Android's underlying Linux kernel is rapidly becoming an attractive target for attackers. In 2014, the number of reported bugs in the kernel was 4 percent of the overall bugs discovered in Android. This number drastically increased to 9 and 44 percent in 2015 and 2016, respectively. These are not surprising as the kernel consists of millions of lines of code, which bloat the Trusted Computing Base (TCB) and enlarge the attack surface. For example, several recent bugs have been found in the Bluetooth [36] and WiFi [37, 172] subsystems of mobile devices. These bugs can be exploited by malicious parties over the network to mount remote attacks. An attacker uses these kernel bugs to get kernel privilege and gain complete control of the mobile device.
The common solution to this problem is to patch the kernel as soon as a new bug or a vulnerability is found in the kernel. However, this does not protect the system against zero-day vulnerabilities. In this dissertation, we present the security monitor, a small, trustworthy, and extensible software that provides different security services, with a small TCB. The security services within the security monitor enforce certain privacy and security guarantees for the system, e.g., enforcing certain privacy guarantees for the use of I/O devices. With the security monitor, a compromised operating system will not be able to undermine these guarantees. The security monitor is designed and built based on ARM TrustZone [24, 5, 26, 176] and virtualization hardware [70, 72], which are available in modern mobile and IoT devices. The hypervisor layer, supported by virtualization hardware, enables the security monitor to efficiently control accesses to certain part of the physical memory, e.g., registers of selected sensors, without making any modifications to the operating system. TrustZone, which is already being used by many security applications by vendors, provides a complementary use for the security monitor. It enables sealing of data to guarantee integrity, authenticity, and confidentiality.
One concern about the security monitor is performance. It is widely believed that running the main operating system on top of a hypervisor incurs significant performance overhead [93]. Through extensive experimentation and a redesign of the hypervisor, we provide evidence against this argument. We show that a commodity hypervisor's overhead is mainly due to its frequent interposing on the operating system activities, a design needed only in a multi-tenant virtualization setup. The hypervisor can be redesigned to minimize these interpositions and hence minimize its performance overhead on the main OS. We show that the performance of the operating system is very close to that of native execution.
We demonstrate three end-to-end systems that leverage the security monitor to design different security services: (i) trustworthy sensor notifications using low-level checks in the security monitor (Viola), (ii) trustworthy auditing of sensor activities by recording the sensor activities in the security monitor (Ditio), and (iii) secure formation of electronic contracts by designing secure primitives in the security monitor (Tabellion).