Research Article
From Hardware to Operating System: A Static Measurement Method of Android System Based on TrustZone
Table 3
Attack experiment measurement results.
| | Rootkit | Attack function category | Measurement results of this experiment | DIMDroid metric |
| | Rootkit1 | Modify some bytes of syscall subroutine | √ | √ | | Rootkit2 | Modify some items of syscall | √ | √ | | Rootkit3 | Modify SWI software interrupt jump offset | √ | √ | | Rootkit4 | Inject malicious code into the onTouchEvent() function and elevate the kernel layer permissions to complete attack | √ | × | | Rootkit5 | Intercept the proc_lookup function to hide the process | √ | √ |
|
|
