Pagoda: Towards Binary Code Privacy Protection with SGX-based Execute-Only Memory

Jiyong Yu, Xinyang Ge, Trent Jaeger, Christopher W. Fletcher, Weidong Cui

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Code disclosure remains a huge threat to the intellectual property (IP) of any software that is deployed in a remote, untrusted environment. In this threat model, attackers have complete control over the software stack, so software-only solutions for preventing code disclosure have been doomed to fail. A natural alternative is to employ trusted hardware, e.g., an enclave-based architecture such as Intel SGX. However, existing SGX frameworks assume the target application is in the trusted computing base, i.e., free of vulnerabilities which can be exploited to leak code. Making matters worse, simply porting to an enclave-based paradigm is impractical for enterprise-scale applications, incurring large performance overheads and compatibility issues.In this paper, we take a first step towards building a practical, SGX-based code privacy enforcement framework called Pagoda that supports unmodified applications with minimal performance overhead. The key insight of Pagoda is that placing only application code within the enclave prevents arbitrary code accesses, and at the same time avoids the usual performance and compatibility issues stemming from protecting data within enclaves. Pagoda achieves code privacy throughout the application's lifetime, by loading and decrypting encrypted binaries into the enclave, and enforcing eXecute-Only-Memory (XOM) to block arbitrary accesses to the private code during its execution.We have built a prototype of Pagoda for Linux-based systems on Intel SGX. The performance evaluation on SPEC CPU2017 benchmarks shows that Pagoda incurs an average of 2.1% performance overhead when compared to native runs. To demonstrate its compatibility, we show that Pagoda can run a wide range of applications, from common server applications such as Lighttpd and Memcached, to complicated graphical applications such as Quake without any source code modification.

Original languageEnglish (US)
Title of host publicationProceedings - 2022 IEEE International Symposium on Secure and Private Execution Environment Design, SEED 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages133-144
Number of pages12
ISBN (Electronic)9781665485265
DOIs
StatePublished - 2022
Event2022 IEEE International Symposium on Secure and Private Execution Environment Design, SEED 2022 - Storrs, United States
Duration: Sep 26 2022Sep 27 2022

Publication series

NameProceedings - 2022 IEEE International Symposium on Secure and Private Execution Environment Design, SEED 2022

Conference

Conference2022 IEEE International Symposium on Secure and Private Execution Environment Design, SEED 2022
Country/TerritoryUnited States
CityStorrs
Period9/26/229/27/22

Keywords

  • Code privacy
  • Execute Only Memory
  • Intel SGX

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Pagoda: Towards Binary Code Privacy Protection with SGX-based Execute-Only Memory'. Together they form a unique fingerprint.

Cite this