Annual Computer Security Applications Conference最新文献_第2页

Digit Semantics based Optimization for Practical Password Cracking Tools 基于数字语义的实用密码破解工具优化

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3488025

Haodong Zhang, Chuanwang Wang, Wenqiang Ruan, Junjie Zhang, Ming Xu, Weili Han

{"title":"Digit Semantics based Optimization for Practical Password Cracking Tools","authors":"Haodong Zhang, Chuanwang Wang, Wenqiang Ruan, Junjie Zhang, Ming Xu, Weili Han","doi":"10.1145/3485832.3488025","DOIUrl":"https://doi.org/10.1145/3485832.3488025","url":null,"abstract":"Users usually create their passwords with meaningful digits, i.e. digit semantics, which can be partially exploited by probabilistic password guessing models with a data-driven methodology for better efficiency. However, these semantics are largely ignored by current practical password cracking tools, like John the Ripper (JtR) and Hashcat. In this paper, we are motivated to study the digit semantics in passwords and exploit them to improve the guessing efficiency of practical password cracking tools. We first design a practical extraction tool of digit semantics in passwords. Then we conduct a comprehensive empirical analysis of the digit semantics in four large-scale password sets leaked from the real world. Based on the analysis results, we further propose two new operations (the basic unit to construct mangling rules), then generate 1,974 digit semantics rules constructed from them. Moreover, in order to enforce semantics rules in JtR and Hashcat, we optimize their rule engines and running logic with the compatibility of the original built-in operations. The evaluation on the real password sets shows the significant advantage of digit semantics rules to extend current typical rule sets when we crack both Chinese and English (two of the largest user groups) passwords with digit strings.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125313928","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3

DistAppGaurd: Distributed Application Behaviour Profiling in Cloud-Based Environment distappguard:基于云环境的分布式应用程序行为分析

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3485907

M. Ghorbani, F. F. Moghaddam, Mengyuan Zhang, M. Pourzandi, K. Nguyen, M. Cheriet

{"title":"DistAppGaurd: Distributed Application Behaviour Profiling in Cloud-Based Environment","authors":"M. Ghorbani, F. F. Moghaddam, Mengyuan Zhang, M. Pourzandi, K. Nguyen, M. Cheriet","doi":"10.1145/3485832.3485907","DOIUrl":"https://doi.org/10.1145/3485832.3485907","url":null,"abstract":"Today, Machine Learning (ML) techniques are increasingly used to detect abnormal behaviours of industrial applications. Since many of these applications are moving to the cloud environments, classical ML approaches are facing new challenges in accurately identifying abnormal behaviours due to the highly dynamic and heterogeneous nature of the cloud. In this paper, we propose a novel framework, DistAppGaurd, for profiling simultaneously the behaviour of all microservice components of a distributed application in the cloud. The framework can therefore, detect complex attacks that are not observable by monitoring a single process or a single microservice. DistAppGaurd utilizes the system calls executed by all the processes of an application to build a graph consisting of data exchanges among different application entities (e.g., processes and files) representing the behaviour of the application. This representation is then used by our novel miroservice-aware Autoencoder model to perform anomaly detection at runtime. The efficiency and feasibility of our approach is shown by implementing several different real-world attacks, which yields high detection rates (94%-97%) at 0.01% false alarm rate.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133302600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

A Look Back on a Function Identification Problem 一个功能识别问题的回顾

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3488018

Hyungjoon Koo, Soyeon Park, Taesoo Kim

{"title":"A Look Back on a Function Identification Problem","authors":"Hyungjoon Koo, Soyeon Park, Taesoo Kim","doi":"10.1145/3485832.3488018","DOIUrl":"https://doi.org/10.1145/3485832.3488018","url":null,"abstract":"A function recognition problem serves as a basis for further binary analysis and many applications. Although common challenges for function detection are well known, prior works have repeatedly claimed a noticeable result with a high precision and recall. In this paper, we aim to fill the void of what has been overlooked or misinterpreted by closely looking into the previous datasets, metrics, and evaluations with varying case studies. Our major findings are that i) a common corpus like GNU utilities is insufficient to represent the effectiveness of function identification, ii) it is difficult to claim, at least in the current form, that an ML-oriented approach is scientifically superior to deterministic ones like IDA or Ghidra, iii) the current metrics may not be reasonable enough to measure varying function detection cases, and iv) the capability of recognizing functions depends on each tool’s strategic or peculiar choice. We perform re-evaluation of existing approaches on our own dataset, demonstrating that not a single state-of-the-art tool dominates all the others. In conclusion, a function detection problem has not yet been fully addressed, and we need a better methodology and metric to make advances in the field of function identification.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"198 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132350708","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 8

