摘要: 移动设备的发展使得用户能够手持设备远程连接桌面环境办公,但移动平台的安全隐患给移动远程控制带来巨大的风险。为此,利用ARM处理器的安全扩展TrustZone技术,设计一个具有高安全性的远程控制系统TrustRFB。通过对传输信道加密,并把远程控制客户端隐私相关的逻辑放入TrustZone所提供的安全域内,有效地防止攻击者利用恶意软件、恶意系统甚至恶意远程控制客户端窃取用户的隐私。在Exynos4412开发板上实现TrustRFB的原型,安全测试结果表明,TrustRFB能够抵御Rootkit和软件重打包等多种攻击手段,并且在日常使用场景中网络带宽仅下降1.2%。
关键词:
远程控制,
TrustZone技术,
远程帧缓冲协议,
虚拟网络计算,
Android系统,
ARM架构
Abstract: The development of mobile devices makes users remotely control their desktops with phones or tablets,but vulnerabilities in mobile operating systems put mobile remote control under great security risk.This paper introduces TrustRFB,a secure remote control system leveraging the security extension TrustZone of ARM processor.By encrypting the network connection and putting privilege related part of code into the secure world provided by TrustZone,TrustRFB can effectively prevent attackers from stealing users’ privacy with malware,compromised system or even malicious remote control client.A prototype of TrustRFB is implemented on Exynos4412 development board and the evaluation shows that TrustRFB can defend against many attack methods like Rootkit and repackage attack while introducing a bandwidth dropdown of 1.2% in normal use.
Key words:
remote control,
TrustZone technology,
Remote Frame Buffer(RFB) protocol,
virtual network computing,
Android system,
ARM architecture
中图分类号: