DOI QR코드

DOI QR Code

A Mobile OS Integrity Verification Using Bootloader & Physically Independent Storage Device

부트로더와 물리적으로 독립된 저장장치를 이용한 모바일 운영체제 무결성 검증

  • 박재경 (한국과학기술원 사이버보안연구센터) ;
  • 이상훈 (국방과학연구소) ;
  • 권미영 (국방과학연구소) ;
  • 김효남 (청강문화산업대학교 게임전공)
  • Received : 2014.12.02
  • Accepted : 2014.12.26
  • Published : 2014.12.31

Abstract

In this paper, we study the verification techniques for OS integrity that can be more fatal than applications in case of security issues. The dissemination of smartphones is rapidly progressing and there are many similarities of smartphones and PCs in terms of security risks. Recently, in mobile network environment, there is a trend of increasing damages and now, there are active researches on a system that can comprehensively respond to this. As a way to prevent these risks, integrity checking method on operation system is being researched. As most integrity checking algorithms are classified by verification from the levels before booting the OS and at the time of passing on the control to the OS, in which, there are minor differences in the definitions of integrity checking or its methods. In this paper, we suggests the integrity verification technique of OS using a boot loader and a physically independent storing device in the mobile device.

Acknowledgement

Grant : 사이버 공격에 대비한 군용 다기능 모바일 단말기의 보안 SW 개발

Supported by : 국방과학연구소

References

  1. Samsung KNOX. http://www.phonearena.com/news/Samsung-Knox-found-to-have-a-serious-vulnerability_id50670
  2. Vulnerability report: Xen 3.x. http://secunia.com/advisories/product/15863.
  3. Xen : Security vulnerabilities. http://www.cvedetails.com vulnerability-list/vendor_id-6276/XEN.html. Last accessed April 4, 2012.
  4. Vulnerability report: Xen3.x. http://secunia.com/advisories/product/15 86 3. Last accessed April 4, 2012.
  5. Survey of Security Threats and Countermeasures on Android Environment. Joonhyouk Jang 2013.12
  6. RAISE. Enye lkm rookit modified for ubuntu 8.04. http://packetstormsecurity.com/files/75184/Enye-LKM-Rookit-Modified-For-Ubuntu-8.04.html. Last accessed Sep 4, 2012.
  7. Integrity Protection Solutions for Embedded Systems, FOSDEM 2014 Brussels, Belgium, February , 2014
  8. Sangorrin, Daniel, Shinya Honda, Hiroaki Takada. "Dual operating system architecture for real-time embedded systems." In Proceedings of the 6th International Workshop on Operating Systems Platforms for Embedded Real-Time Applications (OSPERT), Brussels, Belgium, pp. 6-15. 2010.
  9. A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, and N. C. Skalsky. Hypersentry: enabling stealthy in-context measurement of hypervisor integrity. In Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pages 38-49, New York, NY, USA, 2010. ACM.
  10. DINABURG, A., ROYAL, P., SHARIF, M., AND LEE, W. Ether: malware analysis via hardware virtualization extensions. In Proceedings of the 15th ACM conference on Computer and communications security (New York, NY, USA, 2008), CCS '08, ACM, pp. 51-62.
  11. D. Clarke, G. E. Suh, B. Gassend, M. van Dijk, and S. Devadas. Checking the integrity of a memory in a snooping-based symmetric multiprocessor (smp) system. Technical report, MIT LCS memo-470, http://csg.csail.mit.edu/pubs/memos/Memo-470/smpMemoryMemo.pdf, 2004.