Search for: All records

Award ID contains: 1703931

« Prev Next »

Total Resources

3

Resource Type
Journal Article

3

Dataset

0

Availability
Full Text / Resource Available

3

Citation Only

0

Save Results
Excel (limit 2000)
CSV (limit 5000)
XML (limit 5000)

Have feedback or suggestions for a way to improve these results?
!

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

InvisiPage: oblivious demand paging for secure enclaves

https://doi.org/10.1145/3307650.3322265

Aga, Shaizeen ; Narayanasamy, Satish ( June 2019 , Proceedings of the 46th International Symposium on Computer Architecture)

State-of-art secure processors like Intel SGX remain susceptible to leaking page-level address trace of an application via the page fault channel in which a malicious OS induces spurious page faults and deduces application's secrets from it. Prior works which fix this vulnerability do not provision for OS demand paging to be oblivious. In this work, we present InvisiPage which obfuscates page fault channel while simultaneously making OS demand paging oblivious. To do so, InvisiPage first carefully distributes page management actions between the application and the OS. Second, InvisiPage secures application's page management interactions with the OS using a novel construct which is derived from Oblivious RAM (ORAM) but is customized for page management. Finally, we lower overheads of our approach by reducing page management interactions with the OS via a novel memory partition. For a suite of cloud applications which process sensitive data we show that page fault channel can be tackled while enabling oblivious demand paging at low overheads.

Full Text Available
Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis

https://doi.org/10.1109/SP.2019.00043

Banerjee, Subarno ; Devecsery, David ; Chen, Peter M. ; Narayanasamy, Satish ( May 2019 , IEEE Symposium on Security and Privacy)

Dynamic information-flow tracking (DIFT) is useful for enforcing security policies, but rarely used in practice, as it can slow down a program by an order of magnitude. Static program analyses can be used to prove safe execution states and elide unnecessary DIFT monitors, but the performance improvement from these analyses is limited by their need to maintain soundness. In this paper, we present a novel optimistic hybrid analysis (OHA) to significantly reduce DIFT overhead while still guaranteeing sound results. It consists of a predicated whole-program static taint analysis, which assumes likely invariants gathered from profiles to dramatically improve precision. The optimized DIFT is sound for executions in which those invariants hold true, and recovers to a conservative DIFT for executions in which those invariants are false. We show how to overcome the main problem with using OHA to optimize live executions, which is the possibility of unbounded rollbacks. We eliminate the need for any rollback during recovery by tailoring our predicated static analysis to eliminate only safe elisions of noop monitors. Our tool, Iodine, reduces the overhead of DIFT for enforcing security policies to 9%, which is 4.4x lower than that with traditional hybrid analysis, while still being able tomore »be run on live systems.« less

Full Text Available
Optimistic Hybrid Analysis: Accelerating Dynamic Analysis through Predicated Static Analysis

https://doi.org/10.1145/3173162.3177153

Devecsery, David ; Chen, Peter M. ; Flinn, Jason ; Narayanasamy, Satish ( January 2018 , Architectural Support for Programming Languages and Operating Systems)

Full Text Available