Innovative instructions and software model for isolated execution

Mckeen, Frank; Alexandrovich, Ilya; Berenzon, Alex; Rozas, Carlos; Shafi, Hisham; Shanbhogue, Vedvyas; Savagaonkar, Uday

doi:10.1145/2487726.2488368

Cited by 859 publications

(621 citation statements)

References 7 publications

Supporting

Mentioning

594

Contrasting

Unclassified

Order By: Relevance

“…CRAs, including both return-oriented [57] and jump-oriented [11] variations remain open vulnerabilities and active research topics, despite some promising solutions [48,70,36,37]. An orthogonal line of research pursues protection of application secrets even in the presence of compromised system software layers and malware [23,25,42].…”

Section: Related Workmentioning

confidence: 99%

Malware-aware processors: A framework for efficient online malware detection

Özsoy

Donovick

Gorelik

et al. 2015

2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA)

117

View full text Add to dashboard Cite

Security exploits and ensuant malware pose an increasing challenge to computing systems as the variety and complexity of attacks continue to increase. In response, software-based malware detection tools have grown in complexity, thus making it computationally difficult to use them to protect systems in real-time. Therefore, software detectors are applied selectively and at a low frequency, creating opportunities for malware to remain undetected. In this paper, we propose Malware-Aware Processors (MAP) -processors augmented with an online hardware-based detector to serve as the first line of defense to differentiate malware from legitimate programs. The output of this detector helps the system prioritize how to apply more expensive software-based solutions. The always-on nature of MAP detector helps protect against intermittently operating malware. Our work improves on the state of the art in the following ways: (1) We define and explore the use of sub-semantic features for online detection of malware. (2) We explore hardware implementations and show that simple classifiers appropriate for such implementations can effectively classify malware. We also study different classifiers, develop implementation optimizations, and explore complexity to performance trade-offs. (3) We propose a two-level detection framework where the hardware classifier prioritizes the work of a more accurate but more expensive software defense mechanism. (4) We integrate the MAP implementation with an open-source x86-compatible core, synthesizing the resulting design to run on an FPGA.

show abstract

Section: Related Workmentioning

confidence: 99%

Malware-aware processors: A framework for efficient online malware detection

Özsoy

Donovick

Gorelik

et al. 2015

2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA)

117

View full text Add to dashboard Cite

show abstract

“…Durante a inicialização, umá area contígua de memória, denominada Processor Reserved Memory (PRM),é reservada para prover todas as funcionalidades e restrições ao sistema de enclaves [4] [5]. A PRM possui garantia de segurança contra qualquer tipo de acesso, seja este do Sistema Operacional (SO) ou do Hypervisor.…”

Section: Intel Software Guard Extensionsunclassified

“…A PRM possui garantia de segurança contra qualquer tipo de acesso, seja este do Sistema Operacional (SO) ou do Hypervisor. A criação de um enclave parte da execução pelo SO da instrução ECREATE [4], que tem como primeira ação reservar uma página na Enclave Page Cache (EPC), estrutura utilizada para alocação de memória para o enclave e demais informações de controle. A EPC, internaà PRM,é dividida em páginas para viabilizar múltiplos enclaves.…”

