Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Mobile Device Security with ARM TrustZone
KTH, School of Electrical Engineering and Computer Science (EECS), Software and Computer systems, SCS.ORCID iD: 0000-0001-6477-8653
2018 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

Mobile devices such as smartphones are becoming the majority of computing devices due to their evolving capabilities. Currently, service providers such as nancial and healthcare institutions oer services to their clients using smartphone applications (apps). Many of these apps run on Android, the most adopted mobile operating system (OS) today. Since smartphones are designed to be carried around all the time, many persons use them to store their private data. However, the popularity of Android and the open nature of its app marketplaces make it a prime target for malware. This situation puts data stored in smartphones in jeopardy, as it can be stealthily stolen or modied by malware that infects the device.

With the increasing popularity of smartphones and the increasing amount of personal data  stored on these devices, mobile device security has drawn signicant attention from both industry and academia. As a result, several security mechanisms and tools such as anti-malware software have been proposed for mobile OSs to improve the privacy of private data and to mitigate some of the security risks associated with mobile devices. However, these tools and mechanisms run in the device and assume that the mobile OS is trusted, i.e., that it is part of the trusted computing base (TCB). However, current malware often disables anti-malware software when it infects a device. For mobile phones this trend started more than a decade ago with malware such as the Metal Gear Trojan and Cabir.M, and continues to this day, e.g., with HijackRAT. In this work, we use the ARM TrustZone, a security extension for ARM processors that provides a hardware-assisted isolated environment, to implement security services that are protected from malware even if the mobile OS is compromised.

In this thesis, we investigate two approaches to address some of the security risks associated with Android-based devices. In the rst approach, we present security services to detect intrusions in mobile devices. We design and implement services for posture assessment (which evaluates the level of trust we can have in the device), for dynamic analysis (which performs dynamic (runtime) analysis of apps using traces of Android application programming interface (API) function calls and kernel syscalls to detect apps for malware), and for authenticity detection (which provides assurance of the authenticity and integrity of apps running on mobile devices). In the second approach, we design and implement a backup and recovery system to protect mobile devices from attacks caused by ransomware attacks, system errors, etc. Finally, we develop a software framework to facilitate the development of security services for mobile devices by combining components of the above services. As proof-of-concept, we implemented a prototype for each service and made experimental evaluations using an i.MX53 development board with an ARM processor with TrustZone.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2018. , p. i-xiii, 180
Series
TRITA-EECS-AVL ; 2018:71
Keywords [en]
Android, ARM TrustZone, Malware Mobile Devices, Mobile Security, Trusted Computing
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:kth:diva-236975ISBN: 978-91-7729-962-2 (print)OAI: oai:DiVA.org:kth-236975DiVA, id: diva2:1257856
Public defence
2018-11-14, C-6, Electrum 229, SE-164 40 Kista, Stockholm, 14:30 (English)
Opponent
Supervisors
Note

QC 20181023

Available from: 2018-10-23 Created: 2018-10-22 Last updated: 2018-10-24Bibliographically approved

Open Access in DiVA

fulltext(1176 kB)275 downloads
File information
File name FULLTEXT01.pdfFile size 1176 kBChecksum SHA-512
78c3cdbf2170cf63d6e61246bd43fd9c51fcd053987d9cb5c4d235d1053a0692a04ea5753ff835b1c260e31b9765d27488dde1860ce7431320c68a1c30813cb4
Type fulltextMimetype application/pdf

Authority records BETA

Yalew, Sileshi Demesie

Search in DiVA

By author/editor
Yalew, Sileshi Demesie
By organisation
Software and Computer systems, SCS
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 275 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 589 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf