Distributed shielded execution for transmissible cyber threats analysis
Introduction
Transmissible cyber threats have become one of the most serious security issues in cyberspace, such as computer viruses spreading on the Internet, rumours propagating in social networks, and rolling blackouts in smart grids. Many techniques have been proposed to model, simulate and identify threats’ sources [21] and their propagation in large-scale distributed networks. Most analysis of transmissible cyber threats [[20], [44]] are based on real network dataset that contains sensitive information. However, in-memory analysis of these dataset in traditional systems including both cloud and local servers often causes data leakage due to system vulnerabilities. If the dataset itself is compromised by adversaries during the cyber threat analysis process, this threat cost would be even higher than the threat being analysed [1].
Today’s cloud and local computer systems are built based on a traditional hierarchical security model that mainly targets at protecting the privileged code of system software from untrusted code of applications, and does not aim at protecting user data from being accessed by privileged code [6]. Therefore, the cyber threats analysis code must trust: (i) the provider’s hardware used to run their applications; (ii) the privileged system software (host OS, hypervisor, firmware) and the full stack of system management software; (iii) the system administrators and other staffs that have entitlements to access hardware facilities. From this point of view, the trusted computing base (TCB) to the cyber threats analysis users is very large and uncertain. And there were many data leakage incidents [11] happened due to software and administrative vulnerabilities. Although privacy preserving [12] could be used to hide sensitive information, there are many scenarios that require encrypt/decrypt processing to protect data security [49].
With the increasing security concerns in the cyberspace, new hardware technologies for trusted computing have evolved rapidly. Trusted execution environments (TEEs) can provide applications with a secure execution context. Even if the rest of software (hypervisor, OS, etc.) are compromised, the application inside TEE can still remain trusted. The recent Intel Software Guard Extensions (SGX) [17] and the ARM TrustZone [2] are among the promising techniques that protect user’s sensitive code and data against malicious software that attempts to compromise its integrity and confidentiality.
Our objective is to provide cyber threat analysis users a distributed shielded execution system to protect their sensitivein-memory data in cyberspace. Particularly, we focus on the distributed key–value store system to process network dataset for cyber threats analysis. The in-memory key–value store systems are widely used in the distributed systems. User’s data resides in the memory are most vulnerable to leakage, while data stored in the storage devices can be securely encrypted.
In this paper, we aim to protect in-memory key–value store system based on the Intel SGX trusted techniques. Cloud users need only trust the hardware and their own applications, thus reducing TCB to the minimum. By design and implementation of secure key–value store system, we try to achieve the following goals: (i) Users’ code and data are guaranteed to reside in the memory of the trusted physical machine. (ii) Confidentiality and integrity of user’s private data are protected even if the system software stack is compromised and controlled by adversaries. (iii) The performance gap between the secure key–value store system and the original system without security enhancement should be kept small.
Reaching the above three goals faces some challenges.
(1) Due to the SGX hardware restrictions, the trusted space (named enclave) could only use a limited number of EPC (Enclave Page Cache) pages (a total of 128 MB for current processor). However, a typical key–value store system requires large memory capacity that far exceeds the available SGX memory resources. Although the SGX provides paging mechanism, paging brings very high overhead that is intolerable for latency sensitive applications.
(2) The data transmission between enclave and outside world will bring potential security vulnerabilities. The system calls invoked in the enclave must switch to the untrusted OS, which is vulnerable to Iago attacks [9]. The untrusted OS may return malicious data into the enclave, and the enclave may leak secret data to the outside world. The key–value store system has frequent system calls of memory and network I/O operations. Simply porting the key–value store system into the enclave will not only expose many interfaces that increase the potential attack surfaces, but also incurs high performance penalty.
(3) While the attackers cannot directly access code and data inside enclaves, they can potentially raise known attacks from outside the enclave, such as replay attacks [40], and rollback attacks [22]. How to prevent or mitigate these attacks without significantly compromising performance is also a big challenge in the design of a secure key–value store system.
