SlideShare a Scribd company logo

SnakeGX (full version)

Flavio Toffalini
Flavio Toffalini

Presentation of SnakeGX presented at ACNS (full version)

Science
1 of 32
Download to read offline
SnakeGX: a sneaky attack against SGX Enclaves Flavio Toffalini - Singapore University of Technology and Design Mariano Graziano - Cisco Systems, Inc. Mauro Conti - University of Padua Jianying Zhou - Singapore University of Technology and Design ACNS - June 21-24, 2021 1
Overview - SGX Introduction - Problem description - SnakeGX - Design - Evaluation - Conclusion 2
SGX introduction 3 User-space Kernel-space Enclave Intel Software Guard eXtention (SGX) - Enclaves: isolated memory regions in user-space - Enclaves cannot interact with ring-0 software (i.e., no syscall) - Enclaves can write/read in user-space - User- and kernel-space cannot write/read the enclave space HOW IS THIS ENFORCED? CPU/MMU/Microcode checks. OS-independent design.
Application SGX Software Development Kit Enclave Secure Function 1 Secure Function N ... Code 4 Secure Function 2 SGX SDK organizes the enclave code in secure functions
Problem description - memory corruptions An enclave is prone of memory corruption errors One can force the execution jumping over existing code This hijacks the enclave logic 5 User-space Kernel-space Enclave Payload Correct execution Hijacked execution
Problem description - SGX issues 6 User-space Kernel-space SGX assumes everything outside an Enclave is malicious (e.g., the OS) [1] Usually good, however, the OS must trust an enclave contain bening software A code-reuse attack could alter the enclave logic, without breaking the isolation [2,3,4,5] The OS is not aware of the attack Enclave ? ? ? [1] Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface (SIGARCH 2013) [2] Hacking in Darkness: Return-oriented Programming against Secure Enclaves (Usenix 2017) [3] The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX (Usenix 2018) [4] A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes (CCS 2019) [5] Faulty Point Unit: ABI Poisoning Attacks on Intel SGX (ACSAC 2020)
Current memory attacks State-of-the-art attacks: 7 Forces the enclave to crash and restart multiple times to “guess” the correct attack Dark-ROP (Usenix 2017) Relies on code patterns, no need to crash the enclave It leaves many structures in memory Guard’s Dilemma (Usenix 2018) Introduces a new and unexpected enclave in the system that attracts the intention of the analyst SGX-ROP (Dimva 2019) // not exactly an attack
Current memory attacks State-of-the-art attacks: 8 Forces the enclave to crash and restart multiple times to “guess” the correct attack Dark-ROP (Usenix 2017) Relies on code patterns, no need to crash the enclave It leaves many structures in memory Guard’s Dilemma (Usenix 2018) Introduces a new and unexpected enclave in the system that attracts the intention of the analyst SGX-ROP (Dimva 2019) // not exactly an attack Too noisy Too many traces Add unexpected enclaves
SnakeGX Research question: Is it possible to attack an SGX enclave without being detected by the host OS? Our proposal: a framework to implant a backdoor in legitimate SGX enclaves How? 1) Exploiting SGX isolation to avoid memory-inspection 2) Leaving less traces as possible 9
Application SnakeGX - The plan! Install a backdoor in the victim enclave => add a malicious secure function Enclave Secure Function 1 Secure Function N ... Backdoor Safe code Attacker 10
SnakeGX - The plan! Properties: - Persistent: remains inside the enclave - Stateful: it saves date and takes decision - Interactive: can invoke syscalls Advantages: - No need to repeat an attack - Limited traces in memory - Avoid inspection 11 User-space Kernel-space Enclave Backdoor ➊ ➌ X := 10 ➋ ➊ ➌ ➋
SnakeGX - Design - Overview - Find secure memory location - Payload Installation - Set a payload trigger - Backdoor architecture - Context-switch 12
SnakeGX - Overview 13 User-space Kernel-space Enclave Backdoor Enclave Memory Analysis Payload Installation Payload Triggering ➊ ➌ ➋ ➎ ➍ Context-Switch Backdoor design
Enclave Memory Analysis 14 Virtual address growing direction Enclave stack stack TCS TCS Simplified enclave memory layout Trusted Thread 1 Trusted Thread 2 Select and disarm a trusted thread Doable by inspecting the pages layout ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
Enclave Memory Analysis 15 Enclave stack stack TCS TCS Trusted Thread 2 Goal: find a trusted thread where to install a set of ROP chains. Why? Trusted threads can be disabled. One can block the host invokes a trusted thread. Backdoor The Backdoor! Discussed later... ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Attacker Payload Installation Exploit an enclave memory error! Not need a specific technique 3 Goals: copy backdoor inside enclave set the payload trigger resume enclave execution 16 ➊ ➌ ➋ Enclave Backdoor ➊ Trigger ➋ ➌ Normal application execution
➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Set Payload Trigger (from SGX SDK) 17 Untrusted oret(outside_function1) Enclave ecall(secure_function1) ocall(outside_function1) eret(secure_function1) main() { ecall(secure_function1); } outside_function1() { write_file(); } secure_function1() { enclave_logic(); ocall(outside_function); other_logic(); } Time
Untrusted oret(outside_function1) Enclave ecall(secure_function1) ocall(outside_function1) eret(secure_function1) main() { ecall(secure_function1); } outside_function1() { write_file(); } secure_function1() { enclave_logic(); ocall(outside_function); other_logic(); } Time Set Payload Trigger (from SGX SDK) 18 We are going to investigate these parts ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
Set Payload Trigger Enclave Untrusted Code Secure Function Main Process Outside Function do_oret ocall_context do_ocall ECALL OCALL ORET entry-point Secure Functions ocall_context => a structure to restore secure function execution do_ocall => generates a ocall_context do_oret => consume a ocall_context 19 ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
Set Payload Trigger Enclave Untrusted Code Main Process Outside Function ECALL OCALL entry-point Secure Functions GOAL: inject a fake ocall_context that trigger code-reuse payload inside the enclave 20 ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch do_oret do_ocall Secure Function ocall_context ocall_context => a structure to restore secure function execution do_ocall => generates a ocall_context do_oret => consume a ocall_context ORET
Set Payload Trigger 21 Application Install a backdoor in the victim enclave => add a malicious secure function Enclave Backdoor Attacker ORET ocall_context do_oret ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Backdoor architecture 22 TLS (inside the enclave) FakeFrame Workspace Backup ROP-chains ROP-chains fake ocall_context fake ocall_context Buffer Enclave stack stack TCS TCS Trusted Thread
Backdoor architecture 23 TLS (inside the enclave) FakeFrame Workspace Backup ROP-chains ROP-chains fake ocall_context fake ocall_context Buffer For status and temporary variables Actual ROP chains executed ROP chains and structure copies for restoring For the trigger ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Context-switch Goal: the payload should interact with the OS without losing the enclave control Intuition: split the payload in ROP chains inside and outside the enclave 24 User-space Kernel-space Enclave Oc P1 P2 Attacker ORET ORET Note: P1 , P2 : split the payload in 2 parts Oc : outside chain temporary copied in user-space and erased after usage
SnakeGX - a recap 25 User-space Kernel-space Enclave Backdoor Enclave Memory Analysis Payload Installation Payload Triggering ➊ ➌ ➋ ➎ ➍ Context-Switch Backdoor design
The Evaluation - Use Case: StealthDB - Traces measurement and comparison with SotA 26
Use Case: StealthDB StealthDB1 is a PostgreSQL extension to perform homomorphic-like encryption by using SGX enclaves Application Enclave Secure Function Backdoor Safe code Attacker P_Key (AES key) backdoor() { if (P_Key is changed) exfiltrate(P_Key) } ORET ECALL 27 [1] https://github.com/cryptograph/stealthdb/
Use Case: StealthDB 28 Analysis Payload P1 : checks status and in case exfiltrates P_Key Oc : write P_Key on a socket P2 : restores the payload for a next execution Application Enclave P1 Attacker P_Key (AES key) P1 () { if (P_Key is changed) exfiltrate(P_Key) } ORET OC P2 ORET socket
Traces measurement Payload: Trigger: 29 Chain #functions/syscall #gadget Size [B] P1 27 23 2816 Oc 13 7 1232 P2 4 20 312 sum 44 50 4360 Chain #functions/syscall #gadget Size [B] trigger 0 4 56
Traces measurement Payload: Trigger: 30 Chain #functions/syscall #gadget Size [B] P1 27 23 2816 Oc 13 7 1232 P2 4 20 312 sum 44 50 4360 Chain #functions/syscall #gadget Size [B] trigger 0 4 56 Takeaway: Payload size: 4360B Trigger size: 56B size(Trigger) << size(Payload) Less traces to inspect through memory-forensic techniques
Conclusion Before - Current SGX malware introduces unexpected enclaves in the system - Current one-shot-attacks need to repeat the attack(and leave traces in memory) Now - Infecting legitimate enclaves (no new enclaves) - SnakeGX hide most of the logic inside the enclave (more challenging to detect) 31
Thanks for your attention 32 Have a look at our PoC: https://github.com/tregua87/snakegx

