Protection against reverse engineering in ARM

Yehuda, Raz Ben; Zaidenberg, Nezer Jacob

doi:10.1007/s10207-019-00450-1

Cited by 8 publications

(9 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Figures 3 and 4 depict the main difference in the infrastructures. Our Nanovisor provides a trusted execution environment (TEE) through a fast Nanovisor RPC [2]. The Nanovisor performs the computation and aggregation of addresses generated by the program's flow.…”

Section: Control Flow Attestation For Linuxmentioning

confidence: 99%

“…Program Q (Figure 5) is a background process that serves the Nanovisor requests from the protected program. Parts of Q execute in HYP mode through the use of our Nanovisor RPC [2]. Q loads when the computer boots and waits in the background.…”

Section: Instrumentedmentioning

confidence: 99%

“…Such access is usually available only to the SoM (System On a Module) vendor. Here, we provide a similar but more straightforward approach using our a dedicated Nanovisor [2]. In this paper, we extend C-FLAT and eliminate the following limitations:…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Nanovised Control Flow Attestation

2022

Self Cite

View full text Add to dashboard Cite

This paper presents an improvement of control flow attestation (C-FLAT) for Linux. C-FLAT is a control attestation system for embedded devices. It was implemented as a software executing in ARM’s TrustZone on bare-metal devices. We extend the design and implementation of C-FLAT through the use of a type 2 Nanovisor in the Linux operating system. We call our improved system “C-FLAT Linux”. Compared to the original C-FLAT, C-FLAT Linux reduces processing overheads and is able to detect the SlowLoris attack. We describe the architecture of C-FLAT Linux and provide extensive measurements of its performance in benchmarks and real-world scenarios. In addition, we demonstrate the detection of the SlowLoris attack on the Apache web server.

show abstract

Section: Control Flow Attestation For Linuxmentioning

confidence: 99%

Section: Instrumentedmentioning

confidence: 99%

See 1 more Smart Citation

Nanovised Control Flow Attestation

2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…Then, when OP-TEE runs these functions, it decrypts them into the cache, validates the TA, and evicts the processors' cache. Using this method [54], an attacker would have to time his attack to get the code. However, combining this method with ASLR impedes the attack.…”

Section: Mitigationmentioning

confidence: 99%

Attacking TrustZone on devices lacking memory protection

Stajnrod

Yehuda

Zaidenberg

2021

J Comput Virol Hack Tech

Self Cite

View full text Add to dashboard Cite

ARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the system. In this paper, we present a DMA attack tutorial from the insecure world onto the secure world, and the design and implementation of this attack in a real insecure hardware.

show abstract

“…Therefore, in order to solve the security problem of the Android system layer, there is an urgent need for a more reliable and secure solution. Because SEAndroid needs to rely on a trusted kernel, hardware virtualization technology is currently considered too expensive and low versatility [25]. Therefore, this paper uses TrustZone technology to study the Android system layer kernel.…”

Section: Introductionmentioning

confidence: 99%

From Hardware to Operating System: A Static Measurement Method of Android System Based on TrustZone

Hei

Gao

Wang

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Android system has been one of the main targets of hacker attacks for a long time. At present, it is faced with security risks such as privilege escalation attacks, image tampering, and malicious programs. In view of the above risks, the current detection of the application layer can no longer guarantee the security of the Android system. The security of mobile terminals needs to be fully protected from the bottom to the top, and the consistency test of the hardware system is realized from the hardware layer of the terminal. However, there is not a complete set of security measures to ensure the reliability and integrity of the Android system at present. Therefore, from the perspective of trusted computing, this paper proposes and implements a trusted static measurement method of the Android system based on TrustZone to protect the integrity of the system layer and provide a trusted underlying environment for the detection of the Android application layer. This paper analyzes from two aspects of security and efficiency. The experimental results show that this method can detect the Android system layer privilege escalation attack and discover the rootkit that breaks the integrity of the Android kernel in time during the startup process, and the performance loss of this method is within the acceptable range.

show abstract

Protection against reverse engineering in ARM

Cited by 8 publications

References 21 publications

Nanovised Control Flow Attestation

Nanovised Control Flow Attestation

Attacking TrustZone on devices lacking memory protection

From Hardware to Operating System: A Static Measurement Method of Android System Based on TrustZone

Contact Info

Product

Resources

About