Method and Practice of Trusted Embedded Computing and Data Transmission Protection Architecture Based on Android

WANG Yichuan; GAO Wen; HEI Xinhong; DU Yanning

doi:10.23919/cje.2022.00.196

Article Contents

Article Navigation > Chinese Journal of Electronics > 2024 > Uncorrected proof

Yichuan WANG, Wen GAO, Xinhong HEI, et al., “Method and Practice of Trusted Embedded Computing and Data Transmission Protection Architecture Based on Android,” Chinese Journal of Electronics, vol. 33, no. 3, pp. 1–12, 2024 doi: 10.23919/cje.2022.00.196

Citation:

Yichuan WANG, Wen GAO, Xinhong HEI, et al., “Method and Practice of Trusted Embedded Computing and Data Transmission Protection Architecture Based on Android,” Chinese Journal of Electronics, vol. 33, no. 3, pp. 1–12, 2024 doi: 10.23919/cje.2022.00.196

Citation:

PDF( 7681 KB)

Method and Practice of Trusted Embedded Computing and Data Transmission Protection Architecture Based on Android

doi: 10.23919/cje.2022.00.196

WANG Yichuan^{1, 2
,},
GAO Wen^1
,,
HEI Xinhong^{1, 2
,
,},
DU Yanning^1
,

1.
School of Computer Science and Engineering, Xi’an University of Technology, Xi’an 710048, China
2.
Shaanxi Key Laboratory for Network Computing and Security Technology, Xi’an 710048, China

More Information

Author Bio:
Yichuan WANG received the Ph.D. degree in computer system architecture from Xidian University of China in 2014. He is an ACM member and a CCF member. Now he is an Associate Professor in Xi’an University of Technology and with the Shaanxi Key Laboratory of Network Computing and Security Technology. His research areas include cloud computing and networks security. (Email: chuan@xaut.edu.cn)

Wen GAO was born in 1995. He received the M.S. degree from Xi’an University of Technology in 2021. He is a CCF member. Now he is a Ph.D. candidate in computer science and technology at Xi’an University of Technology. His research areas include trusted computing and networks security. (Email: 2936933626@qq.com)

Xinhong HEI received the Ph.D. degree from Nihon University, Tokyo, Japan, in 2008. He is currently a Professor with the Faculty of Computer Science and Engineering, Xi’an University of Technology, Xi’an, China. His current research interests include intelligent systems, safety-critical system, and train control system. (Email: heixinhong@xaut.edu.cn)

Yanning DU is a Lecturer in School of Computer Science and Engineering, Xi’an University of technology. His research area is high-performance computing. (Email: duyanning@gmail.com)
Corresponding author: Email: heixinhong@xaut.edu.cn
Received Date: 2022-07-04
Accepted Date: 2023-01-13

Available Online: 2023-07-08

Abstract

Abstract

In recent years, the rapid development of Internet technology has constantly enriched people’s daily life and gradually changed from the traditional computer terminal to the mobile terminal. But with it comes the security problems brought by the mobile terminal. Especially for Android system, due to its open source nature, malicious applications continue to emerge, which greatly threatens the data security of users. Therefore, this paper proposes a method of trusted embedded static measurement and data transmission protection architecture based on Android to reduce the risk of data leakage in the process of terminal storage and transmission. We conducted detailed data and feasibility analysis of the proposed method from the aspects of time consumption, storage overhead and security. The experimental results show that this method can detect Android system layer attacks such as self-booting of the malicious module and improve the security of data encryption and transmission process effectively. Compared with the native system, the additional performance overhead is small.
- TrustZone,
- Static measurement,
- Data leakage,
- Android

FullText(HTML)

References(31)