Recommended

SnakeGX (short version)
SnakeGX (short version)SnakeGX (short version)
SnakeGX (short version)Flavio Toffalini
 
Cloud Security with LibVMI
Cloud Security with LibVMICloud Security with LibVMI
Cloud Security with LibVMITamas K Lengyel
 
Hacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectHacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectTamas K Lengyel
 
Hardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxHardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxSecurity Session
 
Malware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationMalware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationTamas K Lengyel
 
How Your DRAM Becomes a Security Problem
How Your DRAM Becomes a Security ProblemHow Your DRAM Becomes a Security Problem
How Your DRAM Becomes a Security Problemmark-smith
 
[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devices
[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devices[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devices
[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devicessrkedmi
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
 

Recommended

SnakeGX (short version)
SnakeGX (short version)SnakeGX (short version)
SnakeGX (short version)Flavio Toffalini
 
Cloud Security with LibVMI
Cloud Security with LibVMICloud Security with LibVMI
Cloud Security with LibVMITamas K Lengyel
 
Hacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectHacktivity2014: Virtual Machine Introspection to Detect and Protect
Hacktivity2014: Virtual Machine Introspection to Detect and ProtectTamas K Lengyel
 
Hardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxHardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxSecurity Session
 
Malware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationMalware Collection and Analysis via Hardware Virtualization
Malware Collection and Analysis via Hardware VirtualizationTamas K Lengyel
 
How Your DRAM Becomes a Security Problem
How Your DRAM Becomes a Security ProblemHow Your DRAM Becomes a Security Problem
How Your DRAM Becomes a Security Problemmark-smith
 
[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devices
[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devices[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devices
[Blackhat EU'14] Attacking the Linux PRNG on Android and Embedded Devicessrkedmi
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
 
ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT SuiteShota Shinogi
 
Side Channel Attacks on AES
Side Channel Attacks on AESSide Channel Attacks on AES
Side Channel Attacks on AESRavi Prakash Giri
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CanSecWest
 
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch ProtectionsNSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch ProtectionsNoSuchCon
 
Software security
Software securitySoftware security
Software securityRoman Oliynykov
 
Secure coding for developers
Secure coding for developersSecure coding for developers
Secure coding for developerssluge
 
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Remotely Compromising iOS via Wi-Fi and Escaping the SandboxRemotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Remotely Compromising iOS via Wi-Fi and Escaping the Sandboxmark-smith
 
Hacking Blind
Hacking BlindHacking Blind
Hacking BlindNikitaAndhale
 
Использование KASan для автономного гипервизора
Использование KASan для автономного гипервизораИспользование KASan для автономного гипервизора
Использование KASan для автономного гипервизораPositive Hack Days
 
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...RootedCON
 
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar44CON
 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?inaz2
 
31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine IntrospectionTamas K Lengyel
 
Stealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisStealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisTamas K Lengyel
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTamas K Lengyel
 
SAST and Application Security: how to fight vulnerabilities in the code
SAST and Application Security: how to fight vulnerabilities in the codeSAST and Application Security: how to fight vulnerabilities in the code
SAST and Application Security: how to fight vulnerabilities in the codeAndrey Karpov
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]Alex Pruden
 
1300 david oswald id and ip theft with side-channel attacks
1300 david oswald id and ip theft with side-channel attacks1300 david oswald id and ip theft with side-channel attacks
1300 david oswald id and ip theft with side-channel attacksPositive Hack Days
 
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other AttacksExploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacksinside-BigData.com
 
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Maksim Shudrak
 
SGXMonitor Presentation - ACSAC 2022
SGXMonitor Presentation - ACSAC 2022SGXMonitor Presentation - ACSAC 2022
SGXMonitor Presentation - ACSAC 2022Flavio Toffalini
 
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, IntelXPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, IntelThe Linux Foundation
 

More Related Content

What's hot

CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CanSecWest
 
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch ProtectionsNSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch ProtectionsNoSuchCon
 
Secure coding for developers
Secure coding for developersSecure coding for developers
Secure coding for developerssluge
 
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Remotely Compromising iOS via Wi-Fi and Escaping the SandboxRemotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Remotely Compromising iOS via Wi-Fi and Escaping the Sandboxmark-smith
 
Использование KASan для автономного гипервизора
Использование KASan для автономного гипервизораИспользование KASan для автономного гипервизора
Использование KASan для автономного гипервизораPositive Hack Days
 
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...RootedCON
 
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar44CON
 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?inaz2
 
31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine IntrospectionTamas K Lengyel
 
Stealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisStealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisTamas K Lengyel
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTamas K Lengyel
 
SAST and Application Security: how to fight vulnerabilities in the code
SAST and Application Security: how to fight vulnerabilities in the codeSAST and Application Security: how to fight vulnerabilities in the code
SAST and Application Security: how to fight vulnerabilities in the codeAndrey Karpov
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]Alex Pruden
 
1300 david oswald id and ip theft with side-channel attacks
1300 david oswald id and ip theft with side-channel attacks1300 david oswald id and ip theft with side-channel attacks
1300 david oswald id and ip theft with side-channel attacksPositive Hack Days
 
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other AttacksExploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacksinside-BigData.com
 
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Maksim Shudrak
 

What's hot (20)

ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT Suite
 
Side Channel Attacks on AES
Side Channel Attacks on AESSide Channel Attacks on AES
Side Channel Attacks on AES
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
 
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch ProtectionsNSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
NSC #2 - D2 01 - Andrea Allievi - Windows 8.1 Patch Protections
 
Software security
Software securitySoftware security
Software security
 
Secure coding for developers
Secure coding for developersSecure coding for developers
Secure coding for developers
 
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Remotely Compromising iOS via Wi-Fi and Escaping the SandboxRemotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
 
Hacking Blind
Hacking BlindHacking Blind
Hacking Blind
 
Использование KASan для автономного гипервизора
Использование KASan для автономного гипервизораИспользование KASan для автономного гипервизора
Использование KASan для автономного гипервизора
 
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
 
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar
 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?
 
31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection31c3 Presentation - Virtual Machine Introspection
31c3 Presentation - Virtual Machine Introspection
 
Stealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware AnalysisStealthy, Hypervisor-based Malware Analysis
Stealthy, Hypervisor-based Malware Analysis
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUF
 
SAST and Application Security: how to fight vulnerabilities in the code
SAST and Application Security: how to fight vulnerabilities in the codeSAST and Application Security: how to fight vulnerabilities in the code
SAST and Application Security: how to fight vulnerabilities in the code
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
 
1300 david oswald id and ip theft with side-channel attacks
1300 david oswald id and ip theft with side-channel attacks1300 david oswald id and ip theft with side-channel attacks
1300 david oswald id and ip theft with side-channel attacks
 
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other AttacksExploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
Exploiting Modern Microarchitectures: Meltdown, Spectre, and other Attacks
 
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
 

Similar to SnakeGX (full version)

SGXMonitor Presentation - ACSAC 2022
SGXMonitor Presentation - ACSAC 2022SGXMonitor Presentation - ACSAC 2022
SGXMonitor Presentation - ACSAC 2022Flavio Toffalini
 
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, IntelXPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, IntelThe Linux Foundation
 
IoT exploitation: from memory corruption to code execution by Marco Romano
IoT exploitation: from memory corruption to code execution by Marco RomanoIoT exploitation: from memory corruption to code execution by Marco Romano
IoT exploitation: from memory corruption to code execution by Marco RomanoCodemotion
 
IoT exploitation: from memory corruption to code execution - Marco Romano - C...
IoT exploitation: from memory corruption to code execution - Marco Romano - C...IoT exploitation: from memory corruption to code execution - Marco Romano - C...
IoT exploitation: from memory corruption to code execution - Marco Romano - C...Codemotion
 
Your House is My House: Use of Offensive Enclaves In Adversarial Operations
Your House is My House: Use of Offensive Enclaves In Adversarial OperationsYour House is My House: Use of Offensive Enclaves In Adversarial Operations
Your House is My House: Use of Offensive Enclaves In Adversarial OperationsDimitry Snezhkov
 
[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...
[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...
[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...CODE BLUE
 
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...The Linux Foundation
 
[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory Analysis[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory AnalysisMoabi.com
 
ARM IoT Firmware Emulation Workshop
ARM IoT Firmware Emulation WorkshopARM IoT Firmware Emulation Workshop
ARM IoT Firmware Emulation WorkshopSaumil Shah
 
Containers Sandboxing (KubeCon 2018)
Containers Sandboxing (KubeCon 2018)Containers Sandboxing (KubeCon 2018)
Containers Sandboxing (KubeCon 2018)Ariel Shuper
 
[Ruxcon 2011] Post Memory Corruption Memory Analysis
[Ruxcon 2011] Post Memory Corruption Memory Analysis[Ruxcon 2011] Post Memory Corruption Memory Analysis
[Ruxcon 2011] Post Memory Corruption Memory AnalysisMoabi.com
 
[Kiwicon 2011] Post Memory Corruption Memory Analysis
[Kiwicon 2011] Post Memory Corruption Memory Analysis[Kiwicon 2011] Post Memory Corruption Memory Analysis
[Kiwicon 2011] Post Memory Corruption Memory AnalysisMoabi.com
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
[HITB Malaysia 2011] Exploit Automation
[HITB Malaysia 2011] Exploit Automation[HITB Malaysia 2011] Exploit Automation
[HITB Malaysia 2011] Exploit AutomationMoabi.com
 
Replatforming Legacy Packaged Applications: Block-by-Block with Minecraft
Replatforming Legacy Packaged Applications: Block-by-Block with MinecraftReplatforming Legacy Packaged Applications: Block-by-Block with Minecraft
Replatforming Legacy Packaged Applications: Block-by-Block with MinecraftVMware Tanzu
 
The Silence of the Canaries
The Silence of the CanariesThe Silence of the Canaries
The Silence of the CanariesKernel TLV
 
BlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel Protector
BlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel ProtectorBlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel Protector
BlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel ProtectorSeunghun han
 
DevDay: Managing Private Algorithms in SGX Enclaves, University of Oxford
DevDay: Managing Private Algorithms in SGX Enclaves, University of OxfordDevDay: Managing Private Algorithms in SGX Enclaves, University of Oxford
DevDay: Managing Private Algorithms in SGX Enclaves, University of OxfordR3
 
Secure container: Kata container and gVisor
Secure container: Kata container and gVisorSecure container: Kata container and gVisor
Secure container: Kata container and gVisorChing-Hsuan Yen
 

Similar to SnakeGX (full version) (20)

SGXMonitor Presentation - ACSAC 2022
SGXMonitor Presentation - ACSAC 2022SGXMonitor Presentation - ACSAC 2022
SGXMonitor Presentation - ACSAC 2022
 
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, IntelXPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
XPDDS17: Introduction to Intel SGX and SGX Virtualization - Kai Huang, Intel
 
IoT exploitation: from memory corruption to code execution by Marco Romano
IoT exploitation: from memory corruption to code execution by Marco RomanoIoT exploitation: from memory corruption to code execution by Marco Romano
IoT exploitation: from memory corruption to code execution by Marco Romano
 
IoT exploitation: from memory corruption to code execution - Marco Romano - C...
IoT exploitation: from memory corruption to code execution - Marco Romano - C...IoT exploitation: from memory corruption to code execution - Marco Romano - C...
IoT exploitation: from memory corruption to code execution - Marco Romano - C...
 
Your House is My House: Use of Offensive Enclaves In Adversarial Operations
Your House is My House: Use of Offensive Enclaves In Adversarial OperationsYour House is My House: Use of Offensive Enclaves In Adversarial Operations
Your House is My House: Use of Offensive Enclaves In Adversarial Operations
 
[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...
[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...
[CB19] Semzhu-Project – A self-made new world of embedded hypervisors and att...
 
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...
XPDDS18: Design Session - SGX deep dive and SGX Virtualization Discussion, Ka...
 
[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory Analysis[CCC-28c3] Post Memory Corruption Memory Analysis
[CCC-28c3] Post Memory Corruption Memory Analysis
 
ARM IoT Firmware Emulation Workshop
ARM IoT Firmware Emulation WorkshopARM IoT Firmware Emulation Workshop
ARM IoT Firmware Emulation Workshop
 
Containers Sandboxing (KubeCon 2018)
Containers Sandboxing (KubeCon 2018)Containers Sandboxing (KubeCon 2018)
Containers Sandboxing (KubeCon 2018)
 
[Ruxcon 2011] Post Memory Corruption Memory Analysis
[Ruxcon 2011] Post Memory Corruption Memory Analysis[Ruxcon 2011] Post Memory Corruption Memory Analysis
[Ruxcon 2011] Post Memory Corruption Memory Analysis
 
[Kiwicon 2011] Post Memory Corruption Memory Analysis
[Kiwicon 2011] Post Memory Corruption Memory Analysis[Kiwicon 2011] Post Memory Corruption Memory Analysis
[Kiwicon 2011] Post Memory Corruption Memory Analysis
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote World
 
[HITB Malaysia 2011] Exploit Automation
[HITB Malaysia 2011] Exploit Automation[HITB Malaysia 2011] Exploit Automation
[HITB Malaysia 2011] Exploit Automation
 
