n o e c n e r e f n o C l a n o it a n r e t n I 8 1 0
2 Communicaiton ,NetworkandAritifcialI nteillgence( CNA I2018) 8 7 9 : N B S
I -1-60595- 50 -5 6
d i o r D M I
H —A Measuremen to fAndroidKerne lBased s t n a ir a v n I a t a D l e n r e K n o i
Z -congLU*, gJ - uin x XIAO da n SongGUO
u o h z g n e h
Z InformaitonScienceandTechnologyI nsttiute ,ZhengzhouHenan450000 ,China r o h t u a g n i d n o p s e rr o C * : s d r o w y e
K Invairants ,Kernel ,Dynamicmet ircs ,Rootki tdeteciton ,Hardwarevitruailzaiton.
t c a r t s b
A . In orde rto reduce the threa to frootkti sto the integrtiy o fAndroid sy tsem ,based on k r o w t n e c e R . d e s o p o r p s i d i o r D M I H d o h t e m t n e m e r u s a e m l e n r e k d i o r d n A n a , st n a ir a v n i a t a d l e n r e k o m e d s a
h nsrtatedt hatr ootkti smailcliou lsy modfiy no tonlyconrto ldatabu taslo non-conrto ldata . n o n d n a l o rt n o c h t o b g n i y fi d o m s ti k t o o r t c e t e d n a c d i o r D M I
H -conrto ldata .Thedatasrtucture so f c l e n r e k e h t g n i z y l a n a y b d e n i a g e r a s t n a ir a v n i l e n r e k d e r u s a e m e h
t onrto landno -n con rto ldatatha t e k e h t f o y ti r g e t n i e h t t c e ff
a rne ldu irng the running o fthe Android sy tsem .By u isng ARM y g o l o n h c e t n o it a z il a u tr i
v , HIMDroid separates the measuremen t module from the measured f o s t n e m e r u s a e m e h t g n it n e v e r p , m e ts y s d i o r d n
A twarebeingattacked .Thesecoredatas rtucture so f r u s a e m e h
t ed kerne l invairant s are reconsrtucted and analyzed in the measuremen t module . n o n d n a a t a d l o rt n o c s e r u s a e m , d n a h e n o e h t n o , d i o r D M I
H -conrto ldata in the Android kerne l a e h t g n it a n i m il e e li h
w ttack su fraceof t heAndroid kernell ayert o t hemeasuremen tso tfware ,and , d n a h r e h t o e h t n o ; l e d o m g n ir o ti n o m e h t f o ) e s a b g n it u p m o c d e ts u rt ( B C T e h t g n i c u d e r y l e v it c e ff e .s s o l e c n a m r o fr e p t n a c if i n g is o n s a h t i n o it c u d o r t n I o t g n i d r o c c a , 8 1 0 2 l ir p A f o s
A StateCounte[r1] ,Android mob lieoperaitng sy tsem marke tshare m e ts y s g n it a r e p o e li b o m e h t n i m e ts y s d i o r d n A e h t f o t n e m p o l e v e d d i p a r e h t h ti W . % 3 2 . 4 7 s a w f o s d n i k l l a t s n i a g a d n e f e d o t r e d r o n I . g n i g r e m e o sl a e r a m e ts y s d i o r d n A e h t n o s k c a tt a , t e k r a m a tt
a cks , there are many researche s on these attacks . Through the tsudy o f Android marke t d e t n e v e r p , n o it a c il p p a e h t n i r o i v a h e b s u o i c il a m e h t d e z y l a n a s r e h c r a e s e r e m o s , s s e c o r p n o it a c il p p a v ir p ’ s r e s u f o e g a k a e l e h t d n a m e ts y s e h t o t n o it a c il p p a f o s k c a tt a e h
t acy [2] .Someenhanced t he t n e v e r p o t m si n a h c e m y ti r u c e s d i o r d n A e h t n i s w a lf e h t h c t a p o t k r o w e m a r f m a r g o r p r e s u d i o r d n A l e n r e k x u n i L e h t o t s e g n a h c e d a m s r e h c r a e s e r e m o s d n a , ] 3 [ y c a v ir p g n is s e c c a m o r f e d o c s u o i c il a m f o y ti r u c e s e h t e c n a h n e o t k r o w e m a r
