YoVDO

The Guard's Dilemma - Efficient Code-Reuse Attacks Against Intel SGX

Offered By: USENIX via YouTube

Tags

USENIX Security Courses Cybersecurity Courses Software Security Courses Intel SGX Courses

Course Description

Overview

Explore a 23-minute conference talk from USENIX Security '18 that delves into novel exploitation techniques against Intel Software Guard Extensions (SGX). Learn about the vulnerabilities in SGX that can be exploited without kernel privileges or causing enclave crashes, even in the presence of existing randomization approaches like SGX-Shield. Understand the concept of the Guard's Dilemma, the CONT primitive, and how these attacks can be applied to enclaves developed with the standard Intel SGX SDK on both Linux and Windows. Gain insights into the potential security risks associated with SGX and the proposed mitigations to address these vulnerabilities.

Syllabus

Intro
Intel SGX (software Guard extensions)
SGX provides strong isolation
Control-Flow Attacks
Related work
The SGX SDK
The Guard's Dilemma
Motivation
The Basic Idea
The CONT Primitive
Attack Overview
Example Attack
Attacking SGX-Shield
SGX-Shield Exploit
Mitigations
Conclusion


Taught by

USENIX

Related Courses

Never Been KIST - Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport
USENIX via YouTube
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network
USENIX via YouTube
Control-Flow Bending - On the Effectiveness of Control-Flow Integrity
USENIX via YouTube
Protecting Privacy of BLE Device Users
USENIX via YouTube
K-Fingerprinting - A Robust Scalable Website Fingerprinting Technique
USENIX via YouTube