE), Article ID 8424964.
Öppna denna publikation i ny flik eller fönster >>Introspection for ARM TrustZone with the ITZ library
Visa övriga...
2018 (Engelska)Ingår i: Proceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018, Institute of Electrical and Electronics Engineers (IEEE), 2018, s. 123-134, artikel-id 8424964Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

TrustZone is an extension of the ARM architecture that allows software executed in ARM processors to be split in two environments: the normal world that runs a common operating system (e.g., Android or Linux) and its applications, and the secure world that runs security services or others that need to be isolated from the normal world. This work aims to provide support for analyzing the security status of the normal world from the secure world. For this purpose, we present a Virtual Machine Introspection (VMI) library that leverages the TrustZone architecture. VMI tools and the library run in the secure world and inspect the normal world. We present an experimental evaluation of the library in an i.MX53 development board.

Ort, förlag, år, upplaga, sidor
Institute of Electrical and Electronics Engineers (IEEE), 2018
Nyckelord
Introspection, Trusted execution environments, TrustZone, Virtualization
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:kth:diva-234100 (URN)10.1109/QRS.2018.00026 (DOI)2-s2.0-85052328245 (Scopus ID)9781538677575 (ISBN)
Konferens
18th IEEE International Conference on Software Quality, Reliability, and Security, QRS 2018, Lisbon, Portugal, 16 July 2018 through 20 July 2018
Anmärkning

QC 20180905

Tillgänglig från: 2018-09-05 Skapad: 2018-09-05 Senast uppdaterad: 2018-09-05Bibliografiskt granskad
Duarte, N. O., Yalew, S. D., Santos, N. & Correia, M. (2018). Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions. In: Proceedings Of The 15Th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services  (MOBIQUITOUS 2018). Paper presented at 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous 2018, New York, United States, 5 November 2018 through 7 November 2018 (pp. 302-311). Association for Computing Machinery (ACM)
Öppna denna publikation i ny flik eller fönster >>Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions
2018 (Engelska)Ingår i: Proceedings Of The 15Th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services  (MOBIQUITOUS 2018), Association for Computing Machinery (ACM), 2018, s. 302-311Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

The increase of personal data on mobile devices has been followed by legislation that forces service providers to process and maintain users' data under strict data protection policies. In this paper, we propose a new primitive for mobile applications called auditable mobile function (AMF) to help service providers enforcing such policies by enabling them to process sensitive data within users' devices and collecting proofs of function execution integrity. We present SafeChecker, a computation verification system that provides mobile application support for AMFs, and evaluate the practicality of different usage scenario AMFs on TrustZone-enabled hardware.

Ort, förlag, år, upplaga, sidor
Association for Computing Machinery (ACM), 2018
Serie
ACM International Conference Proceeding Series
Nyckelord
Verifiable computing, Trusted computing, Data protection regulations, Auditable mobile functions
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:kth:diva-243009 (URN)10.1145/3286978.3287015 (DOI)000455808300032 ()2-s2.0-85060018187 (Scopus ID)9781450360937 (ISBN)
Konferens
15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous 2018, New York, United States, 5 November 2018 through 7 November 2018
Anmärkning

QC 20190204

Tillgänglig från: 2019-02-04 Skapad: 2019-02-04 Senast uppdaterad: 2019-02-04Bibliografiskt granskad
Yalew, S. D. (2018). Mobile Device Security with ARM TrustZone. (Doctoral dissertation). Stockholm: KTH Royal Institute of Technology
Öppna denna publikation i ny flik eller fönster >>Mobile Device Security with ARM TrustZone
2018 (Engelska)Doktorsavhandling, monografi (Övrigt vetenskapligt)
Abstract [en]

Mobile devices such as smartphones are becoming the majority of computing devices due to their evolving capabilities. Currently, service providers such as nancial and healthcare institutions oer services to their clients using smartphone applications (apps). Many of these apps run on Android, the most adopted mobile operating system (OS) today. Since smartphones are designed to be carried around all the time, many persons use them to store their private data. However, the popularity of Android and the open nature of its app marketplaces make it a prime target for malware. This situation puts data stored in smartphones in jeopardy, as it can be stealthily stolen or modied by malware that infects the device.

With the increasing popularity of smartphones and the increasing amount of personal data  stored on these devices, mobile device security has drawn signicant attention from both industry and academia. As a result, several security mechanisms and tools such as anti-malware software have been proposed for mobile OSs to improve the privacy of private data and to mitigate some of the security risks associated with mobile devices. However, these tools and mechanisms run in the device and assume that the mobile OS is trusted, i.e., that it is part of the trusted computing base (TCB). However, current malware often disables anti-malware software when it infects a device. For mobile phones this trend started more than a decade ago with malware such as the Metal Gear Trojan and Cabir.M, and continues to this day, e.g., with HijackRAT. In this work, we use the ARM TrustZone, a security extension for ARM processors that provides a hardware-assisted isolated environment, to implement security services that are protected from malware even if the mobile OS is compromised.

In this thesis, we investigate two approaches to address some of the security risks associated with Android-based devices. In the rst approach, we present security services to detect intrusions in mobile devices. We design and implement services for posture assessment (which evaluates the level of trust we can have in the device), for dynamic analysis (which performs dynamic (runtime) analysis of apps using traces of Android application programming interface (API) function calls and kernel syscalls to detect apps for malware), and for authenticity detection (which provides assurance of the authenticity and integrity of apps running on mobile devices). In the second approach, we design and implement a backup and recovery system to protect mobile devices from attacks caused by ransomware attacks, system errors, etc. Finally, we develop a software framework to facilitate the development of security services for mobile devices by combining components of the above services. As proof-of-concept, we implemented a prototype for each service and made experimental evaluations using an i.MX53 development board with an ARM processor with TrustZone.

