33 research outputs found
QuanShield: Protecting against Side-Channels Attacks using Self-Destructing Enclaves
Trusted Execution Environments (TEEs) allow user processes to create enclaves
that protect security-sensitive computation against access from the OS kernel
and the hypervisor. Recent work has shown that TEEs are vulnerable to
side-channel attacks that allow an adversary to learn secrets shielded in
enclaves. The majority of such attacks trigger exceptions or interrupts to
trace the control or data flow of enclave execution.
We propose QuanShield, a system that protects enclaves from side-channel
attacks that interrupt enclave execution. The main idea behind QuanShield is to
strengthen resource isolation by creating an interrupt-free environment on a
dedicated CPU core for running enclaves in which enclaves terminate when
interrupts occur. QuanShield avoids interrupts by exploiting the tickless
scheduling mode supported by recent OS kernels. QuanShield then uses the save
area (SA) of the enclave, which is used by the hardware to support interrupt
handling, as a second stack. Through an LLVM-based compiler pass, QuanShield
modifies enclave instructions to store/load memory references, such as function
frame base addresses, to/from the SA. When an interrupt occurs, the hardware
overwrites the data in the SA with CPU state, thus ensuring that enclave
execution fails. Our evaluation shows that QuanShield significantly raises the
bar for interrupt-based attacks with practical overhead.Comment: 15pages, 5 figures, 5 table
Undermining User Privacy on Mobile Devices Using AI
Over the past years, literature has shown that attacks exploiting the
microarchitecture of modern processors pose a serious threat to the privacy of
mobile phone users. This is because applications leave distinct footprints in
the processor, which can be used by malware to infer user activities. In this
work, we show that these inference attacks are considerably more practical when
combined with advanced AI techniques. In particular, we focus on profiling the
activity in the last-level cache (LLC) of ARM processors. We employ a simple
Prime+Probe based monitoring technique to obtain cache traces, which we
classify with Deep Learning methods including Convolutional Neural Networks. We
demonstrate our approach on an off-the-shelf Android phone by launching a
successful attack from an unprivileged, zeropermission App in well under a
minute. The App thereby detects running applications with an accuracy of 98%
and reveals opened websites and streaming videos by monitoring the LLC for at
most 6 seconds. This is possible, since Deep Learning compensates measurement
disturbances stemming from the inherently noisy LLC monitoring and unfavorable
cache characteristics such as random line replacement policies. In summary, our
results show that thanks to advanced AI techniques, inference attacks are
becoming alarmingly easy to implement and execute in practice. This once more
calls for countermeasures that confine microarchitectural leakage and protect
mobile phone applications, especially those valuing the privacy of their users
Efficiently Hardening SGX Enclaves against Memory Access Pattern Attacks via Dynamic Program Partitioning
Intel SGX is known to be vulnerable to a class of practical attacks
exploiting memory access pattern side-channels, notably page-fault attacks and
cache timing attacks. A promising hardening scheme is to wrap applications in
hardware transactions, enabled by Intel TSX, that return control to the
software upon unexpected cache misses and interruptions so that the existing
side-channel attacks exploiting these micro-architectural events can be
detected and mitigated. However, existing hardening schemes scale only to
small-data computation, with a typical working set smaller than one or few
times (e.g., times) of a CPU data cache.
This work tackles the data scalability and performance efficiency of security
hardening schemes of Intel SGX enclaves against memory-access pattern side
channels. The key insight is that the size of TSX transactions in the target
computation is critical, both performance- and security-wise. Unlike the
existing designs, this work dynamically partitions target computations to
enlarge transactions while avoiding aborts, leading to lower performance
overhead and improved side-channel security. We materialize the dynamic
partitioning scheme and build a C++ library to monitor and model cache
utilization at runtime. We further build a data analytical system using the
library and implement various external oblivious algorithms. Performance
evaluation shows that our work can effectively increase transaction size and
reduce the execution time by up to two orders of magnitude compared with the
state-of-the-art solutions
Using Metrics Suites to Improve the Measurement of Privacy in Graphs
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Social graphs are widely used in research (e.g., epidemiology) and business (e.g., recommender systems). However, sharing these graphs poses privacy risks because they contain sensitive information about individuals. Graph anonymization techniques aim to protect individual users in a graph, while graph de-anonymization aims to re-identify users. The effectiveness of anonymization and de-anonymization algorithms is usually evaluated with privacy metrics. However, it is unclear how strong existing privacy metrics are when they are used in graph privacy. In this paper, we study 26 privacy metrics for graph anonymization and de-anonymization and evaluate their strength in terms of three criteria: monotonicity indicates whether the metric indicates lower privacy for stronger adversaries; for within-scenario comparisons, evenness indicates whether metric values are spread evenly; and for between-scenario comparisons, shared value range indicates whether metrics use a consistent value range across scenarios. Our extensive experiments indicate that no single metric fulfills all three criteria perfectly. We therefore use methods from multi-criteria decision analysis to aggregate multiple metrics in a metrics suite, and we show that these metrics suites improve monotonicity compared to the best individual metric. This important result enables more monotonic, and thus more accurate, evaluations of new graph anonymization and de-anonymization algorithms
InversOS: Efficient Control-Flow Protection for AArch64 Applications with Privilege Inversion
With the increasing popularity of AArch64 processors in general-purpose
computing, securing software running on AArch64 systems against control-flow
hijacking attacks has become a critical part toward secure computation. Shadow
stacks keep shadow copies of function return addresses and, when protected from
illegal modifications and coupled with forward-edge control-flow integrity,
form an effective and proven defense against such attacks. However, AArch64
lacks native support for write-protected shadow stacks, while software
alternatives either incur prohibitive performance overhead or provide weak
security guarantees.
We present InversOS, the first hardware-assisted write-protected shadow
stacks for AArch64 user-space applications, utilizing commonly available
features of AArch64 to achieve efficient intra-address space isolation (called
Privilege Inversion) required to protect shadow stacks. Privilege Inversion
adopts unconventional design choices that run protected applications in the
kernel mode and mark operating system (OS) kernel memory as user-accessible;
InversOS therefore uses a novel combination of OS kernel modifications,
compiler transformations, and another AArch64 feature to ensure the safety of
doing so and to support legacy applications. We show that InversOS is secure by
design, effective against various control-flow hijacking attacks, and
performant on selected benchmarks and applications (incurring overhead of 7.0%
on LMBench, 7.1% on SPEC CPU 2017, and 3.0% on Nginx web server).Comment: 18 pages, 9 figures, 4 table
A Large-Scale Study on the Prevalence and Usage of TEE-based Features on Android
In the realm of mobile security, where OS-based protections have proven
insufficient against robust attackers, Trusted Execution Environments (TEEs)
have emerged as a hardware-based security technology. Despite the industry's
persistence in advancing TEE technology, the impact on end users and developers
remains largely unexplored. This study addresses this gap by conducting a
large-scale analysis of TEE utilization in Android applications, focusing on
the key areas of cryptography, digital rights management, biometric
authentication, and secure dialogs.
To facilitate our extensive analysis, we introduce Mobsec Analytika, a
framework tailored for large-scale app examinations, which we make available to
the research community. Through the analysis of 170,550 popular Android apps,
our analysis illuminates the implementation of TEE-related features and their
contextual usage.
Our findings reveal that TEE features are predominantly utilized indirectly
through third-party libraries, with only 6.7% of apps directly invoking the
APIs. Moreover, the study reveals the underutilization of the recent TEE-based
UI feature Protected Confirmation.Comment: Additional information and artifacts on project page:
https://www.cs1.tf.fau.de/android-tee-study
Approximating ReLU on a Reduced Ring for Efficient MPC-based Private Inference
Secure multi-party computation (MPC) allows users to offload machine learning
inference on untrusted servers without having to share their privacy-sensitive
data. Despite their strong security properties, MPC-based private inference has
not been widely adopted in the real world due to their high communication
overhead. When evaluating ReLU layers, MPC protocols incur a significant amount
of communication between the parties, making the end-to-end execution time
multiple orders slower than its non-private counterpart.
This paper presents HummingBird, an MPC framework that reduces the ReLU
communication overhead significantly by using only a subset of the bits to
evaluate ReLU on a smaller ring. Based on theoretical analyses, HummingBird
identifies bits in the secret share that are not crucial for accuracy and
excludes them during ReLU evaluation to reduce communication. With its
efficient search engine, HummingBird discards 87--91% of the bits during ReLU
and still maintains high accuracy. On a real MPC setup involving multiple
servers, HummingBird achieves on average 2.03--2.67x end-to-end speedup without
introducing any errors, and up to 8.64x average speedup when some amount of
accuracy degradation can be tolerated, due to its up to 8.76x communication
reduction
IoTBeholder: A Privacy Snooping Attack on User Habitual Behaviors from Smart Home Wi-Fi Traffic
With the deployment of a growing number of smart home IoT devices, privacy leakage has become a growing concern. Prior work on privacy-invasive device localization, classification, and activity identification have proven the existence of various privacy leakage risks in smart home environments. However, they only demonstrate limited threats in real world due to many impractical assumptions, such as having privileged access to the user's home network. In this paper, we identify a new end-to-end attack surface using IoTBeholder, a system that performs device localization, classification, and user activity identification. IoTBeholder can be easily run and replicated on commercial off-the-shelf (COTS) devices such as mobile phones or personal computers, enabling attackers to infer user's habitual behaviors from smart home Wi-Fi traffic alone. We set up a testbed with 23 IoT devices for evaluation in the real world. The result shows that IoTBeholder has good device classification and device activity identification performance. In addition, IoTBeholder can infer the users' habitual behaviors and automation rules with high accuracy and interpretability. It can even accurately predict the users' future actions, highlighting a significant threat to user privacy that IoT vendors and users should highly concern