• IEMEK Journal of Embedded Systems and Applications
• /
• v.11 no.6
• /
• pp.335-341
• /
• 2016

As information technology advances rapidly, various smart devices are becoming an essential element in our lives. Smart devices are providing services to users through applications up on the operating system. Operating systems have a variety of rules, such as scheduling applications and controlling hardwares. Among those rules, it is significant to protect private information in the information-oriented society. Therefore, isolation task, that makes certain memory space separated for each application, should highly be guaranteed. However, modern operating system offers the function to access the memory space from other applications for the sake of debugging. If this ability is misused, private information can be leaked or modified. Even though the access authority to memory is strictly managed, there exist cases found exploited. In this paper, we analyze the problems of the function provided in the Android environment that is the most popular and opened operating system. Also, we discuss how to avoid such kind of problems and verify with experiments.

• Journal of KIISE
• /
• v.42 no.12
• /
• pp.1486-1494
• /
• 2015

While Linux-based mobile devices such as smartphones are increasingly used, they often exhibit poor response time. One of the factors that influence the user-perceived interactivity is the high page fault rate of interactive tasks. Pages owned by interactive tasks can be removed from the main memory due to the memory contention between interactive and background tasks. Since this increases the page fault rate of the interactive tasks, their executions tend to suffer from increased delays. This paper proposes a framework-assisted selective page protection mechanism for improving interactivity of Linux-based mobile devices. The framework-assisted selective page protection enables the run-time system to identify interactive tasks at the framework level and to deliver their IDs to the kernel. As a result, the kernel can maintain the pages owned by the identified interactive tasks and avoid the occurrences of page faults. The experimental results demonstrate the selective page protection technique reduces response time up to 11% by reducing the page fault rate by 37%.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.93-101
• /
• 2016

As the Android smart phones become more popular, applications that handle users' personal data such as IDs or passwords and those that handle data directly related to companies' income such as in-game items are also increasing. Despite the need for such information to be protected, it can be modified by malicious users or leaked by attackers on the Android. The reason that this happens is because debugging functions of the Linux, base of the Android, are abused. If an application uses debugging functions, it can access the virtual memory of other applications. To prevent such abuse, access controls should be reinforced. However, these functions have been incorporated into Android O.S from its Linux base in unmodified form. In this paper, based on an analysis of both existing memory access functions and the Android environment, we proposes a function that verifies thread group ID and then protects against illegal use to reinforce access control. We conducted experiments to verify that the proposed method effectively reinforces access control. To do that, we made a simple application and modified data of the experimental application by using well-established memory editing applications. Under the existing Android environment, the memory editor applications could modify our application's data, but, after incorporating our changes on the same Android Operating System, it could not.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.13 no.4
• /
• pp.187-194
• /
• 2018

The operating system for IoT should have a small memory footprint and provide low power state, real-time, multitasking, various network protocols, and security. Although the Zephyr kernel, an operating system for IoT, released by the Linux Foundation in February 2016, has these features but errors generated by the user code can generate fatal problems in the system because the Zephyr kernel adopts a single-space method that both the user code and kernel code execute in the same space. In this research, we propose a space separation method, which separates kernel space and user space, to solve this problem. The space separation that we propose consists of three modifications in Zephyr kernel. The first is the code separation that kernel code and user code execute in each space while using different stacks. The second is the kernel space protection that generates an exception by using the MPU (Memory Protection Unit) when the user code accesses the kernel space. The third is the SVC based system call that executes the system call using the SVC instruction that generates the exception. In this research, we implemented the space separation in Zephyr v1.8.0 and evaluated safety through abnormal execution of the user code. As the result, the kernel was not crashed by the errors generated by the user code and was normally executed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1049-1055
• /
• 2013

Smartphones are rapidly growing because of easy installation of the apps (application software) that users actually want. There are increasingly many apps that require cryptographic suites to be installed, for instance, for protecting account and financial data. Android platform provides protection mechanisms for memory and storage based on Linux kernel, but they are vulnerable to rooting attacks. In this paper, we analyze security mechanisms of Android platform and point out security problems. We show the security vulnerabilities of several commercial apps and suggest appropriate countermeasures.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.29-35
• /
• 2021

UART (Universal asynchronous receiver/transmitter) is a hardware device that converts data into serial format and transmits it, and is widely used for system diagnosis and debugging in most embedded systems. Hackers can access system memory or firmware by using the functions of UART, and can take over the system by acquiring administrator rights of the system. In this paper, we studied secure UART to protect against hacker attacks through UART. In the proposed scheme, only authorized users using the promised UART communication protocol are allowed to access UART and unauthorized access is not allowed. In addition, data is encrypted and transmitted to prevent protocol analysis through sniffing. The proposed UART technique was implemented in an embedded Linux system and performance evaluation was performed.