Maxul's Sketch Notes

Thinking will not overcome fear but action will.

Smmdumper

题目: When hardware meets software: a bulletproof solution to forensic memory acquisition 作者: Alessandro Reina, Aristide Fattori, Fabio Pagani, Lorenzo Cavallaro, Danilo Bruschi 单位: Università degl...

Posted by Maxul's Sketch Notes on March 20, 2018

Systex 2017 论文选读

SGX - BOMB : Locking Down the Processor via the Rowhammer Attack Intel处理器在发现EPC页被物理攻击后,直接就将这个处理器锁起来。 Rowhammer打破Intel的假设,在软件上构筑对DDR内存条的特殊访问,使处理器误以为自己被攻击了,然后drop&lock,导致拒绝服务攻击。 用这个方法就可...

Posted by Maxul's Sketch Notes on December 8, 2017

Shieldbox

题目: ShieldBox: Secure Middleboxes using Shielded Execution 作者: Bohdan Trach, Alfred Krohmer, Franz Gregor, Sergei Arnautov, Pramod Bhatotia, Christof Fetzer 单位: Technische Universitat Dresden and...

Posted by Maxul's Sketch Notes on December 5, 2017

Ccs 2017 论文选读

STACCO: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves The Ohio State University 在Enclave中实现的SSL/TLS,对这些工作进行攻击。 Side-channel Trace Analy...

Posted by Maxul's Sketch Notes on November 12, 2017

Sosp 2017 论文选读

2017年的SOSP大会在中国上海举办。 Hyperkernel: Push-Button Verification of an OS Kernel University of Washington 针对内核的形式化验证工作,三个关键思想:对内核接口进行限制,避免无限循环和递归;对内核和用户态地址空间分开分析,简化虚拟内存的分析;使用LLVM IR中间表示作为分析对象。 内核数...

Posted by Maxul's Sketch Notes on November 7, 2017

Controlled Channel Attacks

题目: Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems 作者: Yuanzhong Xu, Weidong Cui, Marcus Peinado 单位: The University of Texas at Austin and Microsoft Resea...

Posted by Maxul's Sketch Notes on August 14, 2017

Zerotrace

题目: ZeroTrace : Oblivious Memory Primitives from Intel SGX 作者: Sajin Sasy, Sergey Gorbunov, Christopher W. Fletcher 单位: University of Waterloo and Nvidia 出版: NDSS 2018 ORAM内存协议保证攻击者只能得知内存访问的频次,...

Posted by Maxul's Sketch Notes on August 12, 2017

Intel X86 Isa

题目: Hardware is the new software 作者: Andrew Baumann 单位: Microsoft Research 出版: HotOS 2017 综述 Intel的x86 ISA近年来增长速度飞快。 过去都是针对性能提升的,如针对数据处理的向量扩展、虚拟化支持等,最近都是针对安全考量的。 最早的x86指令共96条,包括分页/分段、16位模式、多任...

Posted by Maxul's Sketch Notes on August 8, 2017

Audacious

题目: AUDACIOUS: User-Driven Access Control with Unmodified Operating Systems 作者: Talia Ringer, Dan Grossman, Franziska Roesner 单位: University of Washington 出版: ACM Conference on Computer and Comm...

Posted by Maxul's Sketch Notes on July 31, 2017

Sgxcrypter

题目: SGXCrypter: IP protection for portable executables using Intel’s SGX technology 作者: Dimitrios Tychalas, Nektarios Georgios Tsoutsos, Michail Maniatakos 单位: New York University Abu Dhab & ...

Posted by Maxul's Sketch Notes on July 19, 2017

ABOUT ME

Time is all I have!

✉️ lmy2010lmy@gmail.com