Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

T-MAC: Protecting Mandatory Access Control System Integrity from Malicious Execution Environment on ARM-Based Mobile Devices

  • Conference paper
  • First Online:
Information Security (ISC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10599))

Included in the following conference series:

Abstract

Mobile security has become increasingly important in mobile computing, hence mandatory access control (MAC) systems have been widely used to protect it. However, malicious code in the mobile system may have significantly impact to the integrity of these MAC systems by forcing them to make the wrong access control decision, because they are running on the same privilege level and memory address space. Therefore, for a trusted MAC system, it is desired to be isolated from the malicious mobile system at runtime. In this paper, we propose a trusted MAC isolation framework called T-MAC to solve this problem. T-Mac puts the MAC system into the enclave provided by the ARM TrustZone so as to avert the direct impact of the malicious code on the access decision process. In the meanwhile, T-MAC provides a MAC supplicant client which runs in the mobile system kernel to effectively lookup policy decisions made by the back-end MAC service in the enclave and to enforce these rules on the system with trustworthy behaviors. Moreover, to protect T-MAC components that are not in the enclave, we not only provide a protection mechanism that enables TrustZone to protect the specific memory region from the compromised system, but establish a secure communication channel between the mobile system and the enclave as well. The prototype is based on SELinux, which is the widely used MAC system, and the base of SEAndroid. The experimental results show that SELinux receives enough protection, and the performance degradation that ranges between 0.53% to 7.34% compared to the original by employing T-MAC.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Arm, A.: Security technology-building a secure system using TrustZone technology. ARM Technical White Paper (2009)

    Google Scholar 

  2. Azab, A.M., Ning, P., Shah, J., Chen, Q., Bhutkar, R., Ganesh, G., Ma, J., Shen, W.: Hypervision across worlds: real-time kernel protection from the ARM TrustZone secure world. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 90–102. ACM (2014)

    Google Scholar 

  3. Bugiel, S., Heuser, S., Sadeghi, A.R.: Towards a framework for android security modules: extending SE android type enforcement to android middleware. Cased. nr. Technical report, TUD-CS-2012-0231, 05 December 2012

    Google Scholar 

  4. Bugiel, S., Heuser, S., Sadeghi, A.R.: Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies. In: USENIX Security, pp. 131–146 (2013)

    Google Scholar 

  5. Carbone, R., Bean, C., Salois, M.: An in-depth analysis of the cold boot attack. DRDC Valcartier, Defence Research and Development, Canada, Technical report (2011)

    Google Scholar 

  6. Cheng, Y., Zhou, Z., Miao, Y., Ding, X., Deng, H., et al.: ROPecker: a generic and practical approach for defending against ROP attack (2014)

    Google Scholar 

  7. Criswell, J., Dautenhahn, N., Adve, V.: KCoFI: complete control-flow integrity for commodity operating system kernels. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 292–307. IEEE (2014)

    Google Scholar 

  8. Davi, L., Dmitrienko, A., Egele, M., Fischer, T., Holz, T., Hund, R., Nürnberger, S., Sadeghi, A.R.: MoCFI: a framework to mitigate control-flow attacks on Smartphones. In: NDSS, vol. 2, p. 27 (2012)

    Google Scholar 

  9. Ge, X., Vijayakumar, H., Jaeger, T.: Sprobes: enforcing kernel code integrity on the TrustZone architecture. arXiv preprint arXiv:1410.7747 (2014)

  10. Göktas, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: overcoming control-flow integrity. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 575–589. IEEE (2014)

    Google Scholar 

  11. Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)

    Article  Google Scholar 

  12. Hund, R.: Return-oriented rootkits. In: SPRING-SIDAR Graduierten-Workshop über Reaktive Sicherheit, 14–15 September 2009, Stuttgart, Deutschland (2010)

    Google Scholar 

  13. Lee, S.M., Suh, S.B., Jeong, B., Mo, S.: A multi-layer mandatory access control mechanism for mobile devices based on virtualization. In: 2008 5th IEEE Consumer Communications and Networking Conference, CCNC 2008, pp. 251–256. IEEE (2008)

    Google Scholar 

  14. Li, W., Li, H., Chen, H., Xia, Y.: AdAttester: secure online mobile advertisement attestation using TrustZone. In: Proceedings of the 13th Annual International Conference on Mobile Systems, Applications, and Services, pp. 75–88. ACM (2015)