f Android [4] .Atlhough t he above researche shave effecitve e h t r o f s m si n a h c e m e s n e f e d g n it si x e e h t , n o it a c il p p a d i o r d n A e h t o t s k c a tt a e h t t s n i a g a e s n e f e d d n a , s d o h t e m n o it c e t o r p l e n r e k x u n i L l a n o it i d a rt e h t n o d e s a b l l a e r a s k c a tt a t s n i a g a l e n r e k d i o r d n A
mos to fthe proteciton method sare in isde o fthe operaitng sy tsem sso tha tattacker scan easliy . m e h t h ti w r e p m a t r o s s a p y b l e n r e k m e ts y s d i o r d n A e h t f o y ti r u c e s e h t g n i c n a h n e n o h c r a e s e r d e t c u d n o c e v a h s r a l o h c s e m o S r a s e c i v e d M R A t s o M . s m r o ft a l p e li b o m n
o eusedf o rAndroiddevices .U isngsecurtiyexten isonon m r o ft a l p M R A e h
t Tru tsZone[5 ]can be used t o protect t hesy tsem [6-10] .Atlhough Tru tsZonei s t i e k a m y ti li b a p a c n o it p e c r e t n i s ti f o s n o it a ti m il e h t , n o it c e t o r p a t a d r o f e r a w d r a h n o d e s a b D e l b a ti u s n
u odomainr e lfecitonandi nrta-domainproteciton .Thi ssit her easonwhyHypervi ison[ 4 ] h g i h e h t o t e u d s n o it a ti m il n i a tr e c s a h t i t u b , m e t s y s g n it a r e p o e h t n i s e g n a h c t n a c if i n g is e d a m s a h . g n i h c ti w s e d o m f o n o it p m u s n o c e r a w d r a
H -asssiitng vitruailzaiton technology can maintain sy tsem securtiy[11] , and many e s u s r e h c r a e s e
r d ti to protec tsy tsemsecurtiy ont heARMplaftorm .U isng vitruailzaiton exten ison s . d e s o p o r p e r e w ] 3 1 [ M R A r o f M V K d n a ] 2 1 [ M R A n o n e X s a h c u s s r o si v r e p y h , M R A n
o However ,
o si v r e p y h e s e h
t r sfocusedonmulitples y tsems ,whichaddedt he rtu tsedcompuitngbase( TCB.)A nd M R A / M V K d n a n e
X haveaho tst od osomei mpo tranti nterrupst ,leading tt ha theTCBcontainst he ts
o
have a large impact on performance, they do not meet the low performance of mobile devices. Convenient requirements. L4Android [14] isolates the Android system on each occasion, but attacks on the system still cannot be prevented. DroidVisor [15] protects the integrity of the kernel's static key objects and performs rootkit detection on processes and modules. However, it has certain limitations. For example, it cannot detect non-control data in the kernel. For example, it can't measure the rootkits that dynamically modify the entropy pool resource of kernel.
In view of the above problems, an Android kernel integrity measurement in hypervisor (HIMDroid) scheme based on kernel data invariants is proposed. The security of the Android kernel is ensured by performing integrity measurement on the control and non-control data in kernel at any time.
Intrusion HIMDroid Architecture Design ARM Hardware-assisted Virtualization
The HIMDroid design utilizes the virtualization technology of the ARM platform. The following is the relevant background of the virtualization technology on the ARM platform.
[image:2.595.166.381.373.493.2]The recent ARMv7-A architecture introduces virtualization extensions on ARM processors. Specifically, a new processor mode called hyp mode is introduced, which has a higher privilege level than the existing svc mode in non-secure state. Android OS and applications can still run in existing svc mode and usr mode without any modification. The architecture of the ARM processor with virtualization extensions and security extensions is shown in Figure 1.
Figure 1. Structure of ARM processor Table 1. Stage-2 control of access permissions.
HAP[2:1] access permission
00 No access permitted
01 Read-only 10 Write-only 11 Read/write
The virtualization extension on ARM processor uses two-phase page table translation to better control the customer's virtual memory. The Stage-1 page table is maintained by the guest operating system, and the guest operating system can use the Stage-1 page table to convert the customer virtual address (VA) to the intermediate physical address (IPA). The Stage-2 page table that translates IPA into physical address (PA) is maintained by the hypervisor and is transparent to the guest operating system. The virtualization extension on ARM processor must be used with large physical address extensions and security extensions. As shown in table 1, the bits [7:6] of the large physical address extension are the access permission bits HAP[2:1] of Stage-2, and the client is configured with the appropriate configuration of the attribute bits in the Stage-2 page table entry (PTE). The memory access of the operating system will be under the control of the hypervisor.
The HIMDroid Architecture
svc
Android operating system
Monitor system
Agent Module
Introspection intervention Hypervisor
traps
hyp
Extracting Module
SLAT management
Baseline database Learning
module
[image:3.595.153.446.70.315.2]Monitor module Response
Figure 2. Structure of HIMDroid
Our system architecture consists of two parts: agent module and monitor system. The agent module is placed in svc mode and the monitor system is placed in hyp mode.
The agent module obtains the virtual address of the measurement object through the System. map file and passes it to the monitor system. The semantic reconfiguration of the measurement object and the integrity analysis are performed under the monitor system. The monitor system has three modules: extracting module, learning module, and monitoring module. The extraction module receives the virtual address from the proxy module and translates it into a physical address with the help of Second Level Address Translation (SLAT) management, and then reconstructs the operating system level semantics according to the kernel knowledge. The extracted information is then passed to the learning module or monitoring module at different stages. In the learning stage, the learning module builds a baseline database of reference values when the system is powered on. The main content of the database is the hash value of the control data object and the constraint value of non-control data metrics other than the subset constraint object. At the same time, the reference value is AES encrypted to ensure the security of the reference value. To prevent the AES key from leaking, it is stored in Trustzone. In the monitoring stage, the monitor module compares the runtime extracted information with the baseline database to detect attacks and do further introspection or intervention to the Android kernel according to the monitor results.
HIMDroid Key Technologies
Determination of Kernel Data Invariants
In order to make the measurement object fully describe the runtime integrity of the Android kernel, we determines the selection of measurement objects from the aspect of the running principle of the Android kernel and the attack surface of the kernel malware.
After analyzing and loading various key components of the Android OS kernel, it is found that data structures such as basic read-only data segments, kernel code segments, system call tables, interrupt descriptor tables, exception vector tables, and kernel module codes running on the Android system are static and invariable control data.
replaced by files. When the monitoring software or program calls these service programs to view the process information, the hidden process is filtered by the malicious software, so as to achieve the attack of the malicious software on the kernel. However, in the dynamic changes of these non-control kernel data structures, they satisfy certain characteristic constraints. For example, if a module in a Linux system satisfies module_kest⊆modlist, then the module resource is complete during system operation, otherwise it is incomplete; Rootkits such as adore-ng can hide the malicious modules, that is, they do not meet the constraints of the subset characteristics of the module list. The Android kernel uses the pseudo-random number generator PRNG to generate random numbers needed for other safety-critical applications. In order to ensure that the PRNG-generated numbers are pseudo-random, the content bytes of the updated entropy pool are extracted from the entropy pool each time using a stirring function. The polynomial coefficients used by the agitation function are integer fields in the struct poolinfo data structure. The values of these integer fields satisfy a certain boundary constraint. Specifically, poolinfo.tap1∈ {32, 128}, poolinfo.tap2∈ {26, 103}, poolinfo.tap3 ∈ {20, 76}, poolinfo.tap4 ∈ {14, 51}, poolinfo.tap5
∈ {7, 25}, poolinfo.tap6 == 1 etc.
