Research Article
From Hardware to Operating System: A Static Measurement Method of Android System Based on TrustZone
Table 3
Attack experiment measurement results.
| Rootkit | Attack function category | Measurement results of this experiment | DIMDroid metric |
| Rootkit1 | Modify some bytes of syscall subroutine | √ | √ | Rootkit2 | Modify some items of syscall | √ | √ | Rootkit3 | Modify SWI software interrupt jump offset | √ | √ | Rootkit4 | Inject malicious code into the onTouchEvent() function and elevate the kernel layer permissions to complete attack | √ | × | Rootkit5 | Intercept the proc_lookup function to hide the process | √ | √ |
|
|