{"627554":{"#nid":"627554","#data":{"type":"event","title":"PhD Defense by Ming-Wei Shih","body":[{"value":"\u003Cp\u003ETitle: Securing Intel SGX against Side-Channel Attacks via Load-Time Synthesis\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cbr \/\u003E\r\nMing-Wei Shih\u003Cbr \/\u003E\r\nPh.D. candidate in Computer Science\u003Cbr \/\u003E\r\nSchool of Computer Science\u003Cbr \/\u003E\r\nCollege of Computing\u003Cbr \/\u003E\r\nGeorgia Institute of Technology\u003Cbr \/\u003E\r\n\u003Cbr \/\u003E\r\nDate: Monday, October 21, 2019\u003Cbr \/\u003E\r\nTime: 15:00 - 17:00 (EST)\u003Cbr \/\u003E\r\nLocation: Coda C1003 Adair\u003Cbr \/\u003E\r\n\u003Cbr \/\u003E\r\nCommittee:\u003Cbr \/\u003E\r\n------------\u003Cbr \/\u003E\r\nDr. Taesoo Kim (Advisor, School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Wenke Lee (School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Marcus Peinado (Microsoft Research)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Brendan D. Saltaformaggio (School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Michael Steiner (Intel Labs)\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cbr \/\u003E\r\nAbstract:\u003Cbr \/\u003E\r\n-----------\u003C\/p\u003E\r\n\r\n\u003Cp\u003EIn response to the growing need for securing user data in the cloud, recent Intel processors have supported a new feature, Intel Software Guard Extensions (SGX). \u0026nbsp;SGX allows a program to execute in isolation from the rest of the underlying system. \u0026nbsp;Thus, even after compromising the system, neither cloud providers nor attackers can gain access to data that the program processes. \u0026nbsp;Unfortunately, recent studies have shown that such isolation is bypassable via side-channel attacks (SCAs). In particular, SCAs against SGX are more critical under the extreme assumption (i.e., attackers compromise the system), allowing attackers to infer fine-grained information from an SGX-protected program.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EToward practical defenses against SCAs on SGX, the first part of the thesis presents two mitigation techniques, SGX-Armor and T-SGX, both of which require neither hardware- nor source-code-level modifications and incur moderate runtime overhead to a program. SGX-Armor is a general-purpose defense based on Address Space Layout Randomization (ASLR) that obfuscates the memory layout of the program, preventing attackers from interpreting side-channel information. \u0026nbsp;Unlike traditional ASLR implementations, SGX-Armor incorporates a provably secure algorithm that shuffles memory layout without revealing the information of the layout through any of the known side channels. \u0026nbsp;T-SGX is a novel defense against controlled-channel attacks that exploit page faults as a side-channel. \u0026nbsp;By using Intel Transactional Synchronization Extensions (TSX) as a primitive that suppresses page faults, T-SGX automatically transfers a program into a protected one at compile time.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe second part of the thesis presents Pridwen, a framework that addresses the challenges of combining multiple mitigation techniques such as SGX-Armor and T-SGX, thereby providing a broader scope of protection against SCAs on SGX. \u0026nbsp;Using load-time synthesis, Pridwen adaptively enforces mitigation schemes to a program in distinct cloud environments. \u0026nbsp;The prototype of Pridwen has supported four mitigation schemes that secure SGX programs again various SCAs while minimizing the incurred runtime overhead according to the configuration of the environment.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Securing Intel SGX against Side-Channel Attacks via Load-Time Synthesis"}],"uid":"27707","created_gmt":"2019-10-14 14:00:01","changed_gmt":"2019-10-14 14:00:01","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2019-10-21T16:00:00-04:00","event_time_end":"2019-10-21T18:00:00-04:00","event_time_end_last":"2019-10-21T18:00:00-04:00","gmt_time_start":"2019-10-21 20:00:00","gmt_time_end":"2019-10-21 22:00:00","gmt_time_end_last":"2019-10-21 22:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"100811","name":"Phd Defense"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"},{"id":"174045","name":"Graduate students"},{"id":"78751","name":"Undergraduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}