According to the characteristics of the dynamic changes in these data structure, these characteristics can be divided into five kinds of constraints: control data constraints and fixed-length constraints, fixed-value constraints, subset constraints, and boundary constraints in non-control data constraints. For example, the system call table belongs to the control data constraints and the entropy pool structure belongs to the boundary constraint in the non-control data constraints, the module belongs to the sub-set constraint in the non-control data constraints, the number of supported executable file types, formats, is a fixed value constraint in non-control data constraints.
Through the above analysis on the running process of the Android system, the kernel measurement objects include two major categories: control data constraints and non-control data constraints.
Reconstruction and Analysis of Core Data Invariant
The information obtained by the monitor system in the hyp mode is the underlying binary information and cannot obtain kernel-level semantic information. Therefore, before the analysis, measurement objects need to be reconstructed at the extraction module in monitor system according to the kernel structure knowledge and the underlying binary information.
Since the Android kernel is based on the Linux kernel, the virtual address of the measurement object can be obtained through the system.map file provided by the kernel. The system.map file stores the measurement objects and their virtual addresses that we analyzed in the previous section, such as the kernel code segment address, the initialization data segment address, the exception vector table virtual address, the system call table virtual address, the init process address, etc. From these virtual addresses, the physical address of the measurement object can be obtained through a two-stage address translation process. According to the way the Android kernel stores these measurement objects (such as linked lists, arrays, trees, etc.), the type of the measurement object and the offset of each field,HIMDroid can reconstruct these measurement objects at the measurement layer.
Algorithm 1 Reconstruction of Kernel Measurement Objects
Input: Measure object's virtual address Va, intermediate address Ipa, starting physical address Pa, measure object type definition SC[], field offset FS[], kernel symbol table file System.map;
Output: Static invariants list SIL [] or dynamic invariants list DIL []. BEGIN
1. Va[]=Read (System.map); 2. While (Va[i]!=0)
3. Ttbr = Read_Guest_TTBR();
4. Ipa=Translate_Stage1_Guest(Ttbr, Va); 5. Pa=PA(Ipa);
8. SIL []= data(Pa); //Read-only data segment 9. SIL []= Sys_call(Pa);//System Call Table 10. SIL []= IDT(Pa);//Interrupt vector table
11. SIL []= Others (Pa);//Other static objects such as exception vector table, etc. 12. Else if (Va[i]∈init_task|module_set|others) //dynamic measure non-control data 13. DIL []= Task(Pa,SC[i],FS[i]);//process
14. DIL []= Moudle(Pa,SC[i],FS[i]);//module
15. DIL []= Others(Pa,SC[i],FS[i]);//Other dynamic measure non-control data 16. End if
17. End while END
[image:5.595.51.437.69.202.2]In the learning stage, based on the reconstructed information from extraction module, the learning module builds a baseline database of reference values when the system is powered on. During the Android device runtime, the monitor module checks the runtime extracted information based on the baseline database to detect attacks. In the monitoring stage, since the contents of control data such as kernel code, kernel initialization data, system call table, and interrupt vector table are continuously distributed and static, it is easy to obtain according to the virtual address and analyze based on baseline database. Therefore, the reconstruction and analysis process is relatively simple. We focus on the reconstruction and analysis method of dynamic non-control data. The following describes the basic idea of the reconfiguration analysis of non-control data by analyzing the modules of the Android system as an example.
For the module, each module is organized by a module structure. Each module structure forms a double-linked list through the list field. Since the DKOM attack can directly remove the module structure from the doubly-linked list, the module information obtained by analyzing the module structure list from the modules variable may be incomplete. We have chosen the device model-related variable module_kest as the entry point, and all modules have a one-to-one correspondence with the kobject structure organized by module_kset. Although a module is removed from the module double linked list, the module still exists in the kobject double linked list, so all module information can be obtained by analyzing the kobject double linked list structure. The analysis process is shown in Figure 3, and the analysis steps are as follows:
(1) According to the address of module_kset, call the sec_mmap function to obtain the contents of the list pointer in the kset structure, and obtain the address of the entry field of the kobject structure from this content.
