Change search
Refine search result
1 - 8 of 8
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Duarte, Nuno O.
    et al.
    Univ Lisbon, INESC ID IST, Lisbon, Portugal..
    Yalew, Sileshi Demesie
    KTH.
    Santos, Nuno
    Univ Lisbon, INESC ID IST, Lisbon, Portugal..
    Correia, Miguel
    Univ Lisbon, INESC ID IST, Lisbon, Portugal..
    Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions2018In: Proceedings Of The 15Th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services  (MOBIQUITOUS 2018), Association for Computing Machinery (ACM), 2018, p. 302-311Conference paper (Refereed)
    Abstract [en]

    The increase of personal data on mobile devices has been followed by legislation that forces service providers to process and maintain users' data under strict data protection policies. In this paper, we propose a new primitive for mobile applications called auditable mobile function (AMF) to help service providers enforcing such policies by enabling them to process sensitive data within users' devices and collecting proofs of function execution integrity. We present SafeChecker, a computation verification system that provides mobile application support for AMFs, and evaluate the practicality of different usage scenario AMFs on TrustZone-enabled hardware.

  • 2. Guerra, M.
    et al.
    Taubmann, B.
    Reiser, H. P.
    Yalew, Sileshi Demesie
    KTH.
    Correia, M.
    Introspection for ARM TrustZone with the ITZ library2018In: Proceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018, Institute of Electrical and Electronics Engineers (IEEE), 2018, p. 123-134, article id 8424964Conference paper (Refereed)
    Abstract [en]

    TrustZone is an extension of the ARM architecture that allows software executed in ARM processors to be split in two environments: the normal world that runs a common operating system (e.g., Android or Linux) and its applications, and the secure world that runs security services or others that need to be isolated from the normal world. This work aims to provide support for analyzing the security status of the normal world from the secure world. For this purpose, we present a Virtual Machine Introspection (VMI) library that leverages the TrustZone architecture. VMI tools and the library run in the secure world and inspect the normal world. We present an experimental evaluation of the library in an i.MX53 development board.

  • 3.
    Yalew, Sileshi Demesie
    KTH, School of Electrical Engineering and Computer Science (EECS), Software and Computer systems, SCS.
    Mobile Device Security with ARM TrustZone2018Doctoral thesis, monograph (Other academic)
    Abstract [en]

    Mobile devices such as smartphones are becoming the majority of computing devices due to their evolving capabilities. Currently, service providers such as nancial and healthcare institutions oer services to their clients using smartphone applications (apps). Many of these apps run on Android, the most adopted mobile operating system (OS) today. Since smartphones are designed to be carried around all the time, many persons use them to store their private data. However, the popularity of Android and the open nature of its app marketplaces make it a prime target for malware. This situation puts data stored in smartphones in jeopardy, as it can be stealthily stolen or modied by malware that infects the device.

    With the increasing popularity of smartphones and the increasing amount of personal data  stored on these devices, mobile device security has drawn signicant attention from both industry and academia. As a result, several security mechanisms and tools such as anti-malware software have been proposed for mobile OSs to improve the privacy of private data and to mitigate some of the security risks associated with mobile devices. However, these tools and mechanisms run in the device and assume that the mobile OS is trusted, i.e., that it is part of the trusted computing base (TCB). However, current malware often disables anti-malware software when it infects a device. For mobile phones this trend started more than a decade ago with malware such as the Metal Gear Trojan and Cabir.M, and continues to this day, e.g., with HijackRAT. In this work, we use the ARM TrustZone, a security extension for ARM processors that provides a hardware-assisted isolated environment, to implement security services that are protected from malware even if the mobile OS is compromised.

    In this thesis, we investigate two approaches to address some of the security risks associated with Android-based devices. In the rst approach, we present security services to detect intrusions in mobile devices. We design and implement services for posture assessment (which evaluates the level of trust we can have in the device), for dynamic analysis (which performs dynamic (runtime) analysis of apps using traces of Android application programming interface (API) function calls and kernel syscalls to detect apps for malware), and for authenticity detection (which provides assurance of the authenticity and integrity of apps running on mobile devices). In the second approach, we design and implement a backup and recovery system to protect mobile devices from attacks caused by ransomware attacks, system errors, etc. Finally, we develop a software framework to facilitate the development of security services for mobile devices by combining components of the above services. As proof-of-concept, we implemented a prototype for each service and made experimental evaluations using an i.MX53 development board with an ARM processor with TrustZone.

  • 4.
    Yalew, Sileshi Demesie
    et al.
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS. Universidade de Lisboa, Portugal.
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Correia, Miguel
    Universidade de Lisboa, Portugal.
    Light-SPD: a platform to prototype secure mobile applications2016In: Proceedings of the 1st ACM Workshop on Privacy-Aware Mobile Computing (PAMCO '16), New York, NY, USA: Association for Computing Machinery (ACM), 2016, p. 11-20Conference paper (Refereed)
    Abstract [en]

    Securely storing sensitive personal data is critical for protecting privacy. Currently, many persons use smartphones to store their private data. However, smartphones suffer from many security issues. To overcome this situation, the PCAS project is designing a secure personal storage device called the Secure Portable Device (SPD), to be attached to a smartphone for securely storing sensitive personal data. However, this device is unavailable, closed, and expensive to deploy for prototyping applications. We propose a platform that emulates the SPD and the smartphone using a board with an ARM processor with the TrustZone security extension. This platform is open, inexpensive, and secure. A payment application is used as an example to show the platform's capabilities. As a proof-of-concept, we implemented this platform and provide a performance evaluation using a i.MX53 board.

