Security analysis of Samsung Knox

Munkhzorig Dorjmyagmar; Minchang Kim; Hyoungshick Kim

doi:10.23919/ICACT.2017.7890150

Security analysis of Samsung Knox

Munkhzorig Dorjmyagmar
, Minchang Kim
, Hyoungshick Kim

Department of Computer Science and Engineering

Sungkyunkwan University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

7 Scopus citations

Abstract

A Trusted Execution Environment (TEE) has become popular in the mobile industry. Hardware-based security will be employed by default for every mobile device within a few years. In this paper, we explore several potential security issues of the Samsung Knox platform that is one of the advanced hardware based mobile security platforms for Android devices. We describe several attack scenarios to show how the Knox platform can be compromised. We particularly performed experiments for Man in the Middle Attacks with an untrusted certificate. To mitigate such security risks, we also recommend several countermeasures based on fundamental security principles. For example, security-sensitive resources in Knox should be strictly isolated from processes in an insecure operating system.

Original language	English
Title of host publication	19th International Conference on Advanced Communications Technology
Subtitle of host publication	Opening Era of Smart Society, ICACT 2017 - Proceeding
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	550-553
Number of pages	4
ISBN (Electronic)	9788996865094
DOIs	https://doi.org/10.23919/ICACT.2017.7890150
State	Published - 29 Mar 2017
Event	19th International Conference on Advanced Communications Technology, ICACT 2017 - Pyeongchang, Korea, Republic of Duration: 19 Feb 2017 → 22 Feb 2017

Publication series

Name	International Conference on Advanced Communication Technology, ICACT
ISSN (Print)	1738-9445

Conference

Conference	19th International Conference on Advanced Communications Technology, ICACT 2017
Country/Territory	Korea, Republic of
City	Pyeongchang
Period	19/02/17 → 22/02/17

Keywords

Samsung knox
Trusted computing
TrustZone

Access to Document

10.23919/ICACT.2017.7890150

Cite this

Dorjmyagmar, M., Kim, M., & Kim, H. (2017). Security analysis of Samsung Knox. In 19th International Conference on Advanced Communications Technology: Opening Era of Smart Society, ICACT 2017 - Proceeding (pp. 550-553). Article 7890150 (International Conference on Advanced Communication Technology, ICACT). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.23919/ICACT.2017.7890150

@inproceedings{f420850a56344a8cac3fc4af02e12d82,

title = "Security analysis of Samsung Knox",

abstract = "A Trusted Execution Environment (TEE) has become popular in the mobile industry. Hardware-based security will be employed by default for every mobile device within a few years. In this paper, we explore several potential security issues of the Samsung Knox platform that is one of the advanced hardware based mobile security platforms for Android devices. We describe several attack scenarios to show how the Knox platform can be compromised. We particularly performed experiments for Man in the Middle Attacks with an untrusted certificate. To mitigate such security risks, we also recommend several countermeasures based on fundamental security principles. For example, security-sensitive resources in Knox should be strictly isolated from processes in an insecure operating system.",

keywords = "Samsung knox, Trusted computing, TrustZone",

author = "Munkhzorig Dorjmyagmar and Minchang Kim and Hyoungshick Kim",

note = "Publisher Copyright: {\textcopyright} 2017 Global IT Research Institute - GiRI.; 19th International Conference on Advanced Communications Technology, ICACT 2017 ; Conference date: 19-02-2017 Through 22-02-2017",

year = "2017",

month = mar,

day = "29",

doi = "10.23919/ICACT.2017.7890150",

language = "English",

series = "International Conference on Advanced Communication Technology, ICACT",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "550--553",

booktitle = "19th International Conference on Advanced Communications Technology",

}

Dorjmyagmar, M, Kim, M & Kim, H 2017, Security analysis of Samsung Knox. in 19th International Conference on Advanced Communications Technology: Opening Era of Smart Society, ICACT 2017 - Proceeding., 7890150, International Conference on Advanced Communication Technology, ICACT, Institute of Electrical and Electronics Engineers Inc., pp. 550-553, 19th International Conference on Advanced Communications Technology, ICACT 2017, Pyeongchang, Korea, Republic of, 19/02/17. https://doi.org/10.23919/ICACT.2017.7890150

Security analysis of Samsung Knox. / Dorjmyagmar, Munkhzorig; Kim, Minchang; Kim, Hyoungshick.
19th International Conference on Advanced Communications Technology: Opening Era of Smart Society, ICACT 2017 - Proceeding. Institute of Electrical and Electronics Engineers Inc., 2017. p. 550-553 7890150 (International Conference on Advanced Communication Technology, ICACT).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Security analysis of Samsung Knox

AU - Dorjmyagmar, Munkhzorig

AU - Kim, Minchang

AU - Kim, Hyoungshick

PY - 2017/3/29

Y1 - 2017/3/29

N2 - A Trusted Execution Environment (TEE) has become popular in the mobile industry. Hardware-based security will be employed by default for every mobile device within a few years. In this paper, we explore several potential security issues of the Samsung Knox platform that is one of the advanced hardware based mobile security platforms for Android devices. We describe several attack scenarios to show how the Knox platform can be compromised. We particularly performed experiments for Man in the Middle Attacks with an untrusted certificate. To mitigate such security risks, we also recommend several countermeasures based on fundamental security principles. For example, security-sensitive resources in Knox should be strictly isolated from processes in an insecure operating system.

AB - A Trusted Execution Environment (TEE) has become popular in the mobile industry. Hardware-based security will be employed by default for every mobile device within a few years. In this paper, we explore several potential security issues of the Samsung Knox platform that is one of the advanced hardware based mobile security platforms for Android devices. We describe several attack scenarios to show how the Knox platform can be compromised. We particularly performed experiments for Man in the Middle Attacks with an untrusted certificate. To mitigate such security risks, we also recommend several countermeasures based on fundamental security principles. For example, security-sensitive resources in Knox should be strictly isolated from processes in an insecure operating system.

KW - Samsung knox

KW - Trusted computing

KW - TrustZone

UR - https://www.scopus.com/pages/publications/85018525470

U2 - 10.23919/ICACT.2017.7890150

DO - 10.23919/ICACT.2017.7890150

M3 - Conference contribution

AN - SCOPUS:85018525470

T3 - International Conference on Advanced Communication Technology, ICACT

SP - 550

EP - 553

BT - 19th International Conference on Advanced Communications Technology

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 19th International Conference on Advanced Communications Technology, ICACT 2017

Y2 - 19 February 2017 through 22 February 2017

ER -

Dorjmyagmar M, Kim M, Kim H. Security analysis of Samsung Knox. In 19th International Conference on Advanced Communications Technology: Opening Era of Smart Society, ICACT 2017 - Proceeding. Institute of Electrical and Electronics Engineers Inc. 2017. p. 550-553. 7890150. (International Conference on Advanced Communication Technology, ICACT). doi: 10.23919/ICACT.2017.7890150

Security analysis of Samsung Knox

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this