AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves

Intel’s Software Guard Extensions (SGX) provide a new hardware-based trusted execution environment on Intel CPUs using secure enclaves that are resilient to accesses by privileged code and physical attackers. Originally designed for securing small services, SGX bears promise to protect complex, possibly cloud-hosted, legacy applications. In this paper, we show that previously considered harmless synchronisation bugs can turn into severe security vulnerabilities when using SGX. By exploiting use-after-free and time-of-check-to-time-of-use (TOCTTOU) bugs in enclave code, an attacker can hijack its control flow or bypass access control. We present AsyncShock, a tool for exploiting synchronisation bugs of multithreaded code running under SGX. AsyncShock achieves this by only manipulating the scheduling of threads that are used to execute enclave code. It allows an attacker to interrupt threads by forcing segmentation faults on enclave pages. Our evaluation using two types of Intel Skylake CPUs shows that AsyncShock can reliably exploit use-after-free and TOCTTOU bugs

MKM: Multiple Kernel Memory for Protecting Page Table Switching Mechanism Against Memory Corruption

Countermeasures against kernel vulnerability attacks on an operating system (OS) are highly important kernel features. Some kernels adopt several kernel protection methods such as mandatory access control, kernel address space layout randomization, control flow integrity, and kernel page table isolation; however, kernel vulnerabilities can still be exploited to execute attack codes and corrupt kernel memory. To accomplish this, adversaries subvert kernel protection methods and invoke these kernel codes to avoid administrator privileges restrictions and gain complete control of the target host. To prevent such subversion, we present Multiple Kernel Memory (MKM), which offers a novel security mechanism using an alternative design for kernel memory separation that was developed to reduce the kernel attack surface and mitigate the effects of illegal data manipulation in the kernel memory. The proposed MKM is capable of isolating kernel memory and dedicates the trampoline page table for a gateway of page table switching and the security page table for kernel protection methods. The MKM encloses the vulnerable kernel code in the kernel page table. The MKM mechanism achieves complete separation of the kernel code execution range of the virtual address space on each page table. It ensures that vulnerable kernel code does not interact with different page tables. Thus, the page table switching of the trampoline and the kernel protection methods of the security page tables are protected from vulnerable kernel code in other page tables. An evaluation of MKM indicates that it protects the kernel code and data on the trampoline and security page tables from an actual kernel vulnerabilities that lead to kernel memory corruption. In addition, the performance results show that the overhead is 0.020μs to 0.5445μs, in terms of the system call latency and the application overhead average is 196.27 μs to 6,685.73 μs , for each download access of 100,000 Hypertext Transfer Protocol sessions

KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels

Commodity OS kernels have broad attack surfaces due to the large code base and the numerous features such as device drivers. For a real-world use case (e.g., an Apache Server), many kernel services are unused and only a small amount of kernel code is used. Within the used code, a certain part is invoked only at runtime while the rest are executed at startup and/or shutdown phases in the kernel's lifetime run. In this paper, we propose a reliable and practical system, named KASR, which transparently reduces attack surfaces of commodity OS kernels at runtime without requiring their source code. The KASR system, residing in a trusted hypervisor, achieves the attack surface reduction through a two-step approach: (1) reliably depriving unused code of executable permissions, and (2) transparently segmenting used code and selectively activating them. We implement a prototype of KASR on Xen-4.8.2 hypervisor and evaluate its security effectiveness on Linux kernel-4.4.0-87-generic. Our evaluation shows that KASR reduces the kernel attack surface by 64% and trims off 40% of CVE vulnerabilities. Besides, KASR successfully detects and blocks all 6 real-world kernel rootkits. We measure its performance overhead with three benchmark tools (i.e., SPECINT, httperf and bonnie++). The experimental results indicate that KASR imposes less than 1% performance overhead (compared to an unmodified Xen hypervisor) on all the benchmarks.Comment: The work has been accepted at the 21st International Symposium on Research in Attacks, Intrusions, and Defenses 201

Recycling of Cigarette Butts in Fired Clay Bricks: A New Laboratory Investigation

Cigarette butts (CBs) are the most commonly littered waste material in the world. It is estimated that over 5.7 trillion cigarettes are consumed worldwide each year, consequently millions of tonnes of highly toxic waste are contaminating the environment. CBs are composed of cellulose acetate filters a polymer with poor biodegradability and which, depending upon the environmental conditions, can take many years to decompose. In this study, fired clay bricks were manufactured with 0.5%, 1%, 1.5%, and 2% CBs by weight and tested against control bricks with 0% CBs. The results revealed a decrease in compressive strength from 48.6 MPa for 0% CB content bricks to 30.8 MPa for 1% CB content bricks, and a decrease in dry density with the increase in CB content, from 2114 kg/m3 for the control bricks to 1983 kg/m3 and 1969 kg/m3 for 1% and 2% CB content bricks. The highest value of water absorption appeared for 2% CB content bricks, reaching an absorption rate of 13.1% compared to 9% for the control bricks. The energy required during the firing process was calculated with a saving of up to 10.20%, for bricks incorporating 1% CBs. The thermal conductivity of the samples showed a reduction of 17% from 1.078 to 0.898 W m-1 K-1 with the addition of 1% CBs. In addition, the manufactured bricks were tested for efflorescence, initial rate of absorption (IRA), microstructural analysis, and shrinkage. A life-cycle assessment (LCA) is recommended to analyze the environmental impacts of bricks incorporating CBs

The toxicity and valorization options of cigarette butts

Cigarette butts, one of the most abundant forms of waste in the world, contain more than 4,000 toxic chemicals and pose serious risks to the health of wildlife, humans, and marine and freshwater organisms. Although trivial in size, trillions of cigarettes are produced every year worldwide, resulting in the accumulation of tonnes of toxic waste litter. In 2016, a world production of over 5.7 trillion cigarettes was reported with the majority comprising cellulose acetate filters a polymer with poor biodegradability. Depending on the environmental conditions, cellulose acetate filters can take up to 10 years to decompose during which time they leach heavy metals and toxic chemicals into the environment. Although possible disposal methods for collected cigarette butt waste include incineration and landfilling, both techniques may result in the release of hazardous fumes and can be costly. However, recycling CBs in different materials could be a possible solution for this concurrent environmental pollution. A number of novel studies have been publicized on recycling cigarette butts with encouraging results, and several methods have been studied, including the recycling of cigarette butts in asphalt concrete and fired clay bricks, as a carbon source, sound absorbing material, corrosion inhibitor, biofilm carrier, and many more. Hence, this paper provides a comprehensive review and discussion of various studies that have been carried out on the toxicity and valorization of cigarette butt waste and investigates the feasibility and sustainability of recycling methods adopted. Further research and developments are essential for the widespread application of recycling cigarette butts

Physical, mechanical and chemical properties of biosolids and raw brown coal fly ash, and their combination for road structural fill applications

Worldwide, 100 to 125 million tonnes of biosolids are produced annually, and this number is continuously increasing with millions of dollars expended on the treatment and management processes. Biosolids are nutrient-rich materials comprising a mix of inorganic, organic and water materials that are a by-product of the sewage treatment process. This paper investigates the combination of Raw Brown Coal Fly Ash (BCFA) with biosolids samples from the Eastern Treatment Plant (ETP) and Western Treatment Plant (WTP) in Melbourne, to form a material that can be used as a substitute for engineering applications. Biosolids samples were prepared along with samples of biosolids mixed with 10%, 25% and 50% BCFA by dry weight. The mechanical, chemical and physical properties of ETP22, WTP10 and BCFA were investigated using X-Ray Fluorescence (XRF), X-Ray Diffraction (XRD), Standard Compaction and California Bearing Ratio (CBR) to assess their suitability for use in engineering applications. A Leachate Analysis was conducted using the Toxicity Characteristic Leaching Procedure (TCLP) and Australian Bottle Leachate Procedure (ABLP) to classify the wastes and determine the possibility of ground or surface water contamination through the possible leaching of heavy metals. The CBR testing aimed to analyse the relationship between mixes by preparing samples at OMC cured for 24 hours, OMC cured for 7 days and OMC soaked for 48 hours for investigating the effect of moisture conditions and time on the strength of the materials. The results showed that the load bearing capacity of ETP biosolids samples, with an organic content of 7.1%, significantly improved with the addition of BCFA, producing strong CBR values of 10%, 13% and 19% after 7 days curing with the addition of 10%, 25% and 50% BCFA

Practical recycling applications of crushed waste glass in construction materials: A review

The disposal of waste glass in landfills is an important environmental challenge that many countries face around the world. The repurposing of waste glass into a construction material reduces the consumption of natural resources, minimizes greenhouse emissions and alleviates landfill scarcity. Over the last sixty-five years, numerous investigators have studied reusing crushed waste glass (CWG) as a construction material. However, CWG has not been widely used in concrete or asphalt construction applications across the globe. Additionally, barriers still exist that prevent CWG from being used as a fine aggregate in concrete, such as the severity of Alkali-silica reaction (ASR) expansions within concrete consisting of CWG, and the lack of understanding of these reactions. This paper presents an overview of previous studies carried out by researchers to reuse CWG as an aggregate in concrete and asphalt mixtures, an aggregate in unbound base and subbase applications, lightweight engineering material and a cementitious material. From the literature review conducted, it can be concluded that CWG has potential use as an aggregate in construction materials. More research is required to clarify contradictions regarding the properties of concrete containing CWG as fine aggregate, as well as further investigation of the properties of foamed waste glass concrete and ultra-lightweight fibre reinforced concrete containing expanded waste glass, and the use of glass powder as a filler in asphalt

Nanoparticles in Construction Materials and Other Applications, and Implications of Nanoparticle Use

Nanoparticles are defined as ultrafine particles sized between 1 and 100 nanometres in diameter. In recent decades, there has been wide scientific research on the various uses of nanoparticles in construction, electronics, manufacturing, cosmetics, and medicine. The advantages of using nanoparticles in construction are immense, promising extraordinary physical and chemical properties for modified construction materials. Among the many different types of nanoparticles, titanium dioxide, carbon nanotubes, silica, copper, clay, and aluminium oxide are the most widely used nanoparticles in the construction sector. The promise of nanoparticles as observed in construction is reflected in other adoptive industries, driving the growth in demand and production quantity at an exorbitant rate. The objective of this study was to analyse the use of nanoparticles within the construction industry to exemplify the benefits of nanoparticle applications and to address the short-term and long-term effects of nanoparticles on the environment and human health within the microcosm of industry so that the findings may be generalised. The benefits of nanoparticle utilisation are demonstrated through specific applications in common materials, particularly in normal concrete, asphalt concrete, bricks, timber, and steel. In addition, the paper addresses the potential benefits and safety barriers for using nanomaterials, with consideration given to key areas of knowledge associated with exposure to nanoparticles that may have implications for health and environmental safety. The field of nanotechnology is considered rather young compared to established industries, thus limiting the time for research and risk analysis. Nevertheless, it is pertinent that research and regulation precede the widespread adoption of potentially harmful particles to mitigate undue risk