{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,31]],"date-time":"2026-01-31T09:15:28Z","timestamp":1769850928074,"version":"3.49.0"},"publisher-location":"Cham","reference-count":49,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030783716","type":"print"},{"value":"9783030783723","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-78372-3_13","type":"book-chapter","created":{"date-parts":[[2021,6,8]],"date-time":"2021-06-08T19:04:11Z","timestamp":1623179051000},"page":"333-362","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["SnakeGX: A Sneaky Attack Against SGX\u00a0Enclaves"],"prefix":"10.1007","author":[{"given":"Flavio","family":"Toffalini","sequence":"first","affiliation":[]},{"given":"Mariano","family":"Graziano","sequence":"additional","affiliation":[]},{"given":"Mauro","family":"Conti","sequence":"additional","affiliation":[]},{"given":"Jianying","family":"Zhou","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,6,9]]},"reference":[{"key":"13_CR1","unstructured":"ROPgadget - gadgets finder and auto-roper. https:\/\/github.com\/JonathanSalwan\/ROPgadget (2011). Accessed Mar 2020"},{"key":"13_CR2","unstructured":"Intel\u00ae software guard extensions (intel\u00aesgx) - developer guide (2013). https:\/\/download.01.org\/intel-sgx\/linux-2.1.3\/docs\/Intel_SGX_Developer_Guide.pdf. Accessed June 2020"},{"key":"13_CR3","unstructured":"Intel\u00ae software guard extensions programming reference (2013). https:\/\/software.intel.com\/sites\/default\/files\/managed\/48\/88\/329298-002.pdf. Accessed June 2020"},{"key":"13_CR4","unstructured":"Thoughts on intel\u2019s upcoming software guard extensions (part 1) (2013). http:\/\/theinvisiblethings.blogspot.com\/2013\/08\/thoughts-on-intels-upcoming-software.html. Accessed Nov 2018"},{"key":"13_CR5","unstructured":"Thoughts on intel\u2019s upcoming software guard extensions (part 2) (2013). http:\/\/theinvisiblethings.blogspot.com\/2013\/09\/thoughts-on-intels-upcoming-software.html. Accessed Nov 2018"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Technology preview: private contact discovery for signal (2017). https:\/\/signal.org\/blog\/private-contact-discovery\/. Accessed Nov 2018","DOI":"10.1515\/popets-2018-0037"},{"key":"13_CR7","unstructured":"Intel architecture instruction set extensions programming reference (2018). https:\/\/software.intel.com\/sites\/default\/files\/managed\/b4\/3a\/319433-024.pdf?_ga=1.118002441.1853754838.1418826886. Accessed Nov 2018"},{"key":"13_CR8","unstructured":"SGX-Tor (2018). https:\/\/github.com\/kaist-ina\/SGX-Tor. Accessed Nov 2018"},{"key":"13_CR9","unstructured":"Awesome SGX open source projects (2019). https:\/\/github.com\/Maxul\/Awesome-SGX-Open-Source. Accessed June 2020"},{"key":"13_CR10","unstructured":"Arnautov, S., et al.: SCONE: secure linux containers with intel SGX. In: 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016), pp. 689\u2013703. USENIX Association, Savannah (2016). https:\/\/www.usenix.org\/conference\/osdi16\/technical-sessions\/presentation\/arnautov"},{"issue":"3","key":"13_CR11","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1145\/2799647","volume":"33","author":"A Baumann","year":"2015","unstructured":"Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with haven. ACM Trans. Comput. Syst. (TOCS) 33(3), 8 (2015)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"13_CR12","unstructured":"Biondo, A., Conti, M., Davi, L., Frassetto, T., Sadeghi, A.R.: The guard\u2019s dilemma: efficient code-reuse attacks against intel SGX. In: Proceedings of 27th USENIX Security Symposium (2018)"},{"key":"13_CR13","unstructured":"Bletsch, T.: Code-reuse attacks: new Frontiers and defenses. Ph.D. thesis (2011). aAI3463747"},{"key":"13_CR14","unstructured":"Bulck, J.V., et al.: Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 991\u20131008. USENIX Association, Baltimore, August 2018. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/bulck"},{"key":"13_CR15","doi-asserted-by":"publisher","unstructured":"Checkoway, S., Shacham, H.: Iago attacks: why the system call API is a bad untrusted RPC interface. SIGARCH Comput. Archit. News 41(1), 253\u2013264 (2013). https:\/\/doi.org\/10.1145\/2490301.2451145. http:\/\/doi.acm.org\/10.1145\/2490301.2451145","DOI":"10.1145\/2490301.2451145"},{"key":"13_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1007\/978-3-642-17650-0_24","volume-title":"Information and Communications Security","author":"P Chen","year":"2010","unstructured":"Chen, P., Xing, X., Mao, B., Xie, L.: Return-oriented rootkit without returns (on the x86). In: Soriano, M., Qing, S., L\u00f3pez, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 340\u2013354. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17650-0_24"},{"key":"13_CR17","unstructured":"Cloosters, T., Rodler, M., Davi, L.: TeeRex: discovery and exploitation of memory corruption vulnerabilities in SGX enclaves. In: 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, Boston, August 2020. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/cloosters"},{"key":"13_CR18","unstructured":"Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptology ePrint Archive 2016, 86 (2016)"},{"key":"13_CR19","unstructured":"Davenport, S., Ford, R.: SGX: the good, the bad and the downright ugly. Virus Bulletin, p. 14 (2014)"},{"key":"13_CR20","volume-title":"Practical PostgreSQL","author":"JD Drake","year":"2002","unstructured":"Drake, J.D., Worsley, J.C.: Practical PostgreSQL. O\u2019Reilly Media Inc., Sebastopol (2002)"},{"key":"13_CR21","unstructured":"Google: Asylo (2018). https:\/\/github.com\/google\/asylo. Accessed Mar 2020"},{"key":"13_CR22","doi-asserted-by":"publisher","unstructured":"Graziano, M., Balzarotti, D., Zidouemba, A.: ROPMEMU: a framework for the analysis of complex code-reuse attacks. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 47\u201358. ACM, New York (2016). https:\/\/doi.org\/10.1145\/2897845.2897894. http:\/\/doi.acm.org\/10.1145\/2897845.2897894","DOI":"10.1145\/2897845.2897894"},{"key":"13_CR23","unstructured":"H\u00e4hnel, M., Cui, W., Peinado, M.: High-resolution side channels for untrusted operating systems. In: 2017 USENIX Annual Technical Conference (USENIX ATC 2017), pp. 299\u2013312. USENIX Association, Santa Clara (2017). https:\/\/www.usenix.org\/conference\/atc17\/technical-sessions\/presentation\/hahnel"},{"key":"13_CR24","unstructured":"Hund, R., Holz, T., Freiling, F.C.: Return-oriented rootkits: bypassing kernel code integrity protection mechanisms. In: USENIX Security Symposium, pp. 383\u2013398 (2009)"},{"key":"13_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1007\/978-3-319-26362-5_9","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"T Kittel","year":"2015","unstructured":"Kittel, T., Vogl, S., Kirsch, J., Eckert, C.: Counteracting data-only malware with code pointer examination. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 177\u2013197. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26362-5_9"},{"key":"13_CR26","doi-asserted-by":"publisher","unstructured":"Kuvaiskii, D., et al.: SGXBOUNDS: memory safety for shielded execution. In: Proceedings of the Twelfth European Conference on Computer Systems, EuroSys 2017, pp. 205\u2013221. ACM, New York (2017). https:\/\/doi.org\/10.1145\/3064176.3064192. http:\/\/doi.acm.org\/10.1145\/3064176.3064192","DOI":"10.1145\/3064176.3064192"},{"key":"13_CR27","unstructured":"Lee, J., et al.: Hacking in darkness: return-oriented programming against secure enclaves. In: USENIX Security, pp. 523\u2013539 (2017)"},{"key":"13_CR28","unstructured":"Microsoft: Open enclave SDK (2019). https:\/\/openenclave.io\/sdk\/. Accessed Mar 2020"},{"key":"13_CR29","doi-asserted-by":"crossref","unstructured":"Murdock, K., Oswald, D., Garcia, F.D., Van Bulck, J., Gruss, D., Piessens, F.: Plundervolt: software-based fault injection attacks against intel SGX. In: Proceedings of the 41st IEEE Symposium on Security and Privacy (S&P 2020) (2020)","DOI":"10.1109\/SP40000.2020.00057"},{"key":"13_CR30","doi-asserted-by":"publisher","unstructured":"Nguyen, H., Ganapathy, V.: EnGarde: mutually-trusted inspection of SGX enclaves. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2458\u20132465, June 2017. https:\/\/doi.org\/10.1109\/ICDCS.2017.35","DOI":"10.1109\/ICDCS.2017.35"},{"key":"13_CR31","unstructured":"Oleksenko, O., Trach, B., Krahn, R., Silberstein, M., Fetzer, C.: Varys: protecting SGX enclaves from practical side-channel attacks. In: 2018 USENIX Annual Technical Conference (USENIX ATC 2018), pp. 227\u2013240. USENIX Association, Boston (2018). https:\/\/www.usenix.org\/conference\/atc18\/presentation\/oleksenko"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Polychronakis, M., Keromytis, A.D.: ROP payload detection using speculative code execution. In: 2011 6th International Conference on Malicious and Unwanted Software, pp. 58\u201365. IEEE (2011)","DOI":"10.1109\/MALWARE.2011.6112327"},{"key":"13_CR33","unstructured":"van Prooijen, J.: The design of malware on modern hardware. Technical report (2016)"},{"key":"13_CR34","unstructured":"Rozas, C.: Intel\u00ae software guard extensions (Intel\u00ae SGX) (2013)"},{"key":"13_CR35","doi-asserted-by":"crossref","unstructured":"Schuster, F., et al: VC3: trustworthy data analytics in the cloud using SGX. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 38\u201354. IEEE (2015)","DOI":"10.1109\/SP.2015.10"},{"key":"13_CR36","unstructured":"Schwarz, M., Lipp, M.: When good turns evil: Using intel SGX to stealthily steal bitcoins. Black Hat Asia (2018)"},{"key":"13_CR37","unstructured":"Schwarz, M., Weiser, S., Gruss, D.: Practical enclave malware with intel SGX. CoRR abs\/1902.03256 (2019). http:\/\/arxiv.org\/abs\/1902.03256"},{"key":"13_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-60876-1_1","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"M Schwarz","year":"2017","unstructured":"Schwarz, M., Weiser, S., Gruss, D., Maurice, C., Mangard, S.: Malware guard extension: using SGX to conceal cache attacks. In: Polychronakis, M., Meier, M. (eds.) DIMVA 2017. LNCS, vol. 10327, pp. 3\u201324. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-60876-1_1"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Seo, J., et al.: SGX-shield: enabling address space layout randomization for SGX programs. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23037"},{"key":"13_CR40","doi-asserted-by":"publisher","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552\u2013561, CCS 2007. ACM, New York (2007). https:\/\/doi.org\/10.1145\/1315245.1315313. http:\/\/doi.acm.org\/10.1145\/1315245.1315313","DOI":"10.1145\/1315245.1315313"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Shih, M.W., Lee, S., Kim, T., Peinado, M.: T-SGX: eradicating controlled-channel attacks against enclave programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017)","DOI":"10.14722\/ndss.2017.23193"},{"key":"13_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-642-41284-4_4","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"B Stancill","year":"2013","unstructured":"Stancill, B., Snow, K.Z., Otterness, N., Monrose, F., Davi, L., Sadeghi, A.-R.: Check my profile: leveraging static analysis for fast and accurate detection of ROP gadgets. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 62\u201381. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-41284-4_4"},{"key":"13_CR43","unstructured":"Che Tsai, C., Porter, D.E., Vij, M.: Graphene-SGX: a practical library OS for unmodified applications on SGX. In: 2017 USENIX Annual Technical Conference (USENIX ATC 2017), pp. 645\u2013658. USENIX Association, Santa Clara (2017). https:\/\/www.usenix.org\/conference\/atc17\/technical-sessions\/presentation\/tsai"},{"key":"13_CR44","doi-asserted-by":"crossref","unstructured":"Van Bulck, J., Oswald, D., Marin, E., Aldoseri, A., Garcia, F.D., Piessens, F.: A tale of two worlds: assessing the vulnerability of enclave shielding runtimes. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1741\u20131758. ACM (2019)","DOI":"10.1145\/3319535.3363206"},{"key":"13_CR45","doi-asserted-by":"crossref","unstructured":"Vinayagamurthy, D., Gribov, A., Gorbunov, S.: StealthDB: a scalable encrypted database with full SQL query support. In: Proceedings on Privacy Enhancing Technologies 2019(3) (2019)","DOI":"10.2478\/popets-2019-0052"},{"key":"13_CR46","doi-asserted-by":"crossref","unstructured":"Vogl, S., Pfoh, J., Kittel, T., Eckert, C.: Persistent data-only malware: function hooks without code. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23019"},{"key":"13_CR47","doi-asserted-by":"crossref","unstructured":"Wang, H., et al.: Towards memory safe enclave programming with rust-SGX. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2333\u20132350. ACM (2019)","DOI":"10.1145\/3319535.3354241"},{"key":"13_CR48","unstructured":"Weiser, S., Mayr, L., Schwarz, M., Gruss, D.: SGXJail: defeating enclave malware via confinement. In: 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019), pp. 353\u2013366. USENIX Association, Chaoyang District, Beijing, September 2019. https:\/\/www.usenix.org\/conference\/raid2019\/presentation\/weiser"},{"key":"13_CR49","unstructured":"yerzhan7: Sgx\\_sqlite. https:\/\/github.com\/yerzhan7\/SGX_SQLite. Accessed Jan 2019"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-78372-3_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,7]],"date-time":"2024-03-07T14:30:27Z","timestamp":1709821827000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-78372-3_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030783716","9783030783723"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-78372-3_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"9 June 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACNS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Cryptography and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kamakura","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 June 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acns2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"186","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"37","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.89","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7.81","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Due to the COVID-19 pandemic the conference took place virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}