SGXPecial

Proceedings of the 14th European Workshop on Systems Security Pub Date : 1900-01-01 DOI:10.1145/3447852.3458716

Shachee Mishra, M. Polychronakis

{"title":"SGXPecial","authors":"Shachee Mishra, M. Polychronakis","doi":"10.1145/3447852.3458716","DOIUrl":null,"url":null,"abstract":"Intel SGX is a hardware-based trusted execution technology that partitions an application into trusted and untrusted parts. The trusted part, known as an enclave, executes within an encrypted memory environment, preventing the host application and the OS from being able to access its memory. The enclave, however, has the ability to access the host's memory. When considering malicious code running in an enclave, the strong memory isolation and encryption properties offered may aid the stealthiness of malware, since malware detection tools cannot inspect the enclave. The enclave and the host communicate over bi-directional interfaces that the Intel SGX SDK generates. In this work, we present SGXPecial, a best-effort interface specialization tool that statically analyzes both the host and the enclave to generate interfaces tailored only to their needs. SGXPecial is implemented as an extension to the Edger8r tool of the SGX SDK, and performs API specialization at build time. In particular, SGXPecial performs function, argument, and type-based specialization to restrict the valid control flows across the host-to-enclave boundary. We evaluate SGXPecial's security impact by testing it on SGX SDK sample applications and four open-source SGX applications. SGXPecial effectively prevents five proof-of-concept code reuse attacks in all tested applications.","PeriodicalId":329372,"journal":{"name":"Proceedings of the 14th European Workshop on Systems Security","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 14th European Workshop on Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3447852.3458716","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Intel SGX is a hardware-based trusted execution technology that partitions an application into trusted and untrusted parts. The trusted part, known as an enclave, executes within an encrypted memory environment, preventing the host application and the OS from being able to access its memory. The enclave, however, has the ability to access the host's memory. When considering malicious code running in an enclave, the strong memory isolation and encryption properties offered may aid the stealthiness of malware, since malware detection tools cannot inspect the enclave. The enclave and the host communicate over bi-directional interfaces that the Intel SGX SDK generates. In this work, we present SGXPecial, a best-effort interface specialization tool that statically analyzes both the host and the enclave to generate interfaces tailored only to their needs. SGXPecial is implemented as an extension to the Edger8r tool of the SGX SDK, and performs API specialization at build time. In particular, SGXPecial performs function, argument, and type-based specialization to restrict the valid control flows across the host-to-enclave boundary. We evaluate SGXPecial's security impact by testing it on SGX SDK sample applications and four open-source SGX applications. SGXPecial effectively prevents five proof-of-concept code reuse attacks in all tested applications.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 14th European Workshop on Systems Security

自引率

0.00%

发文量