ABSTRACT
Bring Your Own Device (BYOD) is a growing trend among enterprises, aiming to improve workers' mobility and productivity via their smartphones. The threats and dangers posed by the smartphones to the enterprise are also ever-growing. Such dangers can be mitigated by running the enterprise software inside a "secure container" on the smartphone. In our work we present a systematic assessment of security critical areas in design and implementation of a secure container for Android using reverse engineering and attacker-inspired methods. We do this through a case-study of Samsung KNOX, a real-world product deployed on millions of devices. Our research shows how KNOX security features work behind the scenes and lets us compare the vendor's public security claims against reality. Along the way we identified several design weaknesses and a few vulnerabilities that were disclosed to Samsung.
- https://www.qualcomm.com/products/snapdragon/security.Google Scholar
- https://www.hex-rays.com/products/ida.Google Scholar
- http://forum.xda-developers.com/showthread.php?t=2213235.Google Scholar
- https://github.com/pxb1988/dex2jar.Google Scholar
- http://jd.benow.ca.Google Scholar
- http://forum.xda-developers.com/showthread.php?t=2565758.Google Scholar
- http://xposed.info.Google Scholar
- http://ecryptfs.org.Google Scholar
- https://en.wikipedia.org/wiki/PBKDF2.Google Scholar
- http://www.securityfocus.com/archive/1.Google Scholar
- CVE-2016-1919. http://www.securityfocus.com/archive/1/537319/30/0/threaded.Google Scholar
- CVE-2016-1920. http://www.securityfocus.com/archive/1/537318/30/0/threaded.Google Scholar
- CVE-2016-3996. http://www.securityfocus.com/archive/1/538113/30/0/threaded.Google Scholar
- J. Andrus, C. Dall, A. V. Hof, O. Laadan, and J. Nieh. Cells: A virtual mobile smartphone architecture. In Proc. 23rd ACM Symposium on Operating Systems Principles (SOSP), pages 173--187, Cascais, Portugal, 2011. Google ScholarDigital Library
- Apple Insider. After gaining U.S. government approval, Samsung Knox security for Android found to be "completely compromised". http://appleinsider.com/articles/14/10/23/after-gaining-us-government-approval-samsung-knox-security-for-android-found-to-be-completely-compromised.Google Scholar
- ARM. Building a secure System using TrustZone Technology. http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492Ctrustzonesecuritywhitepaper.pdf.Google Scholar
- A. M. Azab, P. Ning, J. Shah, Q. Chen, R. Bhutkar, G. Ganesh, J. Ma, and W. Shen. Hypervision across worlds: Real-time kernel protection from the ARM TrustZone secure world. In Proc. ACM Conference on Computer and Communications Security, CCS'14, pages 90--102, 2014. Google ScholarDigital Library
- G. Beniamini. TrustZone exploit in QSEE, part 3. http://bits-please.blogspot.co.il/2015/08/full-trustzone-exploit-for-msm8974.html, 2015.Google Scholar
- BGU Cyber Security Labs. VPN related vulnerability discovered on an Android device. http://cyber.bgu.ac.il/blog/vpn-related-vulnerability-discovered-android-device-disclosure-report, 2014.Google Scholar
- V. Costan and S. Devadas. Intel SGX explained. Cryptology ePrint Archive, Report 2016/086, 2016. http://eprint.iacr.org/.Google Scholar
- P. de las Cuevas, A. Mora, J. Merelo, P. Castillo, P. Garcia-Sanchez, and A. Fernandez-Ares. Corporate security solutions for BYOD: A novel user-centric and self-adaptive system. Computer Communications, 68:8--95, 2015. Security and Privacy in Unified Communications: Challenges and Solutions. Google ScholarDigital Library
- Forbes. Chinese Cybercriminals Breached Google Play To Infect 'Up To 1 Million' Androids, 2015. http://www.forbes.com/sites/thomasbrewster/2015/09/21/chinese-hackers-beat-google-bouncer.Google Scholar
- X. Ge, H. Vijayakumar, and T. Jaeger. Sprobes: Enforcing kernel code integrity on the TrustZone architecture. CoRR, abs/1410.7747, 2014.Google Scholar