In this paper, we propose a distributed shielded execution framework for cyber threats analysis (short for Disef) that leverages key–value store system and the new Intel SGX processors to protect in-memory private dataset. The main contributions of this paper is described as follows:
(1) We analyse the workflow of key–value store system and propose a brief method to classify security sensitive operations (related to updating key–value pairs) and other non-sensitive operations. Only the security sensitive operations are executed inside the enclave, which significantly reduces memory footprint required in the enclave. Instead of putting all code and data into the enclave, we properly encrypt key–value pairs and put them in the non-enclave memory region. In this manner, Disef overcomes the hardware limitation of small enclave memory and the large overhead caused by SGX paging. Disef can use normal memory pages to store large amount of key–value pairs with near native performance and still preserve the confidentiality and integrity of user data.
(2) We design one secure interface between the trusted enclave and the untrusted non-enclave space. The minimum number of interfaces could reduce many potential vulnerabilities. As memory allocation and network I/O operations are irrelevant with modifying the encrypted key–value pairs, we put these codes and system calls outside the enclave to reduce possible Iago attacks. This design not only reduces security risks caused by invoking system calls inside the enclave, but also reduces the performance penalty caused by data transmission across the enclave boundary. The parameters passed through the secure interface are carefully examined before running the enclave code.
(3) We propose a client-controlled data protection mechanism to mitigate some potential attacks, such as replay attacks and rollback attacks. Preventing replay and rollback attacks are expensive in an untrusted cloud environment. We propose two efficient protection methods integrated with the Disef system: (i) we design a new KEY–VALUE format and integrate with a version number to prevent rollback attacks. (ii) we design a new update VALUE format and add a monotonic update number to prevent replay attacks. These protection mechanisms are processed along with normal key–value operations without extra communication, which have low performance overhead. In the client, Disef establishes a fast version tracking table (VTT) to record the version number of certain key–value pairs that are stored in the server. The version number of a key–value pair retrieved from the server is checked to prevent rollback attacks. When the key–value pairs are updated in the Disef enclave, the enclave checks both the version number and the update counter to prevent possible rollback and replay attacks.
We implement the Disef system based on the memcached project [28]. The Disef system consists of three parts, the Disef enclave, the Disef memcached, and the Disef client. We leverage the Intel SGX remote attestation mechanism to establish secure channel and share secrets between the enclave and client. Our experimental results on the real SGX machine showed that the Disef system has comparable performance with the baseline memcached, while Disef achieves stronger security guarantees of user dataset.
The remainder of this paper is organised as follows. Section 2 describes the related work. Section 3 provides background of Intel SGX. Sections 4 Distributed shielded execution framework design, 5 Implementation describe the Disef system design and implementation. Section 6 presents performance evaluation. And finally, Section 7 concludes our work.
Section snippets
Related work
There have been extensive studies on transmissible cyber threats analysis techniques, including malware propagation analysis and control [[45], [46]], rumour propagation modelling and restraining [[7], [44]], and threat sources identification [[20], [21] ]. These techniques mainly focus on theoretical methods based on pre-acquired network dataset. However, their practical deployment in real systems still faces many limitations, including how to protect the network dataset while in-memory
SGX overview
The Intel SGX (Software Guard Extention) [17] is a new set of instructions and mechanisms for trusted memory accesses added to future x86 ISA (Instruction Set Architecture) processors. The SGX extensions allow an application to instantiate a hardware protected container (known as an enclave) for isolated execution in the application’s address space. Accessing the enclave memory space from any other software not resident in the enclave is prevented by hardware mechanism. The SGX also provides
Disef overview
Disef is a secure in-memory key–value store system leveraging the Intel SGX trusted hardware. Disef consists of three parts: (1) the Disef memcached server; (2) the Disef enclave; and (3) the Disef client. The main idea of Disef is to protect the confidentiality and integrity of key–value data in an untrusted cloud, while balancing the tradeoff between performance and security with a client-controlled data protection scheme.
In the server side, based on the Intel SGX processor, Disef integrates
Implementation
The Disef system implementation consists of three major parts: (1) the Disef enclave; (2) the Disef memcached; (3) the Disef client.
