January 2022
·
356 Reads
·
19 Citations
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
January 2022
·
356 Reads
·
19 Citations
January 2022
·
8 Reads
·
11 Citations
IEEE Transactions on Dependable and Secure Computing
Confidential computing aims to secure the code and data in use by providing a Trusted Execution Environment (TEE) for applications using hardware features such as Intel SGX.Timing and cache side-channel attacks, however, are often outside the scope of the threat model, although once exploited they are able to break all the default security guarantees enforced by hardware. Unfortunately, tools detecting potential side-channel vulnerabilities within applications are limited and usually ignore the strong attack model and the unique programming model imposed by Intel SGX. This paper proposes a precise side-channel analysis tool, ENCIDER, detecting both timing and cache side-channel vulnerabilities within SGX applications via inferring potential timing observation points and incorporating the SGX programming model into analysis. ENCIDER uses dynamic symbolic execution to decompose the side-channel requirement based on the bounded non-interference property and implements byte-level information flow tracking via API modeling. We have applied ENCIDER to 4 real-world SGX applications, 2 SGX crypto libraries, and 3 widely-used crypto libraries, and found 29 timing side channels and 73 code and data cache side channels. We have reported our findings to the corresponding parties, e.g., Intel and ARM, who have confirmed most of the vulnerabilities detected.
September 2019
·
51 Reads
·
9 Citations
IEEE Transactions on Software Engineering
The number of Internet of Things (IoT) has reached 7 billion globally in early 2018 and are nearly ubiquitous in daily life. Knowing whether or not these devices are safe and secure to use is becoming critical. IoT devices usually implement communication protocols such as USB and Bluetooth within firmware to allow a wide range of functionality. Thus analyzing firmware using domain knowledge from these protocols is vital to understand device behavior, detect implementation bugs, and identify malicious components. Unfortunately, due to the complexity of these protocols, there is usually no formal specification available that can help automate the firmware analysis; as a result significant manual effort is currently required to study these protocols and to reverse engineer the device firmware. In this paper, we propose a new firmware analysis methodology using symbolic execution called ProXray, which can learn a protocol model from known firmware, and apply the model to recognize the protocol relevant fields and detect functionality within unknown firmware automatically. After the training phase, ProXray can fully automate the firmware analysis process while supporting user's queries in the form of protocol relevant constraints. We have applied ProXray to the USB and the Bluetooth protocols by learning protocol constraint models from firmware that implement these protocols. We are then able to map protocol fields and identify USB functionality automatically within all 6 unknown USB firmware while achieving more than an order of magnitude speedup in achieving protocol relevant targets in unknown Bluetooth firmware. Our model achieved high coverage of the USB and Bluetooth specifications for several important protocol fields. ProXray provides a new method to apply domain knowledge to firmware analysis automatically.
August 2019
·
79 Reads
·
7 Citations
IEEE Security and Privacy Magazine
Firmware for Internet of Things devices can contain malicious code or vulnerabilities, which have already been used in devastating attacks. In this article, we discuss the problems in analyzing firmware for security, offer case studies, and propose challenge tasks to improve firmware analysis.
July 2019
·
37 Reads
·
25 Citations
A protocol for two-party secure function evaluation (2P-SFE) aims to allow the parties to learn the output of function f of their private inputs, while leaking nothing more. In a sense, such a protocol realizes a trusted oracle that computes f and returns the result to both parties. There have been tremendous strides in efficiency over the past ten years, yet 2P-SFE protocols remain impractical for most real-time, online computations, particularly on modestly provisioned devices. Intel's Software Guard Extensions (SGX) provides hardware-protected execution environments, called enclaves, that may be viewed as trusted computation oracles. While SGX provides native CPU speed for secure computation, previous side-channel and micro-architecture attacks have demonstrated how security guarantees of enclaves can be compromised. In this paper, we explore a balanced approach to 2P-SFE on SGX-enabled processors by constructing a protocol for evaluating f relative to a partitioning of f. This approach alleviates the burden of trust on the enclave by allowing the protocol designer to choose which components should be evaluated within the enclave, and which via standard cryptographic techniques. We describe SGX-enabled SFE protocols (modeling the enclave as an oracle), and formalize the strongest-possible notion of 2P-SFE for our setting. We prove our protocol meets this notion when properly realized. We implement the protocol and apply it to two practical problems: privacy-preserving queries to a database, and a version of Dijkstra's algorithm for privacy-preserving navigation. Our evaluation shows that our SGX-enabled SFE scheme enjoys a 38x increase in performance over garbled-circuit-based SFE. Finally, we justify modeling of the enclave as an oracle by implementing protections against known side-channels.
May 2019
·
125 Reads
·
8 Citations
Mobile devices are more connected than ever before through the use of multiple wireless protocols, including the 2G, 3G, and 4G cellular standards. To manage and interact with cellular networks, phones use dedicated and highly proprietary baseband processors running custom, closed-source firmware. Despite the increasing complexity of modern cellular standards, there is no reference implementation, leading individual baseband manufacturers to create their own in-house versions. The proprietary nature of baseband firmware combined with the complexity of standards has created a barrier for researchers to comprehensively audit the security of these implementations. To address this, we present SpikerXG, an extensible, baseband testing platform that employs firmware instrumentation to intelligently target protocol messages.
May 2019
·
20 Reads
A protocol for two-party secure function evaluation (2P-SFE) aims to allow the parties to learn the output of function f of their private inputs, while leaking nothing more. In a sense, such a protocol realizes a trusted oracle that computes f and returns the result to both parties. There have been tremendous strides in efficiency over the past ten years, yet 2P-SFE protocols remain impractical for most real-time, online computations, particularly on modestly provisioned devices. Intel's Software Guard Extensions (SGX) provides hardware-protected execution environments, called enclaves, that may be viewed as trusted computation oracles. While SGX provides native CPU speed for secure computation, previous side-channel and micro-architecture attacks have demonstrated how security guarantees of enclaves can be compromised. In this paper, we explore a balanced approach to 2P-SFE on SGX-enabled processors by constructing a protocol for evaluating f relative to a partitioning of f. This approach alleviates the burden of trust on the enclave by allowing the protocol designer to choose which components should be evaluated within the enclave, and which via standard cryptographic techniques. We describe SGX-enabled SFE protocols (modeling the enclave as an oracle), and formalize the strongest-possible notion of 2P-SFE for our setting. We prove our protocol meets this notion when properly realized. We implement the protocol and apply it to two practical problems: privacy-preserving queries to a database, and a version of Dijkstra's algorithm for privacy-preserving navigation. Our evaluation shows that our SGX-enabled SFE scheme enjoys a 38x increase in performance over garbled-circuit-based SFE. Finally, we justify modeling of the enclave as an oracle by implementing protections against known side-channels.
May 2019
·
138 Reads
·
19 Citations
May 2019
·
28 Reads
·
10 Citations
March 2019
·
270 Reads
·
19 Citations
With close to native performance, Linux containers are becoming the de facto platform for cloud computing. While various solutions have been proposed to secure applications and containers in the cloud environment by leveraging Intel SGX, most cloud operators do not yet offer SGX as a service. This is likely due to a number of security, scalability, and usability concerns coming from both cloud providers and users. Cloud operators worry about the security guarantees of unofficial SDKs, limited support for remote attestation within containers, limited physical memory for the Enclave Page Cache (EPC) making it difficult to support hundreds of enclaves, and potential DoS attacks against EPC by malicious users. Meanwhile, end users need to worry about careful program partitioning to reduce the TCB and adapting legacy applications to use SGX. We note that most of these concerns are the result of an incomplete infrastructure, from the OS to the application layer. We address these concerns with lxcsgx, which allows SGX applications to run inside containers while also: enabling SGX remote attestation for containerized applications, enforcing EPC memory usage control on a per-container basis, providing a general software TPM using SGX to augment legacy applications, and supporting partitioning with a GCC plugin. We then retrofit Nginx/OpenSSL and Memcached using the software TPM and SGX partitioning to defend against known and potential attacks. Thanks to the small EPC footprint of each enclave, we are able to run up to 100 containerized Memcached instances without EPC swapping. Our evaluation shows the overhead introduced by lxcsgx is less than 6.9% for simple SGX applications, 9.5% for Nginx/OpenSSL, and 20.9% for containerized Memcached.
... Existing research efforts that specialize in black-box testing of wireless communication protocol implementations can be categorized into the following high-level categories: (A) Manual analysis or fixed test case-based approaches [10,45,57,58]; (B) Reverse engineering-based approaches [23,25,37,41,51,62]; (C) State machine learning-based approaches [16,22,31,35,46]. Approaches in categories (A) and (B) are either unscalable due to manual effort or ineffective in identifying intricate bugs in complex and stateful protocols that require long execution packet traces to be exercised. ...
January 2022
... However, despite its apparent simplicity, correctly following the constanttime paradigm is hard, leading to mistakes even in recent, well-audited code such as the widely used OpenSSL library [60], or Amazon's s2n [5,4]. To address this issue, many tools relying on variants of taint tracking were proposed to statically check that secret values do not leak into branching conditions or memory access indices [6,63,26,19,28,24,74,76,79]. ...