Replatforming Legacy Packaged Applications: Block-by-Block with Minecraft
Replatforming Legacy Packaged Applications: Block-by-Block with MinecraftReplatforming Legacy Packaged Applications: Block-by-Block with Minecraft
Replatforming Legacy Packaged Applications: Block-by-Block with Minecraft
 
The Silence of the Canaries
The Silence of the CanariesThe Silence of the Canaries
The Silence of the Canaries
 
BlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel Protector
BlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel ProtectorBlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel Protector
BlackHat Asia 2017-Myth and Truth about Hypervisor-Based Kernel Protector
 
DevDay: Managing Private Algorithms in SGX Enclaves, University of Oxford
DevDay: Managing Private Algorithms in SGX Enclaves, University of OxfordDevDay: Managing Private Algorithms in SGX Enclaves, University of Oxford
DevDay: Managing Private Algorithms in SGX Enclaves, University of Oxford
 
Secure container: Kata container and gVisor
Secure container: Kata container and gVisorSecure container: Kata container and gVisor
Secure container: Kata container and gVisor
 
Hacking blind
Hacking blindHacking blind
Hacking blind
 

Recently uploaded

Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...Silpa
 
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...Mohammad Khajehpour
 
pumpkin fruit fly, water melon fruit fly, cucumber fruit fly
pumpkin fruit fly, water melon fruit fly, cucumber fruit flypumpkin fruit fly, water melon fruit fly, cucumber fruit fly
pumpkin fruit fly, water melon fruit fly, cucumber fruit flyPRADYUMMAURYA1
 
COST ESTIMATION FOR A RESEARCH PROJECT.pptx
COST ESTIMATION FOR A RESEARCH PROJECT.pptxCOST ESTIMATION FOR A RESEARCH PROJECT.pptx
COST ESTIMATION FOR A RESEARCH PROJECT.pptxFarihaAbdulRasheed
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticssakshisoni2385
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPirithiRaju
 
Introduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptxIntroduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptxBhagirath Gogikar
 
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 60009654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000Sapana Sha
 
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑Damini Dixit
 
module for grade 9 for distance learning
module for grade 9 for distance learningmodule for grade 9 for distance learning
module for grade 9 for distance learninglevieagacer
 
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRLKochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRLkantirani197
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Monika Rani
 
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)Joonhun Lee
 
Bacterial Identification and Classifications
Bacterial Identification and ClassificationsBacterial Identification and Classifications
Bacterial Identification and ClassificationsAreesha Ahmad
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)Areesha Ahmad
 
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...ssuser79fe74
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learninglevieagacer
 
COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)
COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)
COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)AkefAfaneh2
 
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and SpectrometryFAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and SpectrometryAlex Henderson
 

Recently uploaded (20)

Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
 
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
 
pumpkin fruit fly, water melon fruit fly, cucumber fruit fly
pumpkin fruit fly, water melon fruit fly, cucumber fruit flypumpkin fruit fly, water melon fruit fly, cucumber fruit fly
pumpkin fruit fly, water melon fruit fly, cucumber fruit fly
 
COST ESTIMATION FOR A RESEARCH PROJECT.pptx
COST ESTIMATION FOR A RESEARCH PROJECT.pptxCOST ESTIMATION FOR A RESEARCH PROJECT.pptx
COST ESTIMATION FOR A RESEARCH PROJECT.pptx
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
 
Introduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptxIntroduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptx
 
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 60009654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
9654467111 Call Girls In Raj Nagar Delhi Short 1500 Night 6000
 
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
 
module for grade 9 for distance learning
module for grade 9 for distance learningmodule for grade 9 for distance learning
module for grade 9 for distance learning
 
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRLKochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
 
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
 
Bacterial Identification and Classifications
Bacterial Identification and ClassificationsBacterial Identification and Classifications
Bacterial Identification and Classifications
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
 
COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)
COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)
COMPUTING ANTI-DERIVATIVES (Integration by SUBSTITUTION)
 
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and SpectrometryFAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
 

SnakeGX (full version)

