Towards Automated Vulnerability Analysis in ARM-based Virtualization 


Vol. 14,  No. 12, pp. 1051-1057, Dec.  2025
10.3745/TKIPS.2025.14.12.1051


PDF
  Abstract

This study systematically analyzes the attack surface of ARM-based virtualization in comparison with x86 and proposes a methodology for identifying ARM-specific vulnerabilities. The methodology comprises three stages—extraction of address-translation, coverage-guided fuzzing, and multi-layered detection. In particular, provides reproducible instrumentation procedures and a cross-validation framework for low-level mechanisms such as NV and the TLB, enabling practitioners to rapidly detect and confirm issues in ARM environments. Applied to KVM/arm64, the methodology revealed and reproduced two concrete vulnerabilities: an ASID matching error and a TLB invalidation-range calculation error. We addressed both with small patches and validated the fixes using the proposed observation procedure, demonstrating a practical approach to vulnerability analysis in ARM virtualization.

  Statistics
  Cite this article

[IEEE Style]

D. Lee, G. Jin, G. Lee, D. Ko, J. Yang, H. Oh, "Towards Automated Vulnerability Analysis in ARM-based Virtualization," The Transactions of the Korea Information Processing Society, vol. 14, no. 12, pp. 1051-1057, 2025. DOI: 10.3745/TKIPS.2025.14.12.1051.

[ACM Style]

Dongha Lee, Gyujeong Jin, Geonha Lee, Daehyeon Ko, Jaewon Yang, and Hyungyu Oh. 2025. Towards Automated Vulnerability Analysis in ARM-based Virtualization. The Transactions of the Korea Information Processing Society, 14, 12, (2025), 1051-1057. DOI: 10.3745/TKIPS.2025.14.12.1051.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals