|
 |
| |
 |
Disaiah Bennett :: ROP based code reuse attack on Intel SGX |
|
| Knowing the potential leakage inside SGX enclave caused by software vulnerabilities, new understandings are needed to mitigate the threat. From that which is known, two recent works are published on this topic. SGX-Shield at NDSS'17 proposed load-time randomization, and "Hacking in Darkness: Return-oriented Programming against Secure Enclaves" to appear at Usenix Security'17. By following the research routine: a basic attack outside SGX to understand ROP, the ROP attack inside SGX enclave, and JIT-ROP to bypass SGX-Shield. After we can propose mitigation strategies, such as run-time live re-randomization. Both parts of JIT-ROP inside SGX and run-time live re-randomization are research problems we can try to solve.
|
 |
|
 |
ECSU CERSER
1704 Weeksville Road, Box 672, Elizabeth City, North Carolina 27909
Phone (252) 335-3696 Fax (252) 335-3790 |
| |
|
 |
Science Gateways Community Institute
Center of Excellence in Remote Sensing Education and Research
1704 Weeksville Road, Box 672, Elizabeth City, North Carolina 27909
Phone (252) 335-3696 Fax (252) 335-3790
National Science Foundation Award Number ACI-1547611 |
|
 |
|