Reference:
Charon: An Analysis Framework for Rust
January 2022
IEEE Transactions on Dependable and Secure Computing
... GoodUSB [70] Transport Firmware verification IronKey [71] FirmUSB [72] ProXray [73] Viper [74] USB stack fuzzing USB fuzzing [75,76] hardware-based fuzzing [77] vUSBf [78] Syzkaller [43] POTUS [79] USBFuzz [80] USB packet firewall USBFilter [6] USBGuard [7] USBFirewall [81] Linux (e)BPF Modules (LBM) [82] Host-emulating honeypots GoodUSB [70] SandUSB [84] Cinch [84] Physical Antifingerprinting USB host fingerprinting [16] Secure channel Cinch [84] UScramBle [85] Security training and antivirus software can mitigate human-and application-layer attacks, and the quality of USB hardware can be improved to reduce physical-layer attacks; however, transport-layer defenses are limited. USBFirewall [86] protects the USB stack on the host by identifying malformed USB packets, such as those created using FaceDancer, using a formal protocol-syntax model. ...
May 2019
... Security against card skimmers. Recent research highlights the prevalence of credit card skimming attacks at gas stations, with studies by [14] and [58] focusing on using smartphone Bluetooth scanning to detect skimmers. [59] introduces Skim Reaper, a tool utilizing the physical characteristics and constraints of card skimming devices for detection. ...
May 2019
... GoodUSB [70] Transport Firmware verification IronKey [71] FirmUSB [72] ProXray [73] Viper [74] USB stack fuzzing USB fuzzing [75,76] hardware-based fuzzing [77] vUSBf [78] Syzkaller [43] POTUS [79] USBFuzz [80] USB packet firewall USBFilter [6] USBGuard [7] USBFirewall [81] Linux (e)BPF Modules (LBM) [82] Host-emulating honeypots GoodUSB [70] SandUSB [84] Cinch [84] Physical Antifingerprinting USB host fingerprinting [16] Secure channel Cinch [84] UScramBle [85] Security training and antivirus software can mitigate human-and application-layer attacks, and the quality of USB hardware can be improved to reduce physical-layer attacks; however, transport-layer defenses are limited. USBFirewall [86] protects the USB stack on the host by identifying malformed USB packets, such as those created using FaceDancer, using a formal protocol-syntax model. ...
September 2019
IEEE Transactions on Software Engineering
... Cybersecurity professionals can use these tools to identify and address vulnerabilities much quicker than manual firmware analysis. Manual analysis takes much longer to conduct and is more susceptible to errors than an automated tool [11]. A case study on the subject shows that automated firmware analysis is a valuable tool in detecting vulnerabilities in many diverse types of firmware [12]. ...
August 2019
IEEE Security and Privacy Magazine
... When performing the analysis, the techniques used to perform SMPC on resource-constrained devices are mainly grouped into three categories: those performing secure outsourcing [6,12,14,15,34,35,55,83], those that implement hardware-based trusted execution [18,19,48], and those that implement an intermediate language and new compilers to optimize the underlying cryptographic technique [9,54]. Throughout this section, the articles will be grouped around these techniques in order to summarize the strategy followed by each of the articles and the differences with respect to the rest of their category. ...
July 2019
... There have been several remote code execution (RCE) exploits due to baseband memory corruption [19,20,58], accompanied by guides on analyzing and debugging baseband code [6,18]. Recently, automated static analysis has been used to detect deviations in baseband code from cellular standards [22,30,31], uncovering memory bugs. Furthermore, advancements in dynamic firmware analysis and rehosting have facilitated baseband fuzzing [23,26,39]. ...
May 2019
... Based on trusted computing technology, a virtual trusted root is configured for each container [9]. Although a certain degree of trustworthiness assessment can be achieved, container instances in a single server in a container cloud are typically in the tens [15]. Thus, a significant performance loss is caused. ...
March 2019
... Research has shown that current defense measures, such as virus scanners, are not effective to withstand emerging smartphone security threats, simply because they are signature-based, so they can only detect known malware (e.g., worms, viruses, and Trojan horses)( (Chen & etal.. 2017), (Hernandez and Butler. 2018), (Reshetova, Bonazzi, and Asokan. 2017), . Malware writers are writing malware that can easily bypass signature-based virus scanners and enetrate the operating system to execute malicious code. New and unknown malware presents serious security threats on smartphones; therefore, there is a critical need to design robust security counterm ...
Reference:
Android Application Security
June 2018