Title: Hardening and Adapting Trusted Execution Environments for Emerging Platforms

Date: Monday, December 4, 2023

Time: 11:00 AM - 1:00 PM ET

Location: CODA C0908 / Zoom

Fan Sang

Ph.D. Student

School of Cybersecurity and Privacy

College of Computing

Georgia Institute of Technology

Committee:

Prof. Taesoo Kim (advisor), School of Computer Science & School of Cybersecurity and Privacy, Georgia Institute of Technology

Dr. Daniel Genkin, School of Cybersecurity and Privacy, Georgia Institute of Technology

Dr. Brendan D. Saltaformaggio, School of Electrical and Computer Engineering & School of Cybersecurity and Privacy, Georgia Institute of Technology

Prof. Moinuddin K. Qureshi, School of Computer Science, Georgia Institute of Technology

Dr. Xiaokuan Zhang, Department of Computer Science, George Mason University

Abstract

The advancement of cloud computing, IoT, edge computing, and emerging platforms has resulted in users often relinquishing data control to third-party providers, raising security concerns. Trusted Execution Environments (TEEs), first developed for cloud computing, create secure areas within processors to protect sensitive data. However, the integration of TEEs into emerging platforms is absent, primarily due to their recency and ongoing development. Nevertheless, the growing users’ expectation for security and new privacy regulations make it crucial to adapt TEEs for emerging platforms. My thesis focuses on hardening and adapting TEEs for emerging platforms, particularly Extended Reality (XR).

First, to harden existing TEEs, I developed a program synthesis framework that optimally defends TEE programs against various side-channel attacks (SCAs) without conflict according to the target platform’s configuration. Furthermore, from a fundamental perspective, I proposed an architectural extension that allows TEE programs to subscribe to fine-grained microarchitectural events, enabling proactive defenses previously unfeasible.

Second, to understand the security implications of XR, I designed a black-box fuzzing framework for proprietary XR applications. This framework includes a virtual device driver that simulates physical XR devices, eliminating the need for physical hardware in testing. It dynamically synchronizes recorded user interactions with live sessions, accommodating the non-deterministic nature of XR environments, and employs a Large Language Model (LLM) for mutation and bug checking, aligning recordings with the application’s semantics and detecting inconsistencies between user interactions and application behavior.

Finally, I propose a preliminary design for integrating TEEs into XR platforms, in which I will adapt ARM Confidential Compute Architecture (CCA) for state-of-the-art XR implementations. This integration aims to secure user inputs, controller interactions, and visual/audio data, focusing on maintaining the quality of experience, such as responsiveness and immersiveness, crucial for highly interactive platforms like XR.