  • 1. SnakeGX: a sneaky attack against SGX Enclaves Flavio Toffalini - Singapore University of Technology and Design Mariano Graziano - Cisco Systems, Inc. Mauro Conti - University of Padua Jianying Zhou - Singapore University of Technology and Design ACNS - June 21-24, 2021 1
  • 2. Overview - SGX Introduction - Problem description - SnakeGX - Design - Evaluation - Conclusion 2
  • 3. SGX introduction 3 User-space Kernel-space Enclave Intel Software Guard eXtention (SGX) - Enclaves: isolated memory regions in user-space - Enclaves cannot interact with ring-0 software (i.e., no syscall) - Enclaves can write/read in user-space - User- and kernel-space cannot write/read the enclave space HOW IS THIS ENFORCED? CPU/MMU/Microcode checks. OS-independent design.
  • 4. Application SGX Software Development Kit Enclave Secure Function 1 Secure Function N ... Code 4 Secure Function 2 SGX SDK organizes the enclave code in secure functions
  • 5. Problem description - memory corruptions An enclave is prone of memory corruption errors One can force the execution jumping over existing code This hijacks the enclave logic 5 User-space Kernel-space Enclave Payload Correct execution Hijacked execution
  • 6. Problem description - SGX issues 6 User-space Kernel-space SGX assumes everything outside an Enclave is malicious (e.g., the OS) [1] Usually good, however, the OS must trust an enclave contain bening software A code-reuse attack could alter the enclave logic, without breaking the isolation [2,3,4,5] The OS is not aware of the attack Enclave ? ? ? [1] Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface (SIGARCH 2013) [2] Hacking in Darkness: Return-oriented Programming against Secure Enclaves (Usenix 2017) [3] The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX (Usenix 2018) [4] A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes (CCS 2019) [5] Faulty Point Unit: ABI Poisoning Attacks on Intel SGX (ACSAC 2020)
  • 7. Current memory attacks State-of-the-art attacks: 7 Forces the enclave to crash and restart multiple times to “guess” the correct attack Dark-ROP (Usenix 2017) Relies on code patterns, no need to crash the enclave It leaves many structures in memory Guard’s Dilemma (Usenix 2018) Introduces a new and unexpected enclave in the system that attracts the intention of the analyst SGX-ROP (Dimva 2019) // not exactly an attack
  • 8. Current memory attacks State-of-the-art attacks: 8 Forces the enclave to crash and restart multiple times to “guess” the correct attack Dark-ROP (Usenix 2017) Relies on code patterns, no need to crash the enclave It leaves many structures in memory Guard’s Dilemma (Usenix 2018) Introduces a new and unexpected enclave in the system that attracts the intention of the analyst SGX-ROP (Dimva 2019) // not exactly an attack Too noisy Too many traces Add unexpected enclaves
  • 9. SnakeGX Research question: Is it possible to attack an SGX enclave without being detected by the host OS? Our proposal: a framework to implant a backdoor in legitimate SGX enclaves How? 1) Exploiting SGX isolation to avoid memory-inspection 2) Leaving less traces as possible 9
  • 10. Application SnakeGX - The plan! Install a backdoor in the victim enclave => add a malicious secure function Enclave Secure Function 1 Secure Function N ... Backdoor Safe code Attacker 10
  • 11. SnakeGX - The plan! Properties: - Persistent: remains inside the enclave - Stateful: it saves date and takes decision - Interactive: can invoke syscalls Advantages: - No need to repeat an attack - Limited traces in memory - Avoid inspection 11 User-space Kernel-space Enclave Backdoor ➊ ➌ X := 10 ➋ ➊ ➌ ➋
  • 12. SnakeGX - Design - Overview - Find secure memory location - Payload Installation - Set a payload trigger - Backdoor architecture - Context-switch 12
  • 13. SnakeGX - Overview 13 User-space Kernel-space Enclave Backdoor Enclave Memory Analysis Payload Installation Payload Triggering ➊ ➌ ➋ ➎ ➍ Context-Switch Backdoor design
  • 14. Enclave Memory Analysis 14 Virtual address growing direction Enclave stack stack TCS TCS Simplified enclave memory layout Trusted Thread 1 Trusted Thread 2 Select and disarm a trusted thread Doable by inspecting the pages layout ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
  • 15. Enclave Memory Analysis 15 Enclave stack stack TCS TCS Trusted Thread 2 Goal: find a trusted thread where to install a set of ROP chains. Why? Trusted threads can be disabled. One can block the host invokes a trusted thread. Backdoor The Backdoor! Discussed later... ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
  • 16. ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Attacker Payload Installation Exploit an enclave memory error! Not need a specific technique 3 Goals: copy backdoor inside enclave set the payload trigger resume enclave execution 16 ➊ ➌ ➋ Enclave Backdoor ➊ Trigger ➋ ➌ Normal application execution