What’s in a Cyber Threat Intelligence sharing platform?: A mixed-methods user experience investigation of MISP 网络威胁情报共享平台里有什么?: MISP的混合用户体验调查

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3488030

Borce Stojkovski, G. Lenzini, Vincent Koenig, S. Rivas

{"title":"What’s in a Cyber Threat Intelligence sharing platform?: A mixed-methods user experience investigation of MISP","authors":"Borce Stojkovski, G. Lenzini, Vincent Koenig, S. Rivas","doi":"10.1145/3485832.3488030","DOIUrl":"https://doi.org/10.1145/3485832.3488030","url":null,"abstract":"The ever-increasing scale and complexity of cyber attacks and cyber-criminal activities necessitate secure and effective sharing of cyber threat intelligence (CTI) among a diverse set of stakeholders and communities. CTI sharing platforms are becoming indispensable tools for cooperative and collaborative cybersecurity. Nevertheless, despite the growing research in this area, the emphasis is often placed on the technical aspects, incentives, or implications associated with CTI sharing, as opposed to investigating challenges encountered by users of such platforms. To date, user experience (UX) aspects remain largely unexplored. This paper offers a unique contribution towards understanding the constraining and enabling factors of security information sharing within one of the leading platforms. MISP is an open source CTI sharing platform used by more than 6,000 organizations worldwide. As a technically-advanced CTI sharing platform it aims to cater for a diverse set of security information workers with distinct needs and objectives. In this respect, MISP has to pay an equal amount of attention to the UX in order to maximize and optimize the quantity and quality of threat information that is contributed and consumed. Using mixed methods we shed light on the strengths and weaknesses of MISP from an end-users’ perspective and discuss the role UX could play in effective CTI sharing. We conclude with an outline of future work and open challenges worth further exploring in this nascent, yet highly important socio-technical context.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134416058","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 6

Time to Rethink the Design of Qi Standard? Security and Privacy Vulnerability Analysis of Qi Wireless Charging 是时候重新思考Qi标准的设计了?Qi无线充电安全与隐私漏洞分析

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3485839

Yi Wu, Zhuohang Li, Nicholas Van Nostrand, Jian Liu

{"title":"Time to Rethink the Design of Qi Standard? Security and Privacy Vulnerability Analysis of Qi Wireless Charging","authors":"Yi Wu, Zhuohang Li, Nicholas Van Nostrand, Jian Liu","doi":"10.1145/3485832.3485839","DOIUrl":"https://doi.org/10.1145/3485832.3485839","url":null,"abstract":"With the ever-growing deployment of Qi wireless charging for mobile devices, the potential impact of its vulnerabilities is an increasing concern. In this paper, we conduct the first thorough study to explore its potential security and privacy vulnerabilities. Due to the open propagation property of electromagnetic signals as well as the non-encrypted Qi communication channel, we demonstrate that the Qi communication established between the charger (i.e., a charging pad) and the charging device (i.e., a smartphone) could be non-intrusively interfered with and eavesdropped. In particular, we build two types of attacks: 1) Hijacking Attack: through stealthily placing an ultra-thin adversarial coil on the wireless charger’s surface, we show that an adversary is capable of hijacking the communication channel via injecting malicious Qi messages to further control the entire charging process as they desire; and 2) Eavesdropping Attack: by sticking an adversarial coil underneath the surface (e.g., a table) on which the charger is placed, the adversary can eavesdrop Qi messages and further infer the device’s running activities while it is being charged. We validate these proof-of-concept attacks using multiple commodity smartphones and 14 commonly used calling and messaging apps. The results show that our designed hijacking attack can cause overcharging, undercharging, and paused charging, etc., potentially leading to more significant damage to the battery (e.g., overheating, reducing battery life, or explosion). In addition, the designed eavesdropping attack can achieve a high accuracy in detecting and identifying the running app activities (e.g., over 95.56% and 85.80% accuracy for calling apps and messaging apps, respectively). Our work brings to light a fundamental design vulnerability in the currently-deployed wireless charging architecture, which may put people’s security and privacy at risk while wirelessly recharging their smartphones.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130326742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 6

Physical Logic Bombs in 3D Printers via Emerging 4D Techniques 物理逻辑炸弹在3D打印机通过新兴的4D技术

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3485880

Tuan Le, Sriharsha Etigowni, Sizhuang Liang, Xirui Peng, Jerry H Qi, M. Javanmard, S. Zonouz, R. Beyah