(2) According to the kobject structure field definition and offset information FS [] (name, entry, etc.) to get the first address of the kobject structure;
(3)The address of the mod field in the module_kobject structure is derived from the relationship between the kobject structure and the module_kobject structure and the first address of the kobject structure.
(4) Call the sec_mmap() function to obtain the physical memory contents corresponding to the mod field address into SC[], and then reconstruct SC[] to obtain the operation of the module according to the definition of the module structure and the offset information FS[](state, name, core_size, etc.) System-level semantics, stored in p1[];
module_kset list list_lock
kobj unevent_ops
kobject A name
enry parent
……
kset
……
module A state
list name mkobj
……
module_kobject D kobj mod
……
kobject B name
enry parent
……
kset
……
kobject D name
enry parent
……
kset
……
kobject C name
enry parent
……
kset
……
kset
module B state
list name mkobj
……
module D state
list name mkobj
…… ……
next kobject
module
[image:6.595.114.484.77.364.2]
Figure 3. Reconstructing Kernel Module Views at Measure Layer
At the same time, the module needs to be executed in the module_kest linked list of the device model-related variables. The module_kest structure is analyzed in the same way as the analysis module linked list, and the module information related to the device model is stored in pr[]. The resulting pi[] and pr[] are stored in DIL[].
Because the process in the system needs to satisfy the constraint relationship of module_kest⊆modlist, the analysis process focuses on whether the elements of the module and its fields in pr[] are all contained in pi[]. If the constraint is satisfied, that is, the module satisfies the subset constraint, the module is not tampered with. Conversely, the system module has been tampered with, recording tamper logs and reporting hidden modules in the system.
Experiment
We implemented the HIM-Droid prototype in an experimental environment using Linux Ubuntu 14.04 on a PC with an Intel(R) Core(TM) i7-4790 CPU @3.6GHz processor and 16 GB main memory. On this platform, we are equipped with ARM FastModels (ARM, 2011) with FVP. We use FastModels to carry a Cortex-A15x1 processor emulation tablet that supports ARM virtualization extensions. Android 5.0 embedded with HIM-Droid is running on the tablet for functional testing and performance testing. The experiment mainly carried on the verification analysis to the HIMDroid method from the function and the performance two aspects.
Functional Experimental Design
Table 2. Android system kernel suffered rootkit attack metric
Rootkit Attack category HIMDroid
ddrk Replacing system tools to implement rights escalation, process file hiding, etc. √
suckit v2.0 Attack/dev/kmem intercepts and modifies system calls for backdoors and hidden functions √
allroot Modify several items in the system call table to implement the right √ Knark-2.4.3 Modify the system call table to achieve modules file hiding √ mood-nt Attack /dev/kmem redirect system call table √
From the measurement results, it can be seen that both the rootkits which tampered with the kernel static measurement control data such as system call tables and kernel dynamic measurement non-control data such as module chain tables and entropy pool resources can be detected by HIMDroid. The HIMDroid measurement method has the quality of effective implementation.
Performance Experimental Design
In order to judge the effect of the HIMDroid method on the performance of the Android system, we use the AnTuTu Benchmark software, which is specialized software for Android devices mobile phones, tablet computers. Comparing the performance between the test applying HIMDroid measurement and that without the measurement, the performance metrics mainly select several current mainstream options: Memory performance, CPU floating-point calculation, and CPU integer calculation performance. We use the AnTuTu software to test the HIMDroid metric kernel 200 times and take the average value. The performance loss ratio is the difference between the score of the performance index item using the HIM-Droid metric and the score value of the index item without using the HIM-Droid metric. The results are shown in Table 3.
