Dual-mode Integrity Measurement System Based on Virtualized TEE

Abstract

The Trusted Execution Environment (TEE) is mainly used to protect sensitive information and ensure information security. TEE has been used in the system structure of various mobile devices. With the development of TEE, attack methods against TEE gradually appear. The virtualized TEE architecture proposed by existing research can solve some security problems caused by TEE architecture, but there are still some deficiencies. To enhance the TEE architecture, a virtualized TEE-based kernel integrity measurement scheme is proposed, and identity-based and neural network-based integrity measurements are used in different scenarios. The experimental results show that the designed dual-mode integrity measurement system can effectively detect attacks against different kernel objects and has little impact on system performance, thus achieving security enhancements for virtualized TEE.