As the utilization of mobile platform keeps growing, the security issue of mobile platform becomes a serious threat to user privacy. The current security measures mainly focus on the application level and the framework level, with little protection on the kernel. Virtualization technologies have been used in x86 platforms to protect the security of the kernel. With a higher privilege than the guest operating system, the hypervisor can effectively detect and defend against the malicious activity inside the guest kernel. In this paper, we build a hypervisor framework called TinyVisor leveraging the ARM virtualization extensions to protect the guest system security. The framework is transparent to the guest operating system and applications without any code modification. On top of the framework, we propose a secure module called H-Binder to protect the integrity and secrecy of the Binder transaction data in Android system. We implement the prototype of TinyVisor with the H-Binder module and evaluate the performance. The experiment results show non-significant performance loss.
Android, Virtualization, ARM, Hypervisor, System Security
OS and Networks | Programming Languages and Compilers
Computers and Security
SHEN, Dong; LI, Zhoujun; SU, Xiaojing; MA, Jinxin; and DENG, Robert H..
TinyVisor: An extensible secure framework on android platforms. (2017). Computers and Security. 72, 145-162. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/3844
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.