Table 3. Use AnTuTu Benchmark to test HIMDroid
Test items Performance loss ratio
Memory performance 3.69
CPU floating-point calculation 5.36 CPU integer calculation performance 7.52
Since the experiments in this article were tested on FastModels, the ARM processor could not be accurately simulated, but the performance loss ratio could be obtained. As can be seen from Table 3, there is a certain loss of performance compared to the use of HIMDroid without HIMDroid, but within an acceptable range, this method has certain reference significance for ensuring the dynamic integrity of the Android kernel.
Conclusions
Based on kernel invariants, a real-time measurement method in hypervisor for the Android kernel, HIMDroid, is proposed. This method analyzes the operating mechanism and the attacked object of the Android kernels to obtain the control data and non-control data that affect the security in the kernel, and detects the integrity of the kernel after the hypervisor layer reconstructs the measurement object in the kernel. Different from traditional methods, HIMDroid is credible because it is isolated from the measured Android kernel. The experiments demonstrate that the HIMDroid can not only detect the rootkits attacking both control data and non-control data have bring no significant performance loss. However, HIMDroid is not able to detect some other attacks. For example, the attacks do not tamper with kernel critical data structures to achieve privilege escalation and modify control flow. So in the next step, by analyzing the data characteristics of kernel-level rootkits, the accuracy of HIMDroid's metric kernel integrity can be improved.
References
[2] Grace M, Zhou Yajin, Wang Zhi, et al. Systematic Detection of Capability Leaks in Stock Android Smartphones[C]//Proceedings of NDSS’12. [S. 1.]: IEEE Press, 2012: 107-201.
[3] Enck W, Ongtang M, McDaniel P. On Lightweight Mobile Phone Application Certification[C]//Proceedings of ACM Conference on Computer and Communications Security. [S. 1.]: ACM Press, 2009: 235-245.
[4] SHABTAI A, FLEDEL Y, ELOVICI Y. Securing Android-powered mobile devices using SELinux[J]. Security & Privacy, 2010, 8(3): 36-44.
[5] ARM. ARM security technology—Building a secure system using trustzone technology. ARM Technical White Paper, 2009.
[6] Santos N, Raj H, Saroiu S, Wolman A. Using ARM trustzone to build a trusted language runtime for mobile applications. In: Proc.of the Int’l Conf. on Architectural Support for Programming Languages and Operating Systems. 2014. 67−80.
[7] Azab A M, Shah J, Shah J, et al. Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World[C]// ACM Sigsac Conference on Computer and Communications Security. ACM, 2014:90-102.
[8] Zhao S, Zhang Q, Hu G, Qin Y, Feng D. Providing root of trust for ARM trustzone using on-chip SRAM. In: Proc. of the 4th Int’l Workshop on Trustworthy Embedded Devices. 2014. 25−36.
[9] Pinto S, Oliveira D, Pereira J, Cardoso N, Ekpanyapong M, Cabral J, Tavares A. Towards a lightweight embedded virtualization architecture exploiting ARM TrustZone. In: Proc. of the IEEE Int’l Conf. on Emerging Technologies and Factory Automation. 2014.1−4.
[10] Sun H, Sun K, Wang Y, Jing J. TrustOTP: Transforming smartphones into secure one-time password tokens. In: Proc. of the ACM Sigsac Conf. on Computer and Communications Security. 2015. 976−988.
[11] Li ZJ, Shen D, Su XJ, Ma JX. Security technology based on ARM virtualization extension. Ruan Jian Xue Bao/Journal of Software, 2017,28(9):2229−2247.
[12] Nadeem A, Howarth MP. An intrusion detection & adaptive response mechan for MANETs. Ad Hoc Netw 2014;13:368–80.
[13] Dall C, Nieh J. KVM/ARM: the design and implementation of the linux ARM hypervisor. ACM SIGARCH Comput Architect News 2014;42(1):333–48.
[14] Lange M, Liebergeld S, Lackorzynski A, et al. L4Android: a generic operating system framework for secure smartphones[C]// ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. ACM, 2011:39-50.