The Disef enclave are compiled and statically linked with the trusted RunTime Service (tRTS) library. The complied Disef enclave image is a statically linked shared object under Linux OS, without any external dependencies. The secure interface is defined in the Enclave Definition Language (EDL) file as described in Section 4.3. The Edger8r tool provided by Intel [18
Performance evaluation
In this section, we evaluate the proposed Disef system using the Intel SGX processor and real-life memcached benchmarks. First, we describe the experimental platform. The physical server is configured with a 2.70 GHz Intel Core i5-6400 processor (code name Skylake), 32GB of RAM, and a 1 TB disk storage. The ethernet controller is the Intel Corporation Ethernet Connection (2) I219-V (rev 31). The client machine is configured with a 2.6 GHz Intel Core i5-4570 processor, 8GB of RAM, and 256GB SSD
Conclusion
In this paper, we proposed the secure key–value (Disef) store system based on the Intel SGX processor. Disef classifies the key–value operations into security sensitive and non-sensitive operations, and the security sensitive operations are implemented in the Disef enclave. Through briefly partitioning the memcached server, Disef allows one secure interface between the enclave and non-enclave space to reduce potential Iago attacks. In the Disef client, we designed the new key–value encrypted
Yuxia Cheng received the Ph.D. degree in computer science and technology from Zhejiang University, Hangzhou, China, in 2015. He is currently an associate Professor at the School of Computer Science and Technology, Hangzhou Dianzi University. His current research interests include multicore architecture, operating systems, virtualization and system security.
References (50)
- et al.
From security to assurance in the cloud
ACM Comput. Surv.
(2015) - ARM Security Technology: Building a Secure System using TrustZone Technology, White paper,...
- S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O’Keeffe, M.L....
- A.M. Azab, P. Ning, X. Zhang, SICE: a hardware-level strongly isolated computing environment for x86 multi-core...
- et al.
TrustedDB: A trusted hardware-based database with privacy and data confidentiality
IEEE Trans. Knowl. Data Eng.
(2014) - et al.
Shielding applications from an untrusted cloud with haven
ACM Trans. Comput. Syst.
(2015) - et al.
Limiting the spread of misinformation in social networks
- N.S.C. Gentry, S. Halevi, Homomorphic evaluation of the AES circuit, in: Proceedings of International Cryptology...
- S. Checkoway, H. Shacham, Iago attacks: why the system call API is a bad untrusted RPC interface, in: Proceedings of...
- V. Costan, S. Devadas, Intel SGX Explained, Technical report, Feb. 2016,pp....
Security issues in cloud environments: a survey
Int. J. Inf. Secur.
Privacy-preserving data publishing: A survey of recent developments
ACM Comput. Surv.
Ryoan: a distributed sandbox for untrusted computation on secret data
K-Center: An approach on the multi-source identification of information diffusion
IEEE Trans. Inf. Forensics Secur.
Identifying propagation sources in networks: State-of-the-art and comparative studies
IEEE Commun. Surv. Tutor.
New approaches to security and availability for cloud data
Commun. ACM
Cited by (2)
TZEAMM: An Efficient and Secure Active Measurement Method Based on TrustZone
2023, Security and Communication NetworksA Vision for Improving Business Continuity through Cyber-resilience Mechanisms and Frameworks
2021, Iberian Conference on Information Systems and Technologies, CISTI
Yuxia Cheng received the Ph.D. degree in computer science and technology from Zhejiang University, Hangzhou, China, in 2015. He is currently an associate Professor at the School of Computer Science and Technology, Hangzhou Dianzi University. His current research interests include multicore architecture, operating systems, virtualization and system security.
Qing Wu received the Ph.D degree in computer science and technology from Zhejiang University, Hangzhou, China. He is currently a Professor with the School of Computer Science and Technology, Hangzhou Dianzi University. His major interests include artificial intelligence, ITS, ubiquitous embedded computing, software middleware, context-aware computing, CORBA component model, and multiagent theory.
Wenzhi Chen received the Ph.D. degree from Zhejiang University, Hangzhou, China. He is currently a Professor and a Ph.D. Supervisor with the College of Computer Science and Technology, Zhejiang University. His areas of research include computer graphics, computer architecture, system software, embedded systems, and security.
Bei Wang received the B.S. degree in computer science and technology from Sun Yatsen University. He is currently working toward the Ph.D. degree in computer science and technology at Zhejiang University, Hangzhou. His research interests include operating systems, virtualization, system security and blockchain.