Protecting File Activities via Deception for ARM TrustZone

TL;DR

Enigma is a deception-based system that hides real file activities in ARM TrustZone by injecting sybil activities, using multiple filesystem images and frequent shuffling to prevent OS observation, with low overhead and high security.

Contribution

Enigma introduces a novel deception approach for hiding file activities in TrustZone, including sybil call replay, multi-image filesystem management, and frequent image shuffling.

Findings

Supports up to 50 filesystem images with minimal disk overhead

Reduces security cost by an order of magnitude compared to address obfuscation

Works with unmodified Linux filesystems on low-cost ARM hardware

Abstract

A TrustZone TEE often invokes an external filesystem. While filedata can be encrypted, the revealed file activities can leak secrets. To hide the file activities from the filesystem and its OS, we propose Enigma, a deception-based defense injecting sybil file activities as the cover of the actual file activities. Enigma contributes three new designs. (1) To make the deception credible, the TEE generates sybil calls by replaying file calls from the TEE code under protection. (2) To make sybil activities cheap, the TEE requests the OS to run K filesystem images simultaneously. Concealing the disk, the TEE backs only one image with the actual disk while backing other images by only storing their metadata. (3) To protect filesystem image identities, the TEE shuffles the images frequently, preventing the OS from observing any image for long. Enigma works with unmodified filesystems shipped withLinux. On a low-cost Arm SoC with EXT4 and F2FS, our system can concurrently run as many as 50 filesystem images with 1% of disk overhead per additional image. Compared to common obfuscation for hiding addresses in a flat space, Enigma hides file activities with richer semantics. Its cost is lower by one order of magnitude while achieving the same level of probabilistic security guarantees.