[SW Security] OBFSCURO: A Commodity Obfuscation Engine on Intel SGX, Network and Distributed System Security Symposium (NDSS), Feb. 2019

OBFSCURO: A Commodity Obfuscation Engine on Intel SGX, Network and Distributed System Security Symposium (NDSS), Feb. 2019


Adil Ahmad, Byunggill Joe, Yuan Xiao, Yinqian Zhang, Insik Shin, Byoungyoung Lee


본 논문은 Trusted Computing 환경인 SGX 위에서 이론적으로 안전한 프로그램 obfuscation 기술을 제안한다. 프로그램의 데이터플로우, 컨트롤플로우가 모두 Oblivious RAM을 통하여 동작하므로, 최근 알려진 각종 사이드체널 공격 (페이지폴트 기반, 캐쉬 기반, 브랜치 프리딕터 기반 등)에도 안전하다.

0
0

International Papers

HW Security MeetGo: A Trusted Execution Environment for Remote Applications on FPGA (early access), IEEE Access, Mar 2021
SW Security ExpRace: Exploiting Kernel Races through Raising Interrupts (conditional accept), USENIX Security Symposium (Security), August 2021
SW Security Constraint-guided Directed Greybox Fuzzing (conditional accept), USENIX Security Symposium (Security), August 2021
SW Security M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles (to appear), USENIX Security Symposium (Security), August 2021
SW Security KARD: Lightweight Data Race Detection with Per-Thread Memory Protection (to appear), International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), April 2021
SW Security BlackMirror: Preventing Wallhacks in 3D Online FPS Games, ACM Conference on Computer and Communications Security (CCS), Nov 2020
SW Security CrFuzz: Fuzzing Multi-purpose Programs through Input Validation, ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE), Nov 2020
SW Security Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors, ACM Symposium on Cloud Computing (SoCC), Oct 2020
SW Security Exploiting Kernel Races through Taming Thread Interleaving, BlackHat USA, Sep 2020
SW Security A Tale of Two Trees: One Writes, and Other Reads. Optimized Oblivious Accesses to Large-Scale Blockchains, Privacy Enhancing Technologies Symposium (PETS), July 2020
SW Security HFL: Hybrid Fuzzing on the Linux Kernel, Network and Distributed System Security Symposium (NDSS), Feb 2020
SW Security SBGen: A Framework to Efficiently Supply Runtime Information for a Learning-based HIDS for Multiple Virtual Machines(early access), IEEE Access, Nov 2020
HW Security A Metadata-driven Approach to Efficiently Detect Code Reuse Attacks on ARM Multiprocessors, The Journal of Supercomputing, Jan 2021
AI Security Hawkware: Network Intrusion Detection based on Behavior Analysis with ANNs on an IoT Device, Design Automation Conference (DAC), Jul 2020
HW Security TRUSTORE: Side-Channel Resistant Storage for SGX using Intel Hybrid CPU-FPGA, ACM Conference on Computer and Communications Security (CCS), Nov 2020
HW Security MeetGo: A Reconfigurable HW TEE to Build Secure Cryptocurrency Wallet for Remote Users, Design Automation Conference (DAC) WIP, Jul 2020
HW Security ActiMon: Unified JOP and ROP Detection With Active Function Lists on an SoC FPGA, IEEE Access, Dec 2019
SW Security Data Randomization for Multi-Variant Execution Environment, International SoC Design Conference (ISOCC), October 2019
SW Security Towards Efficient Multi-Variant Execution Environment, International SoC Design Conference (ISOCC), October 2019
SW Security All Your Clicks Belong to Me: Investigating Click Interception on the Web (to appear), USENIX Security Symposium (Security), August 2019