Ort, förlag, år, upplaga, sidor
Stockholm: KTH Royal Institute of Technology, 2018. s. i-xiii, 180
Serie
TRITA-EECS-AVL ; 2018:71
Nyckelord
Android, ARM TrustZone, Malware Mobile Devices, Mobile Security, Trusted Computing
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:kth:diva-236975 (URN)978-91-7729-962-2 (ISBN)
Disputation
2018-11-14, C-6, Electrum 229, SE-164 40 Kista, Stockholm, 14:30 (Engelska)
Opponent
Handledare
Anmärkning

QC 20181023

Tillgänglig från: 2018-10-23 Skapad: 2018-10-22 Senast uppdaterad: 2018-10-24Bibliografiskt granskad
Yalew, S. D., Maguire Jr., G. Q., Haridi, S. & Correia, M. (2017). Hail to the Thief: Protecting Data from Mobile Ransomware with ransomSafeDroid. In: Gkoulalasdivanis, A Correia, MP Avresky, DR (Ed.), 2017 IEEE 16th International Symposium on Network Computing and Applications, NCA 2017: . Paper presented at 16th IEEE International Symposium on Network Computing and Applications, NCA 2017, Cambridge, United States, 30 October 2017 through 1 November 2017 (pp. 351-358). Institute of Electrical and Electronics Engineers (IEEE), 2017
Öppna denna publikation i ny flik eller fönster >>Hail to the Thief: Protecting Data from Mobile Ransomware with ransomSafeDroid
2017 (Engelska)Ingår i: 2017 IEEE 16th International Symposium on Network Computing and Applications, NCA 2017 / [ed] Gkoulalasdivanis, A Correia, MP Avresky, DR, Institute of Electrical and Electronics Engineers (IEEE), 2017, Vol. 2017, s. 351-358Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

The growing popularity of Android and the increasing amount of sensitive data stored in mobile devices have lead to the dissemination of Android ransomware. Ransomware is a class of malware that makes data inaccessible by blocking access to the device or, more frequently, by encrypting the data; to recover the data, the user has to pay a ransom to the attacker. A solution for this problem is to backup the data. Although backup tools are available for Android, these tools may be compromised or blocked by the ransomware itself. This paper presents the design and implementation of RANSOMSAFEDROID, a TrustZone based backup service for mobile devices. RANSOMSAFEDROID is protected from malware by leveraging the ARM TrustZone extension and running in the secure world. It does backup of files periodically to a secure local persistent partition and pushes these backups to external storage to protect them from ransomware. Initially, RANSOMSAFEDROID does a full backup of the device filesystem, then it does incremental backups that save the changes since the last backup. As a proof-of-concept, we implemented a RANSOMSAFEDROID prototype and provide a performance evaluation using an i.MX53 development board.

Ort, förlag, år, upplaga, sidor
Institute of Electrical and Electronics Engineers (IEEE), 2017
Nationell ämneskategori
Data- och informationsvetenskap
Identifikatorer
urn:nbn:se:kth:diva-225237 (URN)10.1109/NCA.2017.8171377 (DOI)000426971900053 ()2-s2.0-85046532213 (Scopus ID)9781538614655 (ISBN)
Konferens
16th IEEE International Symposium on Network Computing and Applications, NCA 2017, Cambridge, United States, 30 October 2017 through 1 November 2017
Anmärkning

QC 20180403

Tillgänglig från: 2018-04-03 Skapad: 2018-04-03 Senast uppdaterad: 2018-05-22Bibliografiskt granskad
Yalew, S. D., Mendonca, P., Maguire Jr., G. Q., Haridi, S. & Correia, M. (2017). TruApp: A TrustZone-based Authenticity Detection Service for Mobile Apps. In: 2017 IEEE 13TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB): . Paper presented at 13th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), OCT 09-11, 2017, Rome, ITALY. IEEE
Öppna denna publikation i ny flik eller fönster >>TruApp: A TrustZone-based Authenticity Detection Service for Mobile Apps
Visa övriga...
2017 (Engelska)Ingår i: 2017 IEEE 13TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB), IEEE , 2017Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In less than a decade, mobile apps became an integral part of our lives. In several situations it is important to provide assurance that a mobile app is authentic, i.e., that it is indeed the app produced by a certain company. However, this is challenging, as such apps can be repackaged, the user malicious, or the app tampered with by an attacker. This paper presents the design of TRUAPP, a software authentication service that provides assurance of the authenticity and integrity of apps running on mobile devices. TRUAPP provides such assurance, even if the operating system is compromised, by leveraging the ARM TrustZone hardware security extension. TRUAPP uses a set of techniques (static watermarking, dynamic watermarking, and cryptographic hashes) to verify the integrity of the apps. The service was implemented in a hardware board that emulates a mobile device, which was used to do a thorough experimental evaluation of the service.

Ort, förlag, år, upplaga, sidor
IEEE, 2017
Serie
IEEE International Conference on Wireless and Mobile Computing Networking and Communications-WiMOB, ISSN 2160-4886
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:kth:diva-222218 (URN)10.1109/WiMOB.2017.8115820 (DOI)000419818000108 ()2-s2.0-85041407068 (Scopus ID)978-1-5386-3839-2 (ISBN)
Konferens
13th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), OCT 09-11, 2017, Rome, ITALY
Anmärkning

QC 20180205

Tillgänglig från: 2018-02-05 Skapad: 2018-02-05 Senast uppdaterad: 2019-04-15Bibliografiskt granskad
Organisationer

Sök vidare i DiVA

Visa alla publikationer