{"id":"https://openalex.org/W4287884590","doi":"https://doi.org/10.1109/spw54247.2022.9833891","title":"Abusing Trust: Mobile Kernel Subversion via TrustZone Rootkits","display_name":"Abusing Trust: Mobile Kernel Subversion via TrustZone Rootkits","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W4287884590","doi":"https://doi.org/10.1109/spw54247.2022.9833891"},"language":"en","primary_location":{"id":"doi:10.1109/spw54247.2022.9833891","is_oa":false,"landing_page_url":"https://doi.org/10.1109/spw54247.2022.9833891","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Security and Privacy Workshops (SPW)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5031530479","display_name":"Daniel Marth","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Daniel Marth","raw_affiliation_strings":["RISE&#x2013;Research Industrial Systems Engineering GmbH"],"affiliations":[{"raw_affiliation_string":"RISE&#x2013;Research Industrial Systems Engineering GmbH","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021851117","display_name":"Clemens Hlauschek","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Clemens Hlauschek","raw_affiliation_strings":["RISE&#x2013;Research Industrial Systems Engineering GmbH"],"affiliations":[{"raw_affiliation_string":"RISE&#x2013;Research Industrial Systems Engineering GmbH","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018375019","display_name":"Christian Schanes","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Christian Schanes","raw_affiliation_strings":["RISE&#x2013;Research Industrial Systems Engineering GmbH"],"affiliations":[{"raw_affiliation_string":"RISE&#x2013;Research Industrial Systems Engineering GmbH","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5068352067","display_name":"Thomas Grechenig","orcid":"https://orcid.org/0009-0000-5622-8598"},"institutions":[{"id":"https://openalex.org/I145847075","display_name":"TU Wien","ror":"https://ror.org/04d836q62","country_code":"AT","type":"education","lineage":["https://openalex.org/I145847075"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Thomas Grechenig","raw_affiliation_strings":["TU Wien,Research Group for Industrial Software","Research Group for Industrial Software, TU Wien"],"affiliations":[{"raw_affiliation_string":"TU Wien,Research Group for Industrial Software","institution_ids":["https://openalex.org/I145847075"]},{"raw_affiliation_string":"Research Group for Industrial Software, TU Wien","institution_ids":["https://openalex.org/I145847075"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5031530479"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.3977,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.66349024,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"25","issue":null,"first_page":"265","last_page":"276"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9922000169754028,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.8994422554969788},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7782440185546875},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5475103855133057},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.5001139640808105},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49755075573921204},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.422296404838562}],"concepts":[{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.8994422554969788},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7782440185546875},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5475103855133057},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.5001139640808105},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49755075573921204},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.422296404838562}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/spw54247.2022.9833891","is_oa":false,"landing_page_url":"https://doi.org/10.1109/spw54247.2022.9833891","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Security and Privacy Workshops (SPW)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7799999713897705}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W313428","https://openalex.org/W1522250664","https://openalex.org/W1532310612","https://openalex.org/W1598700299","https://openalex.org/W1916709771","https://openalex.org/W1975582382","https://openalex.org/W2079240332","https://openalex.org/W2091085572","https://openalex.org/W2137725382","https://openalex.org/W2168872572","https://openalex.org/W2257724910","https://openalex.org/W2283774512","https://openalex.org/W2413598406","https://openalex.org/W2471431439","https://openalex.org/W2491334266","https://openalex.org/W2521856610","https://openalex.org/W2603720216","https://openalex.org/W2606774910","https://openalex.org/W2612380866","https://openalex.org/W2612397603","https://openalex.org/W2753332081","https://openalex.org/W2755330617","https://openalex.org/W2757205367","https://openalex.org/W2783940477","https://openalex.org/W2793273293","https://openalex.org/W2798446790","https://openalex.org/W2911594609","https://openalex.org/W2913096406","https://openalex.org/W2922526186","https://openalex.org/W2943860641","https://openalex.org/W3002690686","https://openalex.org/W3016246341","https://openalex.org/W3046286843","https://openalex.org/W3212405294","https://openalex.org/W3216796243","https://openalex.org/W4226498484","https://openalex.org/W4302771278","https://openalex.org/W6600015669","https://openalex.org/W6631155369","https://openalex.org/W6631882702","https://openalex.org/W6744145243","https://openalex.org/W6804416492"],"related_works":["https://openalex.org/W1994712384","https://openalex.org/W4240186231","https://openalex.org/W1565457235","https://openalex.org/W2166844173","https://openalex.org/W3170525725","https://openalex.org/W2725637128","https://openalex.org/W2897593657","https://openalex.org/W3006507989","https://openalex.org/W3089468277","https://openalex.org/W4366249425"],"abstract_inverted_index":{"The":[0,153],"Arm":[1,115,224],"TrustZone":[2,116,157,225,256],"is":[3,159,167,182],"the":[4,26,32,35,47,66,109,114,122,125,149,170,194,204,211,223,228,237,243,253,267],"de":[5],"facto":[6],"standard":[7],"for":[8,19,96,156,200],"hardware-backed":[9],"Trusted":[10,67],"Execution":[11],"Environments":[12],"(TEEs)":[13],"on":[14],"mobile":[15],"devices,":[16],"providing":[17],"isolation":[18],"secure":[20,94,110,171,212],"computations":[21],"to":[22,75,87,91,121,145,185,192,226,272],"be":[23,286],"shielded":[24],"from":[25,31,210],"normal":[27,164],"world,":[28],"and":[29,43,55,65,101,203,233,263],"thus":[30],"rest":[33],"of":[34,60,62,124,163,176,196,206,236,242,255,270],"system.":[36],"Most":[37],"real-world":[38],"TEEs":[39,59,90],"are":[40,72],"proprietary,":[41],"difficult-to-inspect,":[42],"notoriously":[44],"insecure:":[45],"In":[46],"past":[48],"years,":[49],"it":[50],"has":[51,118],"been":[52],"demonstrated":[53],"over":[54,56],"again":[57],"that":[58,160,258],"millions":[61],"devices":[63],"worldwide,":[64],"Applications":[68],"(TAs)":[69],"they":[70],"harbor,":[71],"often":[73],"vulnerable":[74],"attacks":[76],"such":[77,98,142],"as":[78,99,281],"control":[79],"flow":[80],"hijacking.":[81],"Not":[82],"only":[83],"do":[84],"we":[85,282],"have":[86,146],"trust":[88,274],"these":[89],"provide":[92,215],"a":[93,135,216],"environment":[95],"TAs":[97],"keystore":[100],"Digital":[102],"Rights":[103],"Management":[104],"(DRM),":[105],"code":[106],"running":[107],"in":[108,138,148,169,222],"world":[111,165],"provided":[112],"by":[113],"also":[117],"full":[119],"access":[120],"memory":[123,166,199],"regular":[126],"operating":[127],"system":[128],"(OS).":[129],"Since":[130],"Thomas":[131],"Roth":[132],"first":[133],"proposed":[134,229],"TrustZone-based":[136],"rootkit":[137,187,220,238],"2013,":[139],"progress":[140],"regarding":[141],"rootkits":[143,158,257],"seems":[144],"stalled":[147],"offensive":[150],"research":[151],"community.":[152],"biggest":[154],"challenge":[155],"no":[161],"interpretation":[162,195],"available":[168],"world.":[172,213],"Automated":[173],"reverse":[174],"engineering":[175],"kernel":[177,198,245,261],"data":[178,248],"structures":[179],"at":[180],"runtime":[181],"one":[183],"way":[184],"implement":[186],"functions.":[188],"We":[189,214,231],"present":[190],"mechanisms":[191,209],"engineer":[193],"Linux":[197,244],"malicious":[201],"subversion":[202],"circumvention":[205],"basic":[207],"protection":[208],"fully":[217],"working":[218],"proof-of-concept":[219],"located":[221],"demonstrate":[227],"mechanisms.":[230],"evaluate":[232],"show":[234],"compatibility":[235],"across":[239],"different":[240],"versions":[241],"despite":[246],"changing":[247],"structures.":[249],"Our":[250],"results":[251],"highlight":[252],"feasibility":[254],"potentially":[259],"survive":[260],"updates":[262],"raise":[264],"awareness":[265],"about":[266],"real":[268],"danger":[269],"having":[271],"put":[273],"into":[275],"unvetted":[276],"proprietary":[277],"vendor":[278],"code,":[279],"which,":[280],"show,":[283],"can":[284],"easily":[285],"abused.":[287]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}