DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Deokjin | ko |
dc.contributor.author | Jang, Daehee | ko |
dc.contributor.author | Park, Minjoon | ko |
dc.contributor.author | Jeong, Yunjong | ko |
dc.contributor.author | Kim, Jonghwan | ko |
dc.contributor.author | Choi, Seokjin | ko |
dc.contributor.author | Kang, Brent Byunghoon | ko |
dc.date.accessioned | 2019-03-19T01:49:01Z | - |
dc.date.available | 2019-03-19T01:49:01Z | - |
dc.date.created | 2019-03-11 | - |
dc.date.created | 2019-03-11 | - |
dc.date.issued | 2019-05 | - |
dc.identifier.citation | COMPUTERS & SECURITY, v.82, pp.118 - 139 | - |
dc.identifier.issn | 0167-4048 | - |
dc.identifier.uri | http://hdl.handle.net/10203/251758 | - |
dc.description.abstract | The introduction of Intel Software Guard eXtension (SGX) prompted security researchers to verify its effectiveness. One of the frequently discussed attacks against SGX is the side-channel attack by gathering page-fault information (controlled-channel attack). Owing to SGX's hardware features, the faulting address of the enclave memory is page-masked. Because of this, both the controlled-channel attack and the defenses of SGX are built under the assumption that an attacker observes the memory access attempts of the enclave code with page-granularity. However, Van Bluck et al. recently demonstrated a controlled-channel attack technique which negates the prior assumption of page-granularity. In this paper, we introduce a new class of attack that stems from the reduced controlled-channel granularity, i.e., the Version IDentification attack (VID). The goal of VID attack is identifying the detailed code information inside SGX enclave by analyzing the fine-grained SGX controlled-channel. To protect enclave memory from such attack, we design and implement SGX-LEGO, an automated system that adopts execution polymorphism to the SGX enclave code. Previous defense approaches against controlled-channel attacks can be broadly categorized into two types: (i) disclosing the fault information and (ii) rendering the fault information useless. SGX-LEGO uses the latter approach by permuting the memory access sequence at the instruction level. In SGX-LEGO design, we leverage the concept of code-reuse-programming to overcome the implementation challenges regarding SGX page management. In the evaluation, we show how VID attacks the cryptographic functions, and demonstrate the efficacy of SGX-LEGO in security perspective and performance. (C) 2018 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
dc.title | SGX-LEGO: Fine-grained SGX controlled-channel attack and its countermeasure | - |
dc.type | Article | - |
dc.identifier.wosid | 000459525800008 | - |
dc.identifier.scopusid | 2-s2.0-85059228382 | - |
dc.type.rims | ART | - |
dc.citation.volume | 82 | - |
dc.citation.beginningpage | 118 | - |
dc.citation.endingpage | 139 | - |
dc.citation.publicationname | COMPUTERS & SECURITY | - |
dc.identifier.doi | 10.1016/j.cose.2018.12.001 | - |
dc.contributor.localauthor | Kang, Brent Byunghoon | - |
dc.contributor.nonIdAuthor | Kim, Deokjin | - |
dc.contributor.nonIdAuthor | Jang, Daehee | - |
dc.contributor.nonIdAuthor | Jeong, Yunjong | - |
dc.contributor.nonIdAuthor | Kim, Jonghwan | - |
dc.contributor.nonIdAuthor | Choi, Seokjin | - |
dc.description.isOpenAccess | N | - |
dc.type.journalArticle | Article | - |
dc.subject.keywordAuthor | Operating system | - |
dc.subject.keywordAuthor | Intel SGX | - |
dc.subject.keywordAuthor | Controlled-channel | - |
dc.subject.keywordAuthor | ROP | - |
dc.subject.keywordAuthor | Page fault | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.