{"title":"Physical Logic Bombs in 3D Printers via Emerging 4D Techniques","authors":"Tuan Le, Sriharsha Etigowni, Sizhuang Liang, Xirui Peng, Jerry H Qi, M. Javanmard, S. Zonouz, R. Beyah","doi":"10.1145/3485832.3485880","DOIUrl":"https://doi.org/10.1145/3485832.3485880","url":null,"abstract":"Rapid prototyping makes additive manufacturing (or 3D printing) useful in critical application domains such as aerospace, automotive, and medical. The rapid expansion of these applications should prompt the examination of the underlying security of 3D printed objects. In this paper, we present Mystique, a novel class of stealthy attacks on printed objects that leverage the fourth dimension of emerging 4D printing technology to introduce embedded logic bombs through manufacturing process manipulation. Mystique enables visually benign objects to behave maliciously upon the activation of the logic bomb during operation. It leverages the manufacturing process to embed a physical logic bomb that can be triggered with specific stimuli to change the physical and mechanical properties of the printed objects. These changes in properties can potentially cause catastrophic operational failures when the objects are used in critical applications such as drones, prosthesis, or medical applications. We successfully evaluated Mystique on several 3D printing case studies and showed thatMystique can evade prior countermeasures. To address this, we propose two mitigation strategies to defend against Mystique. The first solution focuses on detecting the change of materials such as filament diameters and composition before printing. A dielectric sensor circuit is designed to quantify filament diameters and concentration composition changes. The dielectric sensor can detect a change of 0.1mm in filament diameters and a change of 10% in concentration composition. The second solution attempts to detect 4D attacks by examining the printed object using imaging techniques. To be specific, we performed data-driven classification on high resolution CT images of printed objects. This detection has an accuracy of 94.6% in identifying 4D attacks in a single printing layer.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133129966","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An Exploration of ARM System-Level Cache and GPU Side Channels ARM系统级缓存和GPU侧通道的探索

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3485902

P. Cronin, Xing Gao, Haining Wang, Chase Cotton

{"title":"An Exploration of ARM System-Level Cache and GPU Side Channels","authors":"P. Cronin, Xing Gao, Haining Wang, Chase Cotton","doi":"10.1145/3485832.3485902","DOIUrl":"https://doi.org/10.1145/3485832.3485902","url":null,"abstract":"Advanced RISC Machines (ARM) processors have recently gained market share in both cloud computing and desktop applications. Meanwhile, ARM devices have shifted to a more peripheral based design, wherein designers attach a number of coprocessors and accelerators to the System-on-a-Chip (SoC). By adopting a System-Level Cache, which acts as a shared cache between the CPU-cores and peripherals, ARM attempts to alleviate the memory bottleneck issues that exist between data sources and accelerators. This paper investigates emerging security threats introduced by this new System-Level Cache. Specifically, we demonstrate that the System-Level Cache can still be exploited to create a cache occupancy channel to accurately fingerprint websites. We redesign and optimize the attack for various browsers based on the ARM cache design, which can significantly reduce the attack duration while increasing accuracy. Moreover, we introduce a novel GPU contention channel in mobile devices, which can achieve similar accuracy to the cache occupancy channel. We conduct a thorough evaluation by examining these attacks across multiple devices, including iOS, Android, and MacOS with the new M1 MacBook Air. The experimental results demonstrate that (1) the System-Level Cache based website fingerprinting technique can achieve promising accuracy in both open (up to 90%) and closed (up to 95%) world scenarios, and (2) our GPU contention channel is more effective than the CPU cache channel on Android devices.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122380423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 10

FlexFilt: Towards Flexible Instruction Filtering for Security FlexFilt:实现安全的灵活指令过滤

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3488019

Leila Delshadtehrani, Sadullah Canakci, William Blair, Manuel Egele, A. Joshi

{"title":"FlexFilt: Towards Flexible Instruction Filtering for Security","authors":"Leila Delshadtehrani, Sadullah Canakci, William Blair, Manuel Egele, A. Joshi","doi":"10.1145/3485832.3488019","DOIUrl":"https://doi.org/10.1145/3485832.3488019","url":null,"abstract":"As the complexity of software applications increases, there has been a growing demand for intra-process memory isolation. The commercially available intra-process memory isolation mechanisms in modern processors, e.g., Intel’s memory protection keys, trade-off between efficiency and security guarantees. Recently, researchers have tended to leverage the features with low security guarantees for intra-process memory isolation. Subsequently, they have relied on binary scanning and runtime binary rewriting to prevent the execution of unsafe instructions, which improves the security guarantees. Such intra-process memory isolation mechanisms are not the only security solutions that have to prevent the execution of unsafe instructions in untrusted parts of the code. In fact, we identify a similar requirement in a variety of other security solutions. Although binary scanning and runtime binary rewriting approaches can be leveraged to address this requirement, it is challenging to efficiently implement these approaches. In this paper, we propose an efficient and flexible hardware-assisted feature for runtime filtering of user-specified instructions. This flexible feature, called FlexFilt, assists with securing various isolation-based mechanisms. FlexFilt enables the software developer to create up to 16 instruction domains, where each instruction domain can be configured to filter the execution of user-specified instructions. In addition to filtering unprivileged instructions, FlexFilt is capable of filtering privileged instructions. To illustrate the effectiveness of FlexFilt compared to binary scanning approaches, we measure the overhead caused by scanning the JIT compiled code while browsing various webpages. We demonstrate the feasibility of FlexFilt by implementing our design on the RISC-V Rocket core, providing the Linux kernel support for it, and prototyping our full design on an FPGA.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122396681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Program Obfuscation via ABI Debiasing 通过ABI去偏的程序混淆