- Google. Android for Work Security white paper, 2015. https://static.googleusercontent.com/media/www.google.co.il/iw/IL/work/android/files/android-for-work-security-white-paper.pdf.Google Scholar
- Holger Schulze. BYOD & Mobile Security report. http://www.slideshare.net/informationsecurity/byod-mobile-security-report, 2014.Google Scholar
- IBM. IBM introduces chip morphing technology. http://www-304.ibm.com/jct03001c/press/us/en/pressrelease/7246.wss, 2004.Google Scholar
- U. Kanonov and A. Wool. Secure containers in Android: the Samsung KNOX case study. Technical Report arXiv:1605.08567 {cs.CR}, arXiv.org, 2016. Available from http://arxiv.org/abs/1605.08567.Google ScholarDigital Library
- X. Li, H. Hu, G. Bai, Y. Jia, Z. Liang, and P. Saxena. DroidVault: A trusted data vault for Android devices. In 19th International Conference on Engineering of Complex Computer Systems (ICECCS), pages 29--38, Tianjin, China, 2014. Google ScholarDigital Library
- J. Oltsik. ESG: a multitude of mobile security issues. Network World, 2012. http://www.networkworld.com/article/2222813/cisco-subnet/a-multitude-of-mobile-security-issues.html.Google Scholar
- D. Rosenberg. QSEE TrustZone kernel integer overflow vulnerability. In Black Hat USA conference, 2014.Google Scholar
- T. Roth. Next generation mobile rootkits. In Hack in Paris, 2013. http://leveldown.de/hip2013.pdf.Google Scholar
- Samsung. KNOX warranty bit. https://www.samsungknox.com/en/blog/about-rooting-samsung-knox-enabled-devices-and-knox-warranty-void-bit, 2013.Google Scholar
- Samsung. Whitepaper : An overview of Samsung KNOX (1.0). http://www.samsung.com/es/business-images/resource/white-paper/2014/02/SamsungKNOXwhitepaper-0.pdf, April, 2013.Google Scholar
- Samsung. Whitepaper: An overview of the Samsung KNOX platform (2.x). https://www.samsungknox.com/en/system/files/whitepaper/files/AnOverviewoftheSamsungKNOXPlatformV1.120.pdf, September, 2015.Google Scholar
- Samsung Mobile Security Team. Personal communication, 2015.Google Scholar
- Wall Street Journal. Samsung phone studied for possible security gap. http://www.wsj.com/articles/SB10001424052702304244904579276191788427198.Google Scholar
- X. Wang, K. Sun, Y. Wang, and J. Jing. DeepDroid: Dynamically enforcing enterprise policy on Android devices. In Proc. 22nd Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, 2015.Google ScholarCross Ref
- N. Zahadat, P. Blessner, T. Blackburn, and B. A. Olson. BYOD security engineering : A framework and its analysis. Comput. Secur., 55(C):81--99, Nov. 2015. Google ScholarDigital Library
Index Terms
- Secure Containers in Android: The Samsung KNOX Case Study
Recommendations
Android: Changing the Mobile Landscape
The mobile phone landscape changed last year with the introduction of smart phones running Android, a platform marketed by Google. Android phones are the first credible threat to the iPhone market. Not only did Google target the same consumers as iPhone,...
Towards a Smartphone User Competency Evolution Model
SAICSIT '15: Proceedings of the 2015 Annual Research Conference on South African Institute of Computer Scientists and Information TechnologistsOver the past few years smartphones have evolved from being basic devices that support stock-standard, static Operating Systems (OSs) to powerful devices that are capable of running dynamic, customizable OSs. In turn, these OSs also support the ...
DEMO: Enabling trusted stores for android
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityIn the Android ecosystem, the process of verifying the integrity of downloaded apps is left to the user. Different from other systems, e.g., Apple App Store, Google does not provide any certified vetting process for the Android apps. This choice has a ...
Comments