Bove D (2024)
Publication Language: English
Publication Type: Thesis
Publication year: 2024
Original Authors: Davide Bove
In the pursuit of establishing trust in mobile devices, especially focusing on the Android ecosystem, this dissertation delves into the challenges of mobile security. The primary objective is to enable trust between users and the technology, despite conflicting business interests and malicious actors. The research systematically assesses the current state of mobile security, addressing User-Interface based attacks on Android devices. It introduces a systematic review of the field, classifying challenges and proposing solutions to streamline future security approaches. A large-scale study of Android apps quantifies the usage of Trusted Execution Environments (TEE) in mobile apps, investigating specific TEE-backed programming interfaces and their implementation contexts. The results indicate that only a few apps make use of the limited TEE features accessible to them.
In the second part, this dissertation explores security implementations on the RISC-V architecture, specifically those based on TEEs, applying the insights gained from the mobile world. We develop basic secure services on RISC-V, demonstrating the implementation of security features for low-power devices without custom hardware extensions. Our research also helps develop a security monitoring software called R5Detect, which is designed for low-power devices. The software uses a TEE solution to protect and manage Control Flow Integrity (CFI) checks and heuristic monitoring, offering robust defenses against strong attackers. All of this can be deployed on standard RISC-V devices.
Through these contributions, the dissertation aims to enhance the overall security and trustworthiness of the mobile device ecosystem, as well as the emerging RISC-V ecosystem, to ensure a more secure environment for all users.
APA:
Bove, D. (2024). Trust In Your Pockets: On the Security of Mobile Devices through Trusted Computing (Dissertation).
MLA:
Bove, Davide. Trust In Your Pockets: On the Security of Mobile Devices through Trusted Computing. Dissertation, 2024.
BibTeX: Download