{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T10:21:11Z","timestamp":1740133271342,"version":"3.37.3"},"reference-count":71,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"6","license":[{"start":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T00:00:00Z","timestamp":1606780800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T00:00:00Z","timestamp":1606780800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,12,1]],"date-time":"2020-12-01T00:00:00Z","timestamp":1606780800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Institute of Civil Military Technology Cooperation Center","award":["18-CM-SW-09"],"award-info":[{"award-number":["18-CM-SW-09"]}]},{"DOI":"10.13039\/501100003725","name":"National Research Foundation of Korea","doi-asserted-by":"publisher","award":["NRF-2019-Global Ph.D. Fellowship Program"],"award-info":[{"award-number":["NRF-2019-Global Ph.D. Fellowship Program"]}],"id":[{"id":"10.13039\/501100003725","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE\/ACM Trans. Networking"],"published-print":{"date-parts":[[2020,12]]},"DOI":"10.1109\/tnet.2020.3016785","type":"journal-article","created":{"date-parts":[[2020,8,24]],"date-time":"2020-08-24T20:43:00Z","timestamp":1598301780000},"page":"2727-2740","source":"Crossref","is-referenced-by-count":14,"title":["A Secure Middlebox Framework for Enabling Visibility Over Multiple Encryption Protocols"],"prefix":"10.1109","volume":"28","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5522-2722","authenticated-orcid":false,"given":"Juhyeng","family":"Han","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8183-0641","authenticated-orcid":false,"given":"Seongmin","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daeyang","family":"Cho","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Byungkwon","family":"Choi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jaehyeong","family":"Ha","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6922-7244","authenticated-orcid":false,"given":"Dongsu","family":"Han","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref71","first-page":"283","article-title":"Opaque: An oblivious and encrypted distributed analytics platform","author":"zheng","year":"2017","journal-title":"Proc 14th USENIX Symp Netw Syst Design Implement (NSDI)"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2694844"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2018.8485861"},{"key":"ref38","first-page":"16","article-title":"Inferring fine-grained control flow inside SGX enclaves with branch shadowing","author":"lee","year":"2017","journal-title":"Proc Usenix Secur Symp"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2013.05.003"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/354871.354874"},{"key":"ref31","first-page":"7","article-title":"A first step towards leveraging commodity trusted execution environments for network applications","author":"kim","year":"2015","journal-title":"Proc The 10th ACM Workshop on Hot Topics in Networks (Hotnets)"},{"key":"ref30","first-page":"145","article-title":"Enhancing security and privacy of Tor’s ecosystem by using trusted execution environments","author":"kim","year":"2017","journal-title":"Proc 14th USENIX Symp Netw Syst Design Implement (NSDI)"},{"key":"ref37","first-page":"523","article-title":"Hacking in darkness: Return-oriented programming against secure enclaves","author":"lee","year":"2017","journal-title":"Proc Usenix Secur Symp"},{"key":"ref36","first-page":"255","article-title":"Embark: Securely outsourcing middleboxes to the cloud","author":"lan","year":"2016","journal-title":"Proc USENIX Symp Netw Syst Design Implem (NSDI)"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064192"},{"key":"ref34","article-title":"Snort intrusion detection system with intel software guard extension (Intel SGX)","author":"kuvaiskii","year":"2018","journal-title":"arXiv 1802 00508"},{"journal-title":"Snort Intrusion detection system","year":"2020","key":"ref60"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(05)70254-2"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2017.1700714"},{"key":"ref63","article-title":"Slick: Secure middleboxes using shielded execution","author":"trach","year":"2017","journal-title":"arXiv 1709 04226"},{"key":"ref27","first-page":"489","article-title":"mTCP: A highly scalable user-level TCP stack for multicore systems","author":"jeong","year":"2014","journal-title":"Proc 11th USENIX Symp Netw Syst Design Implement (NSDI)"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/3185467.3185469"},{"key":"ref65","first-page":"645","article-title":"Graphene-SGX: A practical library OS for unmodified applications on SGX","author":"tsai","year":"2017","journal-title":"Proc USENIX Annu Tech Conf (ATC)"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378486"},{"key":"ref66","first-page":"1041","article-title":"Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution","author":"bulck","year":"2017","journal-title":"Proc Usenix Secur Symp"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_22"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1145\/3079856.3080208"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"},{"key":"ref2","first-page":"1","article-title":"Innovative technology for CPU based attestation and sealing","author":"anati","year":"2013","journal-title":"Proc HASP"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2496624"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3106989.3106994"},{"key":"ref22","first-page":"533","article-title":"Ryoan: A distributed sandbox for untrusted computation on secret data","author":"hunt","year":"2016","journal-title":"Proc USENIX Symp on Operating System Design and Implementation"},{"journal-title":"HTTPS vs VPN Makes No Sense","year":"2020","key":"ref21"},{"journal-title":"Intel software guard extensions for Linux OS","year":"2019","key":"ref24"},{"journal-title":"Intel data plane development kit (dpdk)","year":"2020","key":"ref23"},{"key":"ref26","first-page":"113","article-title":"mOS: A reusable networking stack for flow monitoring middleboxes","author":"jamshed","year":"2017","journal-title":"Proc 14th USENIX Symp Netw Syst Design Implement (NSDI)"},{"journal-title":"Intel software guard extensions SSL","year":"2019","key":"ref25"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"journal-title":"The perl compatible regular expression library","year":"2019","key":"ref51"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23193"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/2876019.2876032"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/2785956.2787502"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23037"},{"journal-title":"Rust SGX SDK","year":"2019","key":"ref55"},{"journal-title":"Rust-Openssl","year":"2019","key":"ref54"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2011.01.003"},{"key":"ref52","first-page":"201","article-title":"SafeBricks: Securing network functions in the cloud","author":"poddar","year":"2018","journal-title":"Proc USENIX Symp Netw Syst Design Implem (NSDI)"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/3040992.3040994"},{"key":"ref40","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1145\/2663171.2663188","article-title":"The rust language","volume":"34","author":"matsakis","year":"2014","journal-title":"Proc ACM SIGAda Annu Conf High Integrity Lang Technol"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3339814"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"journal-title":"ET Pro Ruleset","year":"2019","key":"ref13"},{"key":"ref14","volume":"19","author":"firasta","year":"2008","journal-title":"Intel AVX New Frontiers In Performance Improvements and Energy Efficiency"},{"key":"ref15","doi-asserted-by":"crossref","first-page":"357","DOI":"10.1007\/978-3-319-66332-6_16","article-title":"SGX-LAPD: Thwarting controlled side channel attacks via enclave verifiable page faults","author":"fu","year":"2017","journal-title":"Proc Int Symp Res Attacks Intrusions Defenses"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/FiCloud.2016.20"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/1536414.1536440"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00048"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3065913.3065915"},{"key":"ref4","article-title":"TaLoS: Secure and transparent TLS termination inside SGX enclaves","volume":"5","author":"aublin","year":"2017"},{"key":"ref3","first-page":"1","article-title":"SCONE: Secure Linux containers with intel SGX","author":"arnautov","year":"2016","journal-title":"Proc OSDI"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SEC.2016.15"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.11"},{"key":"ref8","first-page":"551","article-title":"DFC: Accelerating string pattern matching for network applications","author":"choi","year":"2016","journal-title":"Proc USENIX Symp Netw Syst Design Implem (NSDI)"},{"key":"ref49","first-page":"203","article-title":"NetBricks: Taking the V out of NFV","author":"panda","year":"2016","journal-title":"Proc of USENIX Symp on Operating Systems Design and Implementation (OSDI)"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053007"},{"journal-title":"Cisco ASA 5585-X Stateful Firewall Data Sheet","year":"2019","key":"ref9"},{"journal-title":"Nested Tunnels","year":"2020","key":"ref46"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/2785956.2787482"},{"journal-title":"OpenVPN-2 4 3","year":"2019","key":"ref48"},{"journal-title":"OpenSSL-1 0 2l","year":"2019","key":"ref47"},{"journal-title":"Modsecurity","year":"2020","key":