Related papers: TÄMU: Emulating Trusted Applications at the (GlobalPlatform)-API Layer

TÄMU: Emulating Trusted Applications at the (GlobalPlatform)-API Layer

URL: http://arxiv.org/abs/2601.20507v1
Date: Wed, 28 Jan 2026 11:34:06 GMT
Title: TÄMU: Emulating Trusted Applications at the (GlobalPlatform)-API Layer
Authors: Philipp Mao, Li Shi, Marcel Busch, Mathias Payer,
Abstract summary: Mobile devices rely on Trusted Execution Environments (TEEs) to execute security-critical code and protect assets.<n>The closed-source nature and fragmentation of mobile TEEs severely hinder dynamic analysis of TAs.<n>This paper presents TMU, a rehosting platform enabling dynamic analysis of TAs.
Score: 20.44030366449458
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Mobile devices rely on Trusted Execution Environments (TEEs) to execute security-critical code and protect sensitive assets. This security-critical code is modularized in components known as Trusted Applications (TAs). Vulnerabilities in TAs can compromise the TEE and, thus, the entire system. However, the closed-source nature and fragmentation of mobile TEEs severely hinder dynamic analysis of TAs, limiting testing efforts to mostly static analyses. This paper presents TÄMU, a rehosting platform enabling dynamic analysis of TAs, specifically fuzzing and debugging, by interposing their execution at the API layer. To scale to many TAs across different TEEs, TÄMU leverages the standardization of TEE APIs, driven by the GlobalPlatform specifications. For the remaining TEE-specific APIs not shared across different TEEs, TÄMU introduces the notion of greedy high-level emulation, a technique that allows prioritizing manual rehosting efforts based on the potential coverage gain during fuzzing. We implement TÄMU and use it to emulate 67 TAs across four TEEs. Our fuzzing campaigns yielded 17 zero-day vulnerabilities across 11 TAs. These results indicate a deficit of dynamic analysis capabilities across the TEE ecosystem, where not even vendors with source code unlocked these capabilities for themselves. TÄMU promises to close this gap by bringing effective and practical dynamic analysis to the mobile TEE domain.

Related papers

Multi-Agent Taint Specification Extraction for Vulnerability Detection [49.27772068704498]
Static Application Security Testing (SAST) tools using taint analysis are widely viewed as providing higher-quality vulnerability detection results.<n>We present SemTaint, a multi-agent system that strategically combines the semantic understanding of Large Language Models (LLMs) with traditional static program analysis.<n>We integrate SemTaint with CodeQL, a state-of-the-art SAST tool, and demonstrate its effectiveness by detecting 106 of 162 vulnerabilities previously undetectable by CodeQL.
arXiv Detail & Related papers (2026-01-15T21:31:51Z)
CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents [60.98294016925157]
AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior to steal credentials or cause financial loss.<n>We introduce Single-Shot Planning for CUAs, where a trusted planner generates a complete execution graph with conditional branches before any observation of potentially malicious content.<n>Although this architectural isolation successfully prevents instruction injections, we show that additional measures are needed to prevent Branch Steering attacks.
arXiv Detail & Related papers (2026-01-14T23:06:35Z)
Qualcomm Trusted Application Emulation for Fuzzing Testing [0.3277163122167433]
This research centers on trusted applications (TAs) within the Qualcomm TEE.<n>Through reverse engineering techniques, we develop a partial emulation environment that accurately emulates their behavior.<n>We integrate fuzzing testing techniques into the emulator to systematically uncover potential vulnerabilities within Qualcomm TAs.
arXiv Detail & Related papers (2025-07-11T06:10:15Z)
DRIFT: Dynamic Rule-Based Defense with Injection Isolation for Securing LLM Agents [52.92354372596197]
Large Language Models (LLMs) are increasingly central to agentic systems due to their strong reasoning and planning capabilities.<n>This interaction also introduces the risk of prompt injection attacks, where malicious inputs from external sources can mislead the agent's behavior.<n>We propose a Dynamic Rule-based Isolation Framework for Trustworthy agentic systems, which enforces both control and data-level constraints.
arXiv Detail & Related papers (2025-06-13T05:01:09Z)
A performance analysis of VM-based Trusted Execution Environments for Confidential Federated Learning [0.0]
Federated Learning (FL) is a distributed machine learning approach that has emerged as an effective way to address recent privacy concerns.<n>FL introduces the need for additional security measures as FL alone is still subject to vulnerabilities such as model and data poisoning and inference attacks.<n> Confidential Computing (CC) is a paradigm that, by leveraging hardware-based trusted execution environments (TEEs), protects the confidentiality and integrity of ML models and data.
arXiv Detail & Related papers (2025-01-20T15:58:48Z)
GNN-Based Code Annotation Logic for Establishing Security Boundaries in C Code [41.10157750103835]
Securing sensitive operations in today's interconnected software landscape is crucial yet challenging. Modern platforms rely on Trusted Execution Environments (TEEs) to isolate security sensitive code from the main system. Code Logic (CAL) is a pioneering tool that automatically identifies security sensitive components for TEE isolation.
arXiv Detail & Related papers (2024-11-18T13:40:03Z)
AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? [54.65079443902714]
We introduce AutoPT, an automated penetration testing agent based on the principle of PSM driven by LLMs. Our results show that AutoPT outperforms the baseline framework ReAct on the GPT-4o mini model.
arXiv Detail & Related papers (2024-11-02T13:24:30Z)
Active Test-Time Adaptation: Theoretical Analyses and An Algorithm [51.84691955495693]
Test-time adaptation (TTA) addresses distribution shifts for streaming test data in unsupervised settings. We propose the novel problem setting of active test-time adaptation (ATTA) that integrates active learning within the fully TTA setting.
arXiv Detail & Related papers (2024-04-07T22:31:34Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
A Large-Scale Study on the Prevalence and Usage of TEE-based Features on Android [0.0]
This study focuses on the key areas of cryptography, digital rights management, biometric authentication, and secure dialogs. Through the analysis of 170,550 popular Android apps, our analysis illuminates the implementation of TEE-related features and their contextual usage.
arXiv Detail & Related papers (2023-11-17T13:29:16Z)
Harnessing the Power of LLM to Support Binary Taint Analysis [18.068393213293188]
LATTE is the first static binary taint analysis that is powered by a large language model (LLM)<n>First, LATTE is fully automated while prior static binary taint analyzers need rely on human expertise to manually customize taint propagation rules and vulnerability inspection rules.<n>Second, LATTE is significantly effective in vulnerability detection, demonstrated by our comprehensive evaluations.
arXiv Detail & Related papers (2023-10-12T12:24:52Z)

This list is automatically generated from the titles and abstracts of the papers in this site.