Learn More
New hardware primitives such as Intel SGX have emerged which secure a user-level process in presence of an untrusted OS. Such "enclaved execution" systems are vulnerable to several side-channels, one of which is the page fault channel. In this paper, we study the cryptographic routines from OpenSSL and Libgcrypt and measure the channel capacity in the(More)
New hardware primitives such as Intel SGX secure a user-level process in presence of an untrusted or compromised OS. Such "enclaved execution" systems are vulnerable to several side-channels, one of which is the page fault channel. In this paper, we show that the page fault side-channel has sufficient channel capacity to extract bits of encryption keys from(More)
Model counting is the problem of determining the number of solutions that satisfy a given set of constraints. Model counting has numerous applications in the quantitative analyses of program execution time, information flow, combinatorial circuit designs as well as probabilistic reasoning. We present a new approach to model counting for structured data(More)
As control-flow hijacking defenses gain adoption, it is important to understand the remaining capabilities of adversaries via memory exploits. Non-control data exploits are used to mount information leakage attacks or privilege escalation attacks program memory. Compared to control-flow hijacking attacks, such non-control data exploits have limited(More)
Web servers are vulnerable to a large class of attacks which can allow network attacker to steal sensitive web content. In this work, we investigate the feasibility of a web server architecture, wherein the vulnerable server VM runs on a trusted cloud. All sensitive web content is made available to the vulnerable server VM in encrypted form, thereby(More)
—Secure execution of applications on untrusted operating systems is a fundamental security primitive that has been challenging to achieve. In this paper, we propose a new architecture feature called PODARCH, which makes it easy to import executables on an OS without risking the target system's security or the execution of the imported application. PODARCH(More)
DOM-based cross-site scripting (XSS) is a client-side code injection vulnerability that results from unsafe dynamic code generation in JavaScript applications, and has few known practical defenses. We study dynamic code evaluation practices on nearly a quarter million URLs crawled starting from the the Alexa Top 1000 websites. Of 777,082 cases of dynamic(More)
—Secure execution of applications on untrusted operating systems is a fundamental security primitive that has been challenging to achieve. In this work, we propose a new architecture feature called PODARCH, which makes it easy to import executables on an OS without risking the target system's security or the execution of the imported application. PODARCH is(More)
DOM-based cross-site scripting (XSS) is a client-side vulnerability that pervades JavaScript applications on the web, and has few known practical defenses. In this paper, we introduce DEXTERJS, a testing platform for detecting and validating DOM-based XSS vulnerabilities on web applications. DEXTERJS leverages source-to source rewriting to carry out(More)
—Intel SGX, a new security capability in emerging CPUs, allows user-level application code to execute in hardware-isolated enclaves. Enclave memory is isolated from all other software on the system, even from the privileged OS or hypervi-sor. While being a promising hardware-rooted building block, enclaves have severely limited capabilities, such as no(More)