Write a Blog >>
Tue 10 Nov 2020 08:30 - 08:32 at Virtual room 1 - Security

The Intel Security Guard Extensions (SGX) architecture enables the abstraction
of enclaved execution, using which an application can protect its code and data
from powerful adversaries, including system software that executes with the
highest processor privilege. While the Intel SGX architecture exports an ISA
with low-level instructions that enable applications to create enclaves, the
task of writing applications using this ISA has been left to the software

We consider the problem of porting legacy applications to SGX enclaves. In the
approximately four years to date since the Intel SGX became commercially
available, the community has developed three different models to port
applications to enclaves—the library OS, the library wrapper, and the
instruction wrapper models.

In this paper, we conduct an empirical evaluation of the merits and costs of
each model. We report on our attempt to port a handful of real-world
application benchmarks (including OpenSSL, Memcached, a Web server and a Python
interpreter) to SGX enclaves using prototypes that embody each of the above
models. Our evaluation focuses on the merits and costs of each of these models
from the perspective of the effort required to port code under each of these
models, the effort to re-engineer an application to work with enclaves, the
security offered by each model, and the runtime performance of the applications
under these models.

Conference Day
Tue 10 Nov

Displayed time zone: (UTC) Coordinated Universal Time change

08:30 - 09:00
An Evaluation of Methods to Port Legacy Code to SGX Enclaves
Research Papers
Kripa ShankerIndian Institute of Science, Bangalore, Arun JosephIndian Institute of Science, India, Vinod GanapathyIndian Institute of Science, India
DOI Pre-print File Attached
How Does Refactoring Impact Security When Improving Quality? A Security-Aware Refactoring Approach
Journal First
Chaima AbidUniversity of Michigan, Marouane KessentiniUniversity of Michigan, Vahid AlizadehDePaul University, Mouna DhaouadiUniversity of Michigan, Rick KazmanUniversity of Hawai‘i at Mānoa
Improving Cybersecurity Hygiene through JIT Patching
Industry Papers
Frederico AraujoIBM T.J. Watson Research Center, New York, USA, Teryl TaylorIBM Research, n.n.
Search-Based Adversarial Testing and Improvement of Constrained Credit Scoring Systems
Research Papers
Salah GhamiziUniversity of Luxembourg, Luxembourg, Maxime CordyUniversity of Luxembourg, Luxembourg, Martin GubriUniversity of Luxembourg, Luxembourg, Mike PapadakisUniversity of Luxembourg, Luxembourg, Andrey BoystovUniversity of Luxembourg, Luxembourg, Yves Le TraonUniversity of Luxembourg, Luxembourg, Anne GoujonBGL BNP Paribas, Luxembourg
DOI Pre-print
SinkFinder: Harvesting Hundreds of Unknown Interesting Function Pairs with Just One Seed
Research Papers
Pan BianRenmin University of China, China, Bin LiangRenmin University of China, China, Jianjun HuangRenmin University of China, China, Wenchang ShiRenmin University of China, China, Xidong WangRenmin University of China, China, Jian ZhangInstitute of Software at Chinese Academy of Sciences, China
Taking the Middle Path: Learning About Security Through Online Social Interaction
Journal First
Tamara LopezThe Open University, Thein Tun, Arosha K BandaraThe Open University, Mark LevineLancaster University, Bashar NuseibehThe Open University (UK) & Lero (Ireland), Helen SharpThe Open University
Conversations on Security
Research Papers
Frederico AraujoIBM T.J. Watson Research Center, New York, USA, Kripa ShankerIndian Institute of Science, Bangalore, Pan BianRenmin University of China, China, Salah GhamiziSntT - University of Luxembourg, Tamara LopezThe Open University, Chaima AbidUniversity of Michigan, M: Ben HermannTechnical University Dortmund