  • 5.
    Yalew, Sileshi Demesie
    et al.
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Haridi, Seif
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
    Correia, Miguel
    INESC-ID & Instituto Superior Tecnico, Portugal.
    DroidPosture: A Trusted Posture Assessment Service for Mobile Devices2017In: Proceedings of the 13th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 1-8Conference paper (Refereed)
    Abstract [en]

    Mobile devices such as smartphones are becoming the majority among computing devices. Currently, millions of persons use such devices to store and process personal data. Unfortunately, smartphones running Android are increasingly being targeted by hackers and infected with malware. Antimalware software is being used to address this situation, but it may be subverted by the same malware it aims to detect.

    We present DROIDPOSTURE, a posture assessment service for Android devices. This service aims to securely evaluate the level of trust we can have on a device (assess its posture) even if the mobile OS is compromised. For that to be possible, DROIDPOSTURE is protected using TrustZone, a security extension for ARM processors. DROIDPOSTURE is configurable with a set of application and kernel analysis mechanisms that enable detecting malicious applications and rootkits. We implemented a DROIDPOSTURE prototype using a hardware board with an ARM processor with TrustZone, and evaluated its performance and security.

  • 6.
    Yalew, Sileshi Demesie
    et al.
    KTH, School of Information and Communication Technology (ICT). Univ Lisbon, INESC ID, Inst Super Tecn, Lisbon, Portugal.
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT).
    Haridi, Seif
    KTH, School of Information and Communication Technology (ICT).
    Correia, Miguel
    INESC-ID & Instituto Superior Tecnico, Portugal.
    Hail to the Thief: Protecting Data from Mobile Ransomware with ransomSafeDroid2017In: 2017 IEEE 16th International Symposium on Network Computing and Applications, NCA 2017 / [ed] Gkoulalasdivanis, A Correia, MP Avresky, DR, Institute of Electrical and Electronics Engineers (IEEE), 2017, Vol. 2017, p. 351-358Conference paper (Refereed)
    Abstract [en]

    The growing popularity of Android and the increasing amount of sensitive data stored in mobile devices have lead to the dissemination of Android ransomware. Ransomware is a class of malware that makes data inaccessible by blocking access to the device or, more frequently, by encrypting the data; to recover the data, the user has to pay a ransom to the attacker. A solution for this problem is to backup the data. Although backup tools are available for Android, these tools may be compromised or blocked by the ransomware itself. This paper presents the design and implementation of RANSOMSAFEDROID, a TrustZone based backup service for mobile devices. RANSOMSAFEDROID is protected from malware by leveraging the ARM TrustZone extension and running in the secure world. It does backup of files periodically to a secure local persistent partition and pushes these backups to external storage to protect them from ransomware. Initially, RANSOMSAFEDROID does a full backup of the device filesystem, then it does incremental backups that save the changes since the last backup. As a proof-of-concept, we implemented a RANSOMSAFEDROID prototype and provide a performance evaluation using an i.MX53 development board.

  • 7.
    Yalew, Sileshi Demesie
    et al.
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Haridi, Seif
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
    Correia, Miguel
    Universidade de Lisboa, Portugal..
    T2Droid: A TrustZone-Based Dynamic Analyser for Android Applications2017In: Proceedings - 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems, Trustcom/BigDataSE/ICESS 2017, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 240-247, article id 8029446Conference paper (Refereed)
    Abstract [en]

    Android has become the most widely used mobile operating system (OS) in recent years. There is much research on methods for detecting malicious Android applications. Dynamic analysis methods detect such applications by evaluating their behaviour during execution. However, such mechanisms may be ineffective as malware is often able to disable antimalware software. This paper presents the design of T2DROID, a dynamic analyser for Android that uses traces of Android API function calls and kernel syscalls, and that is protected from malware by leveraging the ARM TrustZone security extension. In our experimental evaluation T2DROID achieved accuracy and precision of 0.98 and 0.99, respectively, with a kNN classifier.

  • 8.
    Yalew, Sileshi Demesie
    et al.
    Univ Lisbon, Inst Super Tecn, INESD ID, Lisbon, Portugal.
    Mendonca, Pedro
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Haridi, Seif
    KTH, School of Information and Communication Technology (ICT).
    Correia, Miguel
    TruApp: A TrustZone-based Authenticity Detection Service for Mobile Apps2017In: 2017 IEEE 13TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB), IEEE , 2017Conference paper (Refereed)
    Abstract [en]

    In less than a decade, mobile apps became an integral part of our lives. In several situations it is important to provide assurance that a mobile app is authentic, i.e., that it is indeed the app produced by a certain company. However, this is challenging, as such apps can be repackaged, the user malicious, or the app tampered with by an attacker. This paper presents the design of TRUAPP, a software authentication service that provides assurance of the authenticity and integrity of apps running on mobile devices. TRUAPP provides such assurance, even if the operating system is compromised, by leveraging the ARM TrustZone hardware security extension. TRUAPP uses a set of techniques (static watermarking, dynamic watermarking, and cryptographic hashes) to verify the integrity of the apps. The service was implemented in a hardware board that emulates a mobile device, which was used to do a thorough experimental evaluation of the service.

1 - 8 of 8
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf