SMILE: Secure memory introspection for live enclave

Author

Lei ZHOU
Xuhua DING, Singapore Management UniversityFollow
ZHANG Fengwei

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

5-2022

Abstract

SGX enclaves prevent external software from accessing their memory. This feature conflicts with legitimate needs for enclave memory introspection, e.g., runtime stack collection on an enclave under a return-oriented-programming attack. We propose SMILE for enclave owners to acquire live enclave contents with the assistance of a semi-trusted agent installed by the host platform’s vendor as a plug-in of the System Management Interrupt handler. SMILE authenticates the enclave under introspection without trusting the kernel nor depending on the SGX attestation facility. SMILE is enclave security preserving as breaking of SMILE does not undermine enclave security. It allows a cloud server to provide the enclave introspection service. We have implemented a SMILE prototype and run various experiments to read enclave code, heap, stack and SSA frames. The total cost for introspecting one page is less than 300 microseconds.

Keywords

Data privacy, Runtime, Protocols, Prototypes, Software, Hardware, Encryption

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Proceedings of IEEE Symposium on Security and Privacy

Identifier

10.1109/SP46214.2022.9833714

Publisher

IEEE

City or Country

USA

Citation

ZHOU, Lei; DING, Xuhua; and ZHANG Fengwei. SMILE: Secure memory introspection for live enclave. (2022). Proceedings of IEEE Symposium on Security and Privacy.
Available at: https://ink.library.smu.edu.sg/sis_research/7619

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

http://doi.org/10.1109/SP46214.2022.9833714