CS2850, IY2840, IY2760. Systems programming (C/C++, assembly basics)
A fundamental security problem when hosting applications on cloud platforms is the increased risk of sensitive data loss (e.g. due to negligent or malicious employees of the cloud provider). An exciting approach to mitigating such attacks are new trusted execution environments (e.g. Intel SGX), recently available on commodity CPUs. Intel SGX allows users to create secure enclaves on remote cloud computers, such that enclave code and data is protected from an underlying malicious operating system or hypervisor, and also from physical attacks. Demand for these powerful security guarantees is evident from the rapid emergence of commercial SGX offerings in major cloud providers (e.g. Microsoft Azure Confidential Computing).
Despite their potential benefits, Intel SGX enclaves have a dark side. In
particular, they raise the possibility of a new class of powerful malware
that execute within enclaves, invisible to existing signature-based anti-virus tools. Indeed, recent work has shown how an SGX-based ransomware could potentially obviate existing ransomware recovery tools by hiding its encryption keys inside an enclave.
In this project, you will implement and evaluate a realistic SGX malware
attack. In addition, you will investigate potential mitigation techniques,
either at the operating system level or using compiler instrumentation.
The project will be suited to a student excited to learn about state-of-the-art malware techniques in addition to operating system and application security concepts.
You should be a capable programmer and familiar with basic operating systems and computer architecture concepts. I will teach you any additional theory required, and you will build on an existing proof-of-concept SGX malware. The aim would be for the project to lead to a paper in an international conference. If successful, you would be a co-author on the paper. The project would also provide an excellent introduction to some of the material in some 3rd year courses (e.g. IY3840).