References

[1]	W. Enck, P. Gilbert, S. Han, et al., “TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones,” ACM Transactions on Computer Systems, vol. 32, no. 2, article no. 5, 2014. doi: 10.1145/2619091
[2]	L. Yu, X. P. Luo, J. C. Chen, et al., “PPChecker: Towards accessing the trustworthiness of android apps’ privacy policies,” IEEE Transactions on Software Engineering, vol. 47, no. 2, pp. 221–242, 2021. doi: 10.1109/TSE.2018.2886875
[3]	W. Wang, B. B. Bai, Y. C. Wang, et al., “Bitstream protocol classification mechanism based on feature extraction,” in Proceedings of 2019 International Conference on Networking and Network Applications, Daegu, Korea (South), pp.241–246, 2019.
[4]	M. Xu, C. Y. Song, Y. Ji, et al., “Toward engineering a secure android ecosystem: A survey of existing techniques,” ACM Computing Surveys, vol. 49, no. 2, article no. 38, 2017. doi: 10.1145/2963145
[5]	R. J. G. Vargas, E. A. Anaya, R. G. Huerta, et al., “Security controls for android,” in Proceedings of 2012 Fourth International Conference on Computational Aspects of Social Networks, Sao Carlos, Brazil, pp.212–216, 2012.
[6]	Y. Rong, Y. Y. Liu, H. Li, et al., “DexDefender: A DEX protection scheme to withstand memory dump attack based on android platform,” ZTE Communications, vol. 16, no. 3, pp. 45–51, 2018. doi: 10.19729/j.cnki.1673-5188.2018.03.008
[7]	G. X. Ye, Z. Y. Tang, D. Y. Fang, et al., “A video-based attack for android pattern lock,” ACM Transactions on Privacy and Security, vol. 21, no. 4, article no. 19, 2018. doi: 10.1145/3230740
[8]	M. Youn-A, C. Tae-Mu, and J. M. Kim, “A study on android privilege escalation attack by binder drive metadata management,” Advanced Science Letters, vol. 23, no. 10, pp. 9926–9929, 2017. doi: 10.1166/asl.2017.9827
[9]	B. Kong, Y. Li, and L. P. Ma, “PtmxGuard: An improved method for android kernel to prevent privilege escalation attack,” ITM Web of Conferences, vol. 12, article no. 05010, 2017. doi: 10.1051/itmconf/20171205010
[10]	W. H. Ahn, S. Park, J. Oh, et al., “Inishing: A UI phishing attack to exploit the vulnerability of inotify in android smartphones,” IEICE TRANSACTIONS on Information and Systems, vol. E99.D, no. 9, pp. 2404–2409, 2016. doi: 10.1587/transinf.2015EDL8188
[11]	J. M. Gu, C. Z. Li, D. Lei, et al., “Combination attack of android applications analysis scheme based on privacy leak,” in Proceedings of the 4th International Conference on Cloud Computing and Intelligence Systems, Beijing, China, pp.62–66, 2016.
[12]	W. Wang, Z. Z. Gao, M. C. Zhao, et al., “DroidEnsemble: Detecting android malicious applications with ensemble of string and structural static features,” IEEE Access, vol. 6, pp. 31798–31807, 2018. doi: 10.1109/ACCESS.2018.2835654
[13]	H. Sun, K. Sun, Y. W. Wang, et al., “Reliable and trustworthy memory acquisition on smartphones,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 12, pp. 2547–2561, 2015. doi: 10.1109/TIFS.2015.2467356
[14]	Y. C. Wang, W. Gao, X. H. Hei, et al., “Independent credible: Secure communication architecture of Android devices based on TrustZone,” in Proceedings of 2020 International Conferences on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics), Rhodes, Greece, pp.85–92, 2020.
[15]	U. Kanonov and A. Wool, “Secure containers in android: The Samsung KNOX case study,” in Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices, Vienna, Austria, pp.3–12, 2016.
[16]	M. Dorjmyagmar, M. Kim, and H. Kim, “Security analysis of Samsung Knox,” in Proceedings of 2017 19th International Conference on Advanced Communication Technology, PyeongChang, Korea (South), pp.550–553, 2017.
[17]	X. Y. Ge, H. Vijayakumar, and T. Jaeger, “Sprobes: Enforcing kernel code integrity on the TrustZone architecture,” arXiv preprint, arXiv: 1410.7747, 2014.
[18]	A. M. Azab, P. Ning, J. Shah, et al., “Hypervision across worlds: Real-time kernel protection from the ARM TrustZone secure world,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, pp.90–102, 2014.
[19]	S. W. Dong, Y. Xiong, W. C. Huang, et al., “KIMS: Kernel integrity measuring system based on TrustZone,” in Proceedings of 2020 6th International Conference on Big Data Computing and Communications, Deqing, China, pp.103–107, 2020.
[20]	N. Zhang, K. Sun, W. J. Lou, et al., “CaSE: Cache-assisted secure execution on ARM processors,” in Proceedings of 2016 IEEE Symposium on Security and Privacy, San Jose, CA, USA, pp.72–90, 2016.
[21]	S. R. Huang, C. C. Liu, and Z. Y. Su, “Secure storage model based on TrustZone,” IOP Conference Series: Materials Science and Engineering, vol. 490, no. 4, article no. 042035, 2019. doi: 10.1088/1757-899X/490/4/042035
[22]	D. Hein, J. Winter, and A. Fitzek, “Secure block device–secure, flexible, and efficient data storage for ARM TrustZone systems,” in Proceedings of 2015 IEEE Trustcom/BigDataSE/ISPA, Helsinki, Finland, pp.222–229, 2015.
[23]	Y. Zhang, “A key management framework to protect communication data on mobile terminal,” Chinese Scientific Papers, vol. 11, no. 10, pp. 1–10, 2016.
[24]	J. J. Li, “Research on internet of things elevator fault detection and automatic alarm system based on android,” in Proceedings of the 2018 3rd International Workshop on Materials Engineering and Computer Sciences, Ji’nan, China, pp.58–61, 2018.
[25]	S. I. Hani and N. M. Sahib, “Detection of malware under android mobile application,” in Proceedings of 2020 3rd International Conference on Engineering Technology and its Applications, Najaf, Iraq, pp.179–184, 2020.
[26]	D. H. You and B. N. Noh, “Android platform based Linux kernel rootkit,” in Proceedings of 2011 6th International Conference on Malicious and Unwanted Software, Fajardo, PR, USA, pp.79–87, 2011.
[27]	S. Y. Chen, Y. Y. Wen, and H. Zhao, “Modeling trusted computing,” Wuhan University Journal of Natural Sciences, vol. 11, no. 6, pp. 1507–1510, 2006. doi: 10.1007/BF02831808
[28]	R. Sailer, X. L. Zhang, T. Jaeger, et al., “Design and implementation of a TCG-based integrity measurement architecture,” in Proceedings of the 13th Usenix Security Symposium, San Diego, CA, USA, pp.223–238, 2004.
[29]	T. Cooijmans, J. de Ruiter, and E. Poll, “Analysis of secure key storage solutions on android, ” in Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, Scottsdale, AZ, USA, pp.11–20, 2014.
[30]	C. Chunka, S. Banerjee, S. Nag, et al., “A secure key agreement protocol for data communication in public network based on the Diffie-Hellman key agreement protocol,” in Proceedings of the 3rd International Conference on Micro-Electronics and Telecommunication Engineering, Ghaziabad, India, pp.531–543, 2020.
[31]	R. Ou, Y. Y. Zhang, M. W. Zhang, et al., “After-the-Fact Leakage-Resilient Identity-Based Authenticated Key Exchange,” IEEE Systems Journal, vol. 12 , no. 2, pp.2017–2026, 2018.