    Google Scholar 

  15. Pirker, M., Slamanig, D.: A framework for privacy-preserving mobile payment on security enhanced ARM TrustZone platforms. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1155–1160. IEEE (2012)

    Google Scholar 

  16. Ray, S., Stephen, S., Peter, L., Mike, H., Dave, A., Jay, L.: The flask security architecture: system support for diverse security policies, pp. 123–140 (1999)

    Google Scholar 

  17. Reineh, A.A., Petracca, G., Uusilehto, J., Martin, A.: Enabling secure and usable mobile application: revealing the nuts and bolts of software TPM in todays mobile devices. arXiv preprint arXiv:1606.02995 (2016)

  18. Rosenberg, D.: QSEE TrustZone kernel integer over flow vulnerability. In: Black Hat Conference (2014)

    Google Scholar 

  19. Sadeghi, A.R.: Mobile security and privacy: the quest for the mighty access control. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, pp. 1–2. ACM (2013)

    Google Scholar 

  20. Santos, N., Raj, H., Saroiu, S., Wolman, A.: Using ARM TrustZone to build a trusted language runtime for mobile applications. In: ACM SIGARCH Computer Architecture News, vol. 42, pp. 67–80. ACM (2014)

    Google Scholar 

  21. Shen, D.: Exploiting TrustZone on Android. Black Hat US (2015)

    Google Scholar 

  22. Smalley, S., Craig, R.: Security enhanced (SE) Android: bringing flexible MAC to Android. In: NDSS, vol. 310, pp. 20–38 (2013)

    Google Scholar 

  23. Sun, H., Sun, K., Wang, Y., Jing, J.: TrustOTP: transforming Smartphones into secure one-time password tokens. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 976–988. ACM (2015)

    Google Scholar 

  24. Sun, H., Sun, K., Wang, Y., Jing, J., Wang, H.: TrustICE: hardware-assisted isolated computing environments on mobile devices. In: 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 367–378. IEEE (2015)

    Google Scholar 

  25. Vogl, S., Pfoh, J., Kittel, T., Eckert, C.: Persistent data-only malware: function hooks without code. In: NDSS (2014)

    Google Scholar 

  26. Yang, B., Yang, K., Qin, Y., Zhang, Z., Feng, D.: DAA-TZ: an efficient DAA scheme for mobile devices using ARM TrustZone. In: Conti, M., Schunter, M., Askoxylakis, I. (eds.) Trust 2015. LNCS, vol. 9229, pp. 209–227. Springer, Cham (2015). doi:10.1007/978-3-319-22846-4_13

    Chapter  Google Scholar 

  27. Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity and randomization for binary executables. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 559–573. IEEE (2013)

    Google Scholar 

  28. Zhang, N., Sun, H., Sun, K., Lou, W., Hou, Y.T.: CacheKit: evading memory introspection using cache incoherence. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 337–352. IEEE (2016)

    Google Scholar 

  29. Zhang, N., Sun, K., Lou, W., Hou, Y.T.: Case: cache-assisted secure execution on ARM processors. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 72–90. IEEE (2016)

    Google Scholar 

Download references

Acknowledgments

This work was supported by the National Science Foundation of China grants No. 61321491, and in part by Commission of Economy and Information Technology grants the project of the security protection foundation of operating system based on hardware resource isolation mechanism.

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Nanjing University, Nanjing, Jiangsu, China

    Diming Zhang, Liangqiang Chen, Fei Xue, Hao Wu & Hao Huang

  2. School of Computer Science and Engineering, Jiangsu University of Science and Technology, Zhenjiang, Jiangsu, China

    Diming Zhang

Authors
  1. Diming Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liangqiang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fei Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hao Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hao Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Diming Zhang or Hao Huang .

Editor information

Editors and Affiliations

  1. Inria, Tokyo, Japan

    Phong Q. Nguyen

  2. Singapore University of Technology and Design, Singapore, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Zhang, D., Chen, L., Xue, F., Wu, H., Huang, H. (2017). T-MAC: Protecting Mandatory Access Control System Integrity from Malicious Execution Environment on ARM-Based Mobile Devices. In: Nguyen, P., Zhou, J. (eds) Information Security. ISC 2017. Lecture Notes in Computer Science(), vol 10599. Springer, Cham. https://doi.org/10.1007/978-3-319-69659-1_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69659-1_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69658-4

  • Online ISBN: 978-3-319-69659-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation