Android system has been one of the main targets of hacker attacks for a long time. At present, it is faced with security risks such as privilege escalation attacks, image tampering, and malicious programs. In view of the above risks, the current detection of the application layer can no longer guarantee the security of the Android system. The security of mobile terminals needs to be fully protected from the bottom to the top, and the consistency test of the hardware system is realized from the hardware layer of the terminal. However, there is not a complete set of security measures to ensure the reliability and integrity of the Android system at present. Therefore, from the perspective of trusted computing, this paper proposes and implements a trusted static measurement method of the Android system based on TrustZone to protect the integrity of the system layer and provide a trusted underlying environment for the detection of the Android application layer. This paper analyzes from two aspects of security and efficiency. The experimental results show that this method can detect the Android system layer privilege escalation attack and discover the rootkit that breaks the integrity of the Android kernel in time during the startup process, and the performance loss of this method is within the acceptable range.

中文翻译：

---

从硬件到操作系统：基于TrustZone的Android系统静态测量方法

长期以来，Android系统一直是黑客攻击的主要目标之一。目前，它面临着安全风险，例如特权升级攻击，图像篡改和恶意程序。鉴于上述风险，当前对应用层的检测不再能够保证Android系统的安全性。需要从下到上全面保护移动终端的安全性，并从终端的硬件层实现硬件系统的一致性测试。但是，目前尚没有一套完整的安全措施来确保Android系统的可靠性和完整性。因此，从可信计算的角度来看，本文提出并实现了一种基于TrustZone的Android系统的可信静态测量方法，以保护系统层的完整性，并为Android应用程序层的检测提供可信的底层环境。本文从安全性和效率两个方面进行分析。实验结果表明，该方法可以在启动过程中及时检测到Android系统层特权升级攻击，并及时发现破坏Android内核完整性的rootkit，并且该方法的性能损失在可接受的范围内。