January 2023
·
20 Reads
·
14 Citations
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
January 2023
·
20 Reads
·
14 Citations
October 2022
·
55 Reads
Smart contracts enable users to execute payments depending on complex program logic. Ethereum is the most notable example of a blockchain that supports smart contracts leveraged for countless applications including games, auctions and financial products. Unfortunately, the traditional method of running contract code on-chain is very expensive, for instance, on the Ethereum platform, fees have dramatically increased, rendering the system unsuitable for complex applications. A prominent solution to address this problem is to execute code off-chain and only use the blockchain as a trust anchor. While there has been significant progress in developing off-chain systems over the last years, current off-chain solutions suffer from various drawbacks including costly blockchain interactions, lack of data privacy, huge capital costs from locked collateral, or supporting only a restricted set of applications. In this paper, we present POSE -- a practical off-chain protocol for smart contracts that addresses the aforementioned shortcomings of existing solutions. POSE leverages a pool of Trusted Execution Environments (TEEs) to execute the computation efficiently and to swiftly recover from accidental or malicious failures. We show that POSE provides strong security guarantees even if a large subset of parties is corrupted. We evaluate our proof-of-concept implementation with respect to its efficiency and effectiveness.
January 2022
·
10 Reads
·
8 Citations
May 2021
·
36 Reads
·
25 Citations
October 2020
·
29 Reads
·
4 Citations
July 2020
·
66 Reads
Performing machine learning tasks in mobile applications yields a challenging conflict of interest: highly sensitive client information (e.g., speech data) should remain private while also the intellectual property of service providers (e.g., model parameters) must be protected. Cryptographic techniques offer secure solutions for this, but have an unacceptable overhead and moreover require frequent network interaction. In this work, we design a practically efficient hardware-based solution. Specifically, we build Offline Model Guard (OMG) to enable privacy-preserving machine learning on the predominant mobile computing platform ARM - even in offline scenarios. By leveraging a trusted execution environment for strict hardware-enforced isolation from other system components, OMG guarantees privacy of client data, secrecy of provided models, and integrity of processing algorithms. Our prototype implementation on an ARM HiKey 960 development board performs privacy-preserving keyword recognition using TensorFlow Lite for Microcontrollers in real time.
June 2020
·
41 Reads
·
6 Citations
IEEE Security and Privacy Magazine
The increasing complexity of modern computing devices has rendered security architectures vulnerable to recent side-channel and transient-execution attacks. We discuss the most relevant defenses as well as their drawbacks and how to overcome them for next-generation secure processor design.
March 2020
·
23 Reads
·
45 Citations
December 2019
·
149 Reads
Fault-injection attacks have been proven in the past to be a reliable way of bypassing hardware-based security measures, such as cryptographic hashes, privilege and access permission enforcement, and trusted execution environments. However, traditional fault-injection attacks require physical presence, and hence, were often considered out of scope in many real-world adversary settings. In this paper we show this assumption may no longer be justified. We present V0LTpwn, a novel hardware-oriented but software-controlled attack that affects the integrity of computation in virtually any execution mode on modern x86 processors. To the best of our knowledge, this represents the first attack on x86 integrity from software. The key idea behind our attack is to undervolt a physical core to force non-recoverable hardware faults. Under a V0LTpwn attack, CPU instructions will continue to execute with erroneous results and without crashes, allowing for exploitation. In contrast to recently presented side-channel attacks that leverage vulnerable speculative execution, V0LTpwn is not limited to information disclosure, but allows adversaries to affect execution, and hence, effectively breaks the integrity goals of modern x86 platforms. In our detailed evaluation we successfully launch software-based attacks against Intel SGX enclaves from a privileged process to demonstrate that a V0LTpwn attack can successfully change the results of computations within enclave execution across multiple CPU revisions.
December 2019
·
163 Reads
·
56 Citations
Recent research has demonstrated that Intel's SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks. In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns. Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity. To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.
... Despite the price feed provided by Chainlink is efficient and reliable, it works in a fully off-chain manner, which is inconvenient to be called by smart contracts and may pose potential trust issues. There are also some researches focus on outsourcing complex on-chain contract computation to trusted off-chain compute nodes, such as: SMART [18], POSE [15], and Arbitrum [20]. However, these methods would require introducing additional security assumptions to the system (e.g. ...
January 2023
... Functionality. Recent evaluations of various CFI defenses have highlighted compatibility issues that can compromise the intended functionality of the target application [64], [140]. Notably, the implementation approach in Lockdown [93] and OS-CFI [107] fails to correctly compile certain applications, e.g., nginx. ...
Reference:
SoK: Runtime Integrity
January 2022
... Due to the post-fabrication nature of the programming, an FPGA can provide economically feasible runtime processing, which has led to its increased utilization in various sectors, including automotive electronics, medical devices, the military, and consumer electronics [1,2]. Recently, FPGAs have found a place in large-scale cloud data centers [3,4] and flexible system-on-chips (SoCs) [5,6]. FPGAs, considered semi-custom circuits within the application-specific integrated circuit (ASIC) domain, offer distinct advantages over other programmable chips. ...
May 2021
... In principle, existing grammar-aware strategies can be applied to AFLNET to improve the effectiveness of message mutation. Given a user-provided data model describing the message grammar, structure-aware blackbox protocol fuzzers [1], [20] generate valid messages from scratch, while structure-aware greybox fuzzers [3], [35] take a mutationbased approach. In contrast, CHATAFL [24] obtains the message structure information from the LLMs and then preserves valid message grammar during mutation. ...
January 2019
... Dentre os artigos selecionado, houveram 9 abordagens voltadas para o uso de cifras simétricas [17,16,15,11,2,10,3, 1] e 2 abordagems para cifras assimétricas [1,18]. Para o restante dos estudos não foi possível identificar. ...
October 2020
... For example, if accelerating the encode or decode of a particular audio or video codec, the implementation may change or be updated over time. Another major benefit is the ability to fix or patch security vulnerabilities which are discovered over time [8]. ...
Reference:
FPGAs in Client Compute Hardware
June 2020
IEEE Security and Privacy Magazine
... SANCTUARY is a generic Trusted Execution Environment (TEE) solution that paves the road for protecting on-device ML models. Based on SANCTUARY, OMG [27] provides a prototype implementation of user-space enclaves to protect both client data and model privacy for TensorFlow Lite models. OMG can protect the whole model while lacking support for GPU acceleration and easy adaptation. ...
March 2020
... Interruptible enclave execution security has improved through techniques such as full abstraction, preventing side-channel vulnerabilities during processor feature additions [306]. Data location randomization breaks correlations between adversarial observations and actual memory access, providing a strong automated defense without developer intervention [307]. Lastly, integrating machine learning-based defenses anticipates and counters evolving machine learning-enhanced side-channel attacks [301]. ...
December 2019
... Duas abordagens são aplicáveis para promover a segurança e confiabilidade de medidores inteligentes: abordagem baseadas em software (BOCCARDO et al., 2014;PETERS et al., 2015;De Castro et al., 2017;; e abordagem baseada em hardware (NAGRA; COLLBERG, 2009;BRASSER et al., 2018). ...
September 2018
... With respect to related works [57][58][59][60][61][62][63], our classification method does not require any disassembly or execution of the actual malware code. Moreover, the image textures used for classification provide more resilient features in terms of obfuscation techniques, and in particular for encryption. ...
October 2018