Date of Award
Fall 2024
Project Type
Thesis
Program or Major
Electrical and Computer Engineering
Degree Name
Master of Science
First Advisor
Dean Sullivan
Second Advisor
John R. LaCourse
Third Advisor
Diliang Chen
Abstract
Trusted Execution Environments (TEEs) are essential for secure computing across mobile devices, cloud platforms, and IoT, yet they remain vulnerable to exploits. This thesis presents a novel approach to enhancing TEE security through automated vulnerability classification and advanced fuzzing techniques. The research first introduces an innovative methodology for classifying vulnerabilities into Trusted Applications (TA), TrustZone Operating Systems (TZOS), and general categories using machine learning algorithms such as Random Forest, J48, Naive Bayes, Multilayer Perceptron, and Support Vector Machines. Evaluating these on a dataset of 750 vulnerabilities from the NIST database demonstrates accurate characterization and improved efficiency over manual methods. The second part applies advanced fuzzing techniques, as shown in CROWBAR and LightEMU case studies, effectively uncovering vulnerabilities independent of TrustZone hardware and software. This integrated approach enhances TEE security by reducing undetected vulnerabilities by 30\%, providing stakeholders with actionable data for system maintenance, and offering applications in industries like automotive, healthcare, and financial services.
Recommended Citation
Nissankararao, Lakshmi Sravani, "Trusted Yet Vulnerable: A Quantitative Analysis of Trusted Execution Environments (TEE) Security." (2024). Master's Theses and Capstones. 1893.
https://scholars.unh.edu/thesis/1893