Memory access pattern randomization to defend against a controlled-channel attack통제된 채널 공격을 방어하기 위한 메모리 접근 패턴 랜덤화
New hardware features such as Intel SGX provide trusted execution environments for user processes called enclaves running on top of an untrusted OS. However, recent studies showed that such protected enclaves are vulnerable to controlled-channel attack, which uses page faults to get memory access patterns. Controlled-channel attack infers an enclave’s control flow or sensitive data from the observed memory access patterns. Several defense techniques including software-based and hardware-based approaches are proposed, but a state-of-the-art study proposed a new way of getting memory access pattern of an enclave without incurring page faults.
This paper randomizes the memory access pattern of an enclave through fine-grained ASLR and annotated data layout randomization. Even a potentially malicious OS can observe memory access patterns of an enclave, it is hard to infer valuable information from them. We demonstrated that our defense method protects AES from controlled-channel attack with little performance overhead.
- Advisors
- Shin, Insikresearcher; 신인식researcher
- Description
- 한국과학기술원 :전산학부,
- Publisher
- 한국과학기술원
- Issue Date
- 2018
- Identifier
- 325007
- Language
- eng
- Description
학위논문(석사) - 한국과학기술원 : 전산학부, 2018.2,[iv, 21 p. :]
- Keywords
Intel SGX▼aControlled-channel Attack▼aASLR▼aSide-channel▼aRandomization▼aPage fault; Intel SGX▼a통제된 채널 공격▼a랜덤화▼a페이지 오류
- Appears in Collection
- CS-Theses_Master(석사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.