Leonid Dyachkov
ABSTRACT
We present a new fuzzing approach for Iago vulnerabilities in Library OSes for SGX enclaves. Based on the filesystem model, it allows efficiently combining valid and malicious values to reach deeper paths in LibraryOS to identify more potential security vulnerabilities.
- Stephen Checkoway and Hovav Shacham. 2013. Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface. SIGARCH Comput. Archit. News 41, 1 (mar 2013), 253--264. Google Scholar
Digital Library
- Rongzhen Cui, Lianying Zhao, and David Lie. 2021. Emilia: Catching Iago in Legacy Code. In NDSS21. Symposium on Network and Distributed System Security. Google ScholarCross Ref
- Meni Orenbach, Bar Raveh, Alon Berkenstadt, Yan Michalevsky, Shachar Itzhaky, and Mark Silberstein. 2022. Securing Access to Untrusted Services From TEEs with GateKeeper. arXiv:2211.07185 [cs.CR]Google Scholar
Index Terms
- Fuzzing LibraryOSes for Iago vulnerabilities
Recommendations
Iago attacks: why the system call API is a bad untrusted RPC interface
ASPLOS '13In recent years, researchers have proposed systems for running trusted code on an untrusted operating system. Protection mechanisms deployed by such systems keep a malicious kernel from directly manipulating a trusted application's state. Under such ...
Iago attacks: why the system call API is a bad untrusted RPC interface
ASPLOS '13In recent years, researchers have proposed systems for running trusted code on an untrusted operating system. Protection mechanisms deployed by such systems keep a malicious kernel from directly manipulating a trusted application's state. Under such ...
Iago attacks: why the system call API is a bad untrusted RPC interface
ASPLOS '13: Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systemsIn recent years, researchers have proposed systems for running trusted code on an untrusted operating system. Protection mechanisms deployed by such systems keep a malicious kernel from directly manipulating a trusted application's state. Under such ...
Comments