[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.14372/IEMEK.2015.10.6.335

SeBo: Secure Boot System for Preventing Compromised Android Linux

Kim, Tong Min (Korea University)
Kim, Se Won (Korea University)
Yoo, Chuck (Korea University)

Publication Information

IEMEK Journal of Embedded Systems and Applications / v.10, no.6, 2015 , pp. 335-343 More about this Journal

Abstract

As the usage of mobile devices becomes diverse, a number of attacks on Android also have increased. Among the attacks, Android can be compromised by flashing a new image of compromised Android Linux. In order to solve this problem, we propose SeBo (Secure Boot System) which prevents compromised Android Linux by guaranteeing secure boot environment for mobile devices based on ARM TrustZone architecture. SeBo checks the hash value of the Android Linux image before the Android Linux executes. SeBo detects all the attacks within 5 seconds. Moreover, since SeBo only trusts the Secure Bootloader from Secure World, SeBo can reduce the additional overhead of checking the Normal Bootloader from Normal World.

Keywords

Secure boot; Embedded system; Embedded security; Android; Linux; ARM TrustZone;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)

Reference
Cited By KSCI

1	S. Yuru, X. Luo, C. Qian. "Rootguard: Protecting rooted android phones," IEEE Computer Vol. 47, No. 6, pp. 32-40, 2014.
2	S. Smalley, "The case for SE Android," In Linux Security Summit 2011. http://selinuxproject.org/-jmorris/lss2011_slides/caseforseandroid.pdf.
3	S. Smalley, R. Craig. "Security Enhanced (SE) Android: Bringing Flexible MAC to Android," NDSS (Vol. 310, pp. 20-38), 2013.
4	T.M. Kim, S.W. Kim, C. Yoo, "Tiny Monitoring Platform for Protecting Data against Compromised Mobile Operating Systems," Proceeding of Autumn Conference on IEMEK (in Korean).
5	Technologies, A.R.M "ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition, " URL: ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition
6	Technologies, A.R.M "ARM Security Technology Building a Secure System using TrustZone(R) Technology," http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html
7	Aghera, P., Bok, A., Chintada, S., Rao, S., & Rinaldi, A. (2003). U.S. Patent Application 10/652,352.
8	Technologies, A.R.M "Chapter 4. Global timer, private timers, and watchdog registers," http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0407i/BEJHAGEE.html
9	LWN.net, "ARM:global_timer: Add ARM global timer support," https://lwn.net/Articles/549648/
10	D. Menasce, "Security performance." IEEE Internet Computing, Vol. 7, No. 3, pp. 84-87, 2003. DOI
11	R. Rivest, "The MD5 message-digest algorithm," http://tools.ietf.org/html/rfc1321?ref=driverlayer.com, 1992.
12	Technologies, Samsung "Samsung KNOX Workspace" https://www.samsungknox.com/en/products/knox-workspace/technical
13	J. Shin, Y. Kim, W. Park, C. Park, "A Secure Data Management Framwork based on ARM TrustZone for Cloud Storage Services," Proceeding of Autumn Conference on IEMEK (in Korean).
14	J. Shin, Y. Kim, W. Park, C. Park, "A Method for Data Access Control and Key Management in Mobile Cloud Storage Services," J. IEMEK Embed. Syst. Appl., Vol. 8, No. 6, pp. 303-309, 2013 (in Korean). DOI