Mobile and Embedded Platform Security

Abstract

The number of various mobile and embedded devices around us is growing very rapidly. Nowadays they are employed in many areas, such as automotive, industry automation, healthcare, smart home systems etc. At the same time, the number of attacks targeting these devices and associated infrastructure is also growing. The long history of information and device protection in the PC world has developed a set of hardware and software mechanisms, commonly refereed as platform security, to withstand these attacks. However, they are usually not very well suited for mobile and embedded devices. As a result new platform security architectures for mobile and embedded device platforms were designed and widely employed. In this dissertation, we present a platform security model for mobile devices and compare various popular mobile platform security architectures with regards to this model. We also introduce a platform security model for embedded devices with the focus on the mainline Linux kernel due to its widespread use and popularity. Next, we outline the two major platform security aspects that nowadays present an ongoing challenge for mobile and embedded security architects: application isolation and operating system kernel hardening. Traditionally various mandatory access control (MAC) mechanisms have been used to achieve strong application and process isolation for personal computers and servers. Nowadays, these mechanisms (albeit with modifications) are making their way into mobile and embedded platform security architectures, such as SEAndroid MAC, used on Android mobile devices. This dissertation studies the challenges in adopting SEAndroid MAC for mobile devices, and presents the number of tools that can help security architects and researchers to create better SEAndroid access control policies. In addition, we also explore an emerging alternative method for application and process isolation, OS-level virtualization, and examine its security guarantees and shortcomings. The central piece of any platform security architecture is the security of the operating system's kernel, because its breach almost always leads to a compromise of the whole system. The designers of many popular mobile and embedded operating systems have spent considerable effort tightening the security of userspace applications and, as a result, attackers are more and more focusing their effort on the kernel itself. This dissertation examines the strength of existing protection in on of the Linux kernel subsystem, just-in-time (JIT) compiler for Berkeley Packet Filter, and shows that it is vulnerable to JIT spray attacks. Next, it considers the problem of temporal and spatial memory safety in the mainline Linux kernel and implements two different methods to address it. As a result, this dissertation addresses a number of important practical challenges in the present-day mobile and embedded platform security architectures and also gives a brief outlook on the upcoming future research directions in this area.