@InProceedings{10.1007/978-3-030-00470-5_18,
author="Cao, Chen
and Guan, Le
and Zhang, Ning
and Gao, Neng
and Lin, Jingqiang
and Luo, Bo
and Liu, Peng
and Xiang, Ji
and Lou, Wenjing",
editor="Bailey, Michael
and Holz, Thorsten
and Stamatogiannakis, Manolis
and Ioannidis, Sotiris",
title="CryptMe: Data Leakage Prevention for Unmodified Programs on ARM Devices",
booktitle="Research in Attacks, Intrusions, and Defenses",
year="2018",
publisher="Springer International Publishing",
address="Cham",
pages="380--400",
abstract="Sensitive data (e.g., passwords, health data and private videos) can be leaked due to many reasons, including (1) the misuse of legitimate operating system (OS) functions such as core dump, swap and hibernation, and (2) physical attacks to the DRAM chip such as cold-boot attacks and DMA attacks. While existing software-based memory encryption is effective in defeating physical attacks, none of them can prevent a legitimate OS function from accidentally leaking sensitive data in the memory. This paper introduces CryptMe that integrates memory encryption and ARM TrustZone-based memory access controls to protect sensitive data against both attacks. CryptMe essentially extends the Linux kernel with the ability to accommodate the execution of unmodified programs in an isolated execution domain (to defeat OS function misuse), and at the same time transparently encrypt sensitive data appeared in the DRAM chip (to defeat physical attacks). We have conducted extensive experiments on our prototype implementation. The evaluation results show the efficiency and added security of our design.",
isbn="978-3-030-00470-5"
}