Section: Intel Software Guard Extensionsunclassified

Avaliação do Intel Software Guard Extensions via Emulação

Spohn

Trebien

2018

RITA

View full text Add to dashboard Cite

Abstract:The Intel Software Guard Extensions (SGX) technology, recently introduced in the new generations of x86 processors, allows the execution of applications in a fully protected environment (i.e., within enclaves). Because it is a recent technology, machines that rely on this technology are still a minority. In order to evaluate the SGX, an emulator of this technology (called OpenSGX) implements and replicates the main functionalities and structures used in SGX. The focus is to evaluate the resulting overhead from running an application within an environment with emulated SGX. For the evaluation, benchmark applications from the MiBench platform were employed. As performance metrics, we gathered the total number of instructions and the total number of CPU cycles for the execution of each application with and without OpenSGX. Keywords: trusted execution environment -software guard extensions -emulator Resumo: Ao permitir a execução de aplicações em um contexto totalmente protegido (i.e., dentro de enclaves), amplia-se as possibilidades para as novas gerações de processadores Intel da família x86 com a extensão Software Guard Extensions (SGX). Por se tratar de uma tecnologia recente, as máquinas que contam com essa tecnologia ainda são minoria. Objetivando avaliar o SGX, utilizou-se um emulador dessa tecnologia denominado OpenSGX, o qual implementa e reproduz as principais funcionalidades e estruturas utilizadas no SGX. O enfoque consistiu em avaliar o overhead, em termos de processamento, resultante da execução de uma aplicação em um ambiente com o SGX emulado. Para a avaliação, empregou-se aplicações de benchmark da plataforma MiBench, modificando-as para compatibilizar a execução em enclaves no OpenSGX. Como métricas de desempenho, coletou-se o número total de instruções e o número total de ciclos de CPU para a execução completa de cada aplicação com e sem o OpenSGX. IntroduçãoAs tecnologias de hardware voltadasà computação confiável disponibilizam recursos e mecanismos para a criação e manutenção de ambientes de execução confiável (Trusted Execution Environment, TEE). Considera-se, de modo geral, que a execuçãoé confiável em ambientes onde o controle sobre o sistemaé pleno [1]. Recursos de TEE não constam, habitualmente, em processadores populares (e.g., família Intel x86). No entanto, a Intel introduziu, em agosto de 2015, a extensão denominada Software Guard Extensions (SGX) a partir da sexta geração da família x86, propondo-se como uma plataforma padrão de TEE nos processadores Intel.Com o SGX, possibilita-se o isolamento da aplicação no momento de sua execução, utilizando-se estruturas a nível de hardware denominadas de enclaves. Estes são implementados para garantir a integridade e privacidade das informações durante todo o processamento, até mesmo em eventuais comprometimentos do sistema operacional ou do hipervisor. A proposta traz implicações diretas ao paradigma de computação nas nuvens (i.e., cloud computing), possibilitando ofertar garantias de integridade e privacidadeàs aplicações em níveis n...

show abstract

“…An interesting direction recently taken by Intel is developing a mutual distrust model for hardware memory protection, called Software Guard Extensions (SGX) [21,50,70]. SGX allows an OS or hypervisor to manage virtual-to-physical OS mappings for an application, but the lower-level software cannot access memory contents.…”

Section: B Hardware Support For Securitymentioning

confidence: 99%

SoK: Introspections on Trust and the Semantic Gap

Jain

Baig

Zhang

et al. 2014

2014 IEEE Symposium on Security and Privacy

View full text Add to dashboard Cite

Abstract-An essential goal of Virtual Machine Introspection (VMI) is assuring security policy enforcement and overall functionality in the presence of an untrustworthy OS. A fundamental obstacle to this goal is the difficulty in accurately extracting semantic meaning from the hypervisor's hardwarelevel view of a guest OS, called the semantic gap. Over the twelve years since the semantic gap was identified, immense progress has been made in developing powerful VMI tools.Unfortunately, much of this progress has been made at the cost of reintroducing trust into the guest OS, often in direct contradiction to the underlying threat model motivating the introspection. Although this choice is reasonable in some contexts and has facilitated progress, the ultimate goal of reducing the trusted computing base of software systems is best served by a fresh look at the VMI design space.This paper organizes previous work based on the essential design considerations when building a VMI system, and then explains how these design choices dictate the trust model and security properties of the overall system. The paper then observes portions of the VMI design space which have been under-explored, as well as potential adaptations of existing techniques to bridge the semantic gap without trusting the guest OS.Overall, this paper aims to create an essential checkpoint in the broader quest for meaningful trust in virtualized environments through VM introspection.

show abstract

Innovative instructions and software model for isolated execution

Cited by 859 publications

References 7 publications

Malware-aware processors: A framework for efficient online malware detection

Malware-aware processors: A framework for efficient online malware detection

Avaliação do Intel Software Guard Extensions via Emulação

SoK: Introspections on Trust and the Semantic Gap

Contact Info

Product

Resources

About