-
Heckler: Breaking Confidential VMs with Malicious Interrupts
Authors:
Benedict Schlüter,
Supraja Sridhara,
Mark Kuhne,
Andrin Bertschi,
Shweta Shinde
Abstract:
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and are now available on popular cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, in…
▽ More
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and are now available on popular cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, including interrupts. We present Heckler, a new attack wherein the hypervisor injects malicious non-timer interrupts to break the confidentiality and integrity of CVMs. Our insight is to use the interrupt handlers that have global effects, such that we can manipulate a CVM's register states to change the data and control flow. With AMD SEV-SNP and Intel TDX, we demonstrate Heckler on OpenSSH and sudo to bypass authentication. On AMD SEV-SNP we break execution integrity of C, Java, and Julia applications that perform statistical and text analysis. We explain the gaps in current defenses and outline guidelines for future defenses.
△ Less
Submitted 4 April, 2024;
originally announced April 2024.
-
ACAI: Protecting Accelerator Execution with Arm Confidential Computing Architecture
Authors:
Supraja Sridhara,
Andrin Bertschi,
Benedict Schlüter,
Mark Kuhne,
Fabio Aliberti,
Shweta Shinde
Abstract:
Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that CCA offers the right abstraction a…
▽ More
Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that tenants cannot securely use accelerators such as GPUs and FPGAs. In this paper, we reconsider the Arm Confidential Computing Architecture (CCA) design, an upcoming TEE feature in Armv9-A, to address this gap. We observe that CCA offers the right abstraction and mechanisms to allow confidential VMs to use accelerators as a first-class abstraction. We build ACAI, a CCA-based solution, with a principled approach of extending CCA security invariants to device-side access to address several critical security gaps. Our experimental results on GPU and FPGA demonstrate the feasibility of ACAI while maintaining security guarantees.
△ Less
Submitted 25 October, 2023; v1 submitted 25 May, 2023;
originally announced May 2023.
-
It's TEEtime: A New Architecture Bringing Sovereignty to Smartphones
Authors:
Friederike Groschupp,
Mark Kuhne,
Moritz Schneider,
Ivan Puddu,
Shweta Shinde,
Srdjan Capkun
Abstract:
Modern smartphones are complex systems in which control over phone resources is exercised by phone manufacturers, OS vendors, and users. These stakeholders have diverse and often competing interests. Barring some exceptions, users entrust their security and privacy to OS vendors (Android and iOS) and need to accept their constraints. Manufacturers protect their firmware and peripherals from the OS…
▽ More
Modern smartphones are complex systems in which control over phone resources is exercised by phone manufacturers, OS vendors, and users. These stakeholders have diverse and often competing interests. Barring some exceptions, users entrust their security and privacy to OS vendors (Android and iOS) and need to accept their constraints. Manufacturers protect their firmware and peripherals from the OS by executing in the highest privilege and leveraging dedicated CPUs and TEEs. OS vendors need to trust the highest privileged code deployed by manufacturers. This division of control over the phone is not ideal for OS vendors and is even more disadvantageous for the users. Users are generally limited in what applications they can install on their devices, in the privacy model and trust assumptions of the existing applications, and in the functionalities that applications can have.
We propose TEEtime, a new smartphone architecture based on trusted execution allowing to balance the control different stakeholders exert over phones. More leveled control over the phone means that no stakeholder is more privileged than the others. In particular, TEEtime makes users sovereign over their phones: It enables them to install sensitive applications in isolated domains with protected access to selected peripherals alongside an OS. TEEtime achieves this while maintaining compatibility with the existing smartphone ecosystem and without relying on virtualization; it only assumes trust in a phone's firmware. TEEtime is the first TEE architecture that allows isolated execution domains to gain protected and direct access to peripherals. TEEtime is based on Armv8-A and achieves peripheral isolation using a novel mechanism based on memory and interrupt controller protection. We demonstrate the feasibility of our design by implementing a prototype of TEEtime, and by running exemplary sensitive applications.
△ Less
Submitted 28 June, 2023; v1 submitted 9 November, 2022;
originally announced November 2022.
