DITING: A Static Analyzer for Identifying Bad Partitioning Issues in TEE Applications

TL;DR

DITING is a static analysis tool designed to detect security vulnerabilities caused by improper partitioning in TEE applications, addressing a critical gap in existing security assessments.

Contribution

The paper introduces DITING, the first static analyzer for bad partitioning issues in TEE applications, and provides a comprehensive benchmark with 110 test cases.

Findings

DITING achieves an F1 score of 0.90 in detecting bad partitioning issues.

Survey reveals insecure parameter usage in TEE applications.

Benchmark facilitates future research on TEE security vulnerabilities.

Abstract

Trusted Execution Environment (TEE) enhances the security of mobile applications and cloud services by isolating sensitive code in the secure world from the non-secure normal world. However, TEE applications are still confronted with vulnerabilities stemming from bad partitioning. Bad partitioning can lead to critical security problems of TEE, such as leaking sensitive data to the normal world or being adversely affected by malicious inputs from the normal world. To address this, we propose an approach to detect partitioning issues in TEE applications. First, we conducted a survey of TEE vulnerabilities caused by bad partitioning and found that the parameters exchanged between the secure and normal worlds often contain insecure usage with bad partitioning implementation. Second, we developed a tool named DITING that can analyze data-flows of these parameters and identify their violations of security rules we defined to find bad partitioning issues. Different from existing research that only focuses on malicious input to TEE, we assess the partitioning issues more comprehensively through input/output and shared memory. Finally, we created the first benchmark targeting bad partitioning, consisting of 110 test cases. Experiments demonstrate that DITING achieves an F1 score of 0.90 in identifying bad partitioning issues.