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3488017

David Demicco, R. Erinfolami, Aravind Prakash

{"title":"Program Obfuscation via ABI Debiasing","authors":"David Demicco, R. Erinfolami, Aravind Prakash","doi":"10.1145/3485832.3488017","DOIUrl":"https://doi.org/10.1145/3485832.3488017","url":null,"abstract":"The Itanium ABI is the most popular C++ ABI that defines data structures essential to implement underlying object-oriented concepts in C++. Specifically, name mangling rules, object and VTable layouts, alignment, etc. are all mandated by the ABI. Adherence to the ABI comes with undesirable side effects. While it allows interoperability, past research efforts have shown that it provides robust inference points that an attacker can leverage to reveal sensitive design information through binary reverse engineering. In this work, we aim to reduce the ability of an attacker to successfully reverse engineer a binary. We do this via removal of what we call ABI Bias, i.e., the reverse engineering bias that manifests due to a compiler’s adherence to the ABI. Specifically, we identify two types of ABI biases that are central to past reverse engineering works on C++ binaries: VTable ordering bias and Function Pointer bias. We present compiler-based techniques that can correctly and efficiently debias a given binary from the aforementioned biases. We evaluate our proof-of-concept implementation on a corpus of real world programs for binary size, correctness and performance. We report an average increase of 1.42% in binary size compared to the baseline, very low performance overhead and lastly, correct execution of evaluation programs in comparison to the baseline. Finally, we demonstrate efficacy of our approach by hindering DeClassifier, a state-of-the-art C++ reverse engineering framework.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130359926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

TEEKAP: Self-Expiring Data Capsule using Trusted Execution Environment TEEKAP:使用可信执行环境的自动过期数据胶囊

Annual Computer Security Applications Conference Pub Date : 2021-12-06 DOI: 10.1145/3485832.3485919

Mingyuan Gao, Hung Dang, E. Chang

{"title":"TEEKAP: Self-Expiring Data Capsule using Trusted Execution Environment","authors":"Mingyuan Gao, Hung Dang, E. Chang","doi":"10.1145/3485832.3485919","DOIUrl":"https://doi.org/10.1145/3485832.3485919","url":null,"abstract":"Safeguarding privacy in data sharing is challenging, especially when data owners lose control over their data once it is passed to another party. Our work aims to build a data-sharing platform that enables data owners to regain control over their shared data. Specifically, sensitive data is first encapsulated into a data capsule. The platform regulates functional access to the data capsule, i.e., the receiver can compute a predefined function on the data with its input and learns nothing else. The platform also enforces self-expiry of the data capsule. In addition, the data capsule features a notion of “send-and-forget” wherein data owners can go offline after releasing their data capsules. As a result, data capsules can be freely circulated. Each data capsule is associated with an access policy and a usage transcript. The former specifies which functions are eligible to access the protected data and its expiry conditions, whereas the latter is used to determine if the expiry conditions have been met. To regulate functional access, one efficient solution is to employ a Trusted Execution Environment (TEE) with attested execution. Nonetheless, we observe that the use of TEE alone is not sufficient to accomplish self-expiry, for TEEs are vulnerable to rollback attacks via which an adversary could “unwind” the usage transcript of an expired data capsule or double-consume the protected data. Moreover, a straightforward implementation would need a single master key to be resided in the TEE, leading to single-point-of-failure. Our solution, TEEKAP, addresses the challenges by embracing decentralization, employing a committee of independent and mutually distrusting nodes to uphold the integrity of usage transcripts and the confidentiality of encryption keys. TEEKAP integrates TEE, consensus protocol, and threshold secret sharing in a novel way. Experiments conducted in realistic deployment settings on Microsoft Azure show that TEEKAP can process access requests at scale.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"99 10","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114047744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3