  • 17. ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Set Payload Trigger (from SGX SDK) 17 Untrusted oret(outside_function1) Enclave ecall(secure_function1) ocall(outside_function1) eret(secure_function1) main() { ecall(secure_function1); } outside_function1() { write_file(); } secure_function1() { enclave_logic(); ocall(outside_function); other_logic(); } Time
  • 18. Untrusted oret(outside_function1) Enclave ecall(secure_function1) ocall(outside_function1) eret(secure_function1) main() { ecall(secure_function1); } outside_function1() { write_file(); } secure_function1() { enclave_logic(); ocall(outside_function); other_logic(); } Time Set Payload Trigger (from SGX SDK) 18 We are going to investigate these parts ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
  • 19. Set Payload Trigger Enclave Untrusted Code Secure Function Main Process Outside Function do_oret ocall_context do_ocall ECALL OCALL ORET entry-point Secure Functions ocall_context => a structure to restore secure function execution do_ocall => generates a ocall_context do_oret => consume a ocall_context 19 ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
  • 20. Set Payload Trigger Enclave Untrusted Code Main Process Outside Function ECALL OCALL entry-point Secure Functions GOAL: inject a fake ocall_context that trigger code-reuse payload inside the enclave 20 ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch do_oret do_ocall Secure Function ocall_context ocall_context => a structure to restore secure function execution do_ocall => generates a ocall_context do_oret => consume a ocall_context ORET
  • 21. Set Payload Trigger 21 Application Install a backdoor in the victim enclave => add a malicious secure function Enclave Backdoor Attacker ORET ocall_context do_oret ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
  • 22. ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Backdoor architecture 22 TLS (inside the enclave) FakeFrame Workspace Backup ROP-chains ROP-chains fake ocall_context fake ocall_context Buffer Enclave stack stack TCS TCS Trusted Thread
  • 23. Backdoor architecture 23 TLS (inside the enclave) FakeFrame Workspace Backup ROP-chains ROP-chains fake ocall_context fake ocall_context Buffer For status and temporary variables Actual ROP chains executed ROP chains and structure copies for restoring For the trigger ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch
  • 24. ➊ - Enclave Memory Analysis ➋ - Payload Installation ➌ - Payload Triggering ➍ - Backdoor architecture ➎ - Context-switch Context-switch Goal: the payload should interact with the OS without losing the enclave control Intuition: split the payload in ROP chains inside and outside the enclave 24 User-space Kernel-space Enclave Oc P1 P2 Attacker ORET ORET Note: P1 , P2 : split the payload in 2 parts Oc : outside chain temporary copied in user-space and erased after usage
  • 25. SnakeGX - a recap 25 User-space Kernel-space Enclave Backdoor Enclave Memory Analysis Payload Installation Payload Triggering ➊ ➌ ➋ ➎ ➍ Context-Switch Backdoor design
  • 26. The Evaluation - Use Case: StealthDB - Traces measurement and comparison with SotA 26
  • 27. Use Case: StealthDB StealthDB1 is a PostgreSQL extension to perform homomorphic-like encryption by using SGX enclaves Application Enclave Secure Function Backdoor Safe code Attacker P_Key (AES key) backdoor() { if (P_Key is changed) exfiltrate(P_Key) } ORET ECALL 27 [1] https://github.com/cryptograph/stealthdb/
  • 28. Use Case: StealthDB 28 Analysis Payload P1 : checks status and in case exfiltrates P_Key Oc : write P_Key on a socket P2 : restores the payload for a next execution Application Enclave P1 Attacker P_Key (AES key) P1 () { if (P_Key is changed) exfiltrate(P_Key) } ORET OC P2 ORET socket
  • 29. Traces measurement Payload: Trigger: 29 Chain #functions/syscall #gadget Size [B] P1 27 23 2816 Oc 13 7 1232 P2 4 20 312 sum 44 50 4360 Chain #functions/syscall #gadget Size [B] trigger 0 4 56
  • 30. Traces measurement Payload: Trigger: 30 Chain #functions/syscall #gadget Size [B] P1 27 23 2816 Oc 13 7 1232 P2 4 20 312 sum 44 50 4360 Chain #functions/syscall #gadget Size [B] trigger 0 4 56 Takeaway: Payload size: 4360B Trigger size: 56B size(Trigger) << size(Payload) Less traces to inspect through memory-forensic techniques
  • 31. Conclusion Before - Current SGX malware introduces unexpected enclaves in the system - Current one-shot-attacks need to repeat the attack(and leave traces in memory) Now - Infecting legitimate enclaves (no new enclaves) - SnakeGX hide most of the logic inside the enclave (more challenging to detect) 31
  • 32. Thanks for your attention 32 Have a look at our PoC: https://github.com/tregua87/snakegx