-
WestDrive X LoopAR: An open-access virtual reality project in Unity for evaluating user interaction methods during TOR
Authors:
Farbod N. Nezami,
Maximilian A. Wächter,
Nora Maleki,
Philipp Spaniol,
Lea M. Kühne,
Anke Haas,
Johannes M. **el,
Linus Tiemann,
Frederik Nienhaus,
Lynn Keller,
Sabine König,
Peter König,
Gordon Pipa
Abstract:
With the further development of highly automated vehicles, drivers will engage in non-related tasks while being driven. Still, drivers have to take over control when requested by the car. Here the question arises, how potentially distracted drivers get back into the control-loop quickly and safely when the car requests a takeover. To investigate effective human-machine interactions in mobile, vers…
▽ More
With the further development of highly automated vehicles, drivers will engage in non-related tasks while being driven. Still, drivers have to take over control when requested by the car. Here the question arises, how potentially distracted drivers get back into the control-loop quickly and safely when the car requests a takeover. To investigate effective human-machine interactions in mobile, versatile, and cost-efficient setup is needed. We developed a virtual reality toolkit for the Unity 3D game engine containing all necessary code and assets to enable fast adaptations to various human-machine interaction experiments, including close monitoring of the subject. The presented project contains all needed functionalities for realistic traffic behavior, cars, and pedestrians, as well as a large, open-source, scriptable, and modular VR environment. It covers roughly 25 square km, a package of 125 animated pedestrians and numerous vehicles, including motorbikes, trucks, and cars. It also contains all needed nature assets to make it both highly dynamic and realistic. The presented repository contains a C++ library made for LoopAR that enables force feedback for gaming steering wheels as a fully supported component. It also includes All necessary scripts for eye-tracking in the used devices. All main functions are integrated into the graphical user interface of the Unity Editor or are available as prefab variants to ease the use of the embedded functionalities. The primary purpose of this project is to serve as open access, cost-efficient toolkit that enables interested researchers to conduct realistic virtual reality research studies without costly and immobile simulators.
△ Less
Submitted 22 December, 2020;
originally announced December 2020.
-
Constructing a Highlight Classifier with an Attention Based LSTM Neural Network
Authors:
Michael Kuehne,
Marius Radu
Abstract:
Data is being produced in larger quantities than ever before in human history. It's only natural to expect a rise in demand for technology that aids humans in sifting through and analyzing this inexhaustible supply of information. This need exists in the market research industry, where large amounts of consumer research data is collected through video recordings. At present, the standard method fo…
▽ More
Data is being produced in larger quantities than ever before in human history. It's only natural to expect a rise in demand for technology that aids humans in sifting through and analyzing this inexhaustible supply of information. This need exists in the market research industry, where large amounts of consumer research data is collected through video recordings. At present, the standard method for analyzing video data is human labor. Market researchers manually review the vast majority of consumer research video in order to identify relevant portions - highlights. The industry state of the art turnaround ratio is 2.2 - for every hour of video content 2.2 hours of manpower are required. In this study we present a novel approach for NLP-based highlight identification and extraction based on a supervised learning model that aides market researchers in sifting through their data. Our approach hinges on a manually curated user-generated highlight clips constructed from long and short-form video data. The problem is best suited for an NLP approach due to the availability of video transcription. We evaluate multiple classes of models, from gradient boosting to recurrent neural networks, comparing their performance in extraction and identification of highlights. The best performing models are then evaluated using four sampling methods designed to analyze documents much larger than the maximum input length of the classifiers. We report very high performances for the standalone classifiers, ROC AUC scores in the range 0.93-0.94, but observe a significant drop in effectiveness when evaluated on large documents. Based on our results we suggest combinations of models/sampling algorithms for various use cases.
△ Less
Submitted 12 February, 2020;
originally announced February 2020.
-
On the Communication of Scientific Results: The Full-Metadata Format
Authors:
Moritz Riede,
Rico Schueppel,
Kristian O. Sylvester-Hvid,
Martin Kuehne,
Michael C. Roettger,
Klaus Zimmermann,
Andreas W. Liehr
Abstract:
In this paper, we introduce a scientific format for text-based data files, which facilitates storing and communicating tabular data sets. The so-called Full-Metadata Format builds on the widely used INI-standard and is based on four principles: readable self-documentation, flexible structure, fail-safe compatibility, and searchability. As a consequence, all metadata required to interpret the tab…
▽ More
In this paper, we introduce a scientific format for text-based data files, which facilitates storing and communicating tabular data sets. The so-called Full-Metadata Format builds on the widely used INI-standard and is based on four principles: readable self-documentation, flexible structure, fail-safe compatibility, and searchability. As a consequence, all metadata required to interpret the tabular data are stored in the same file, allowing for the automated generation of publication-ready tables and graphs and the semantic searchability of data file collections. The Full-Metadata Format is introduced on the basis of three comprehensive examples. The complete format and syntax is given in the appendix.
△ Less
Submitted 8 April, 2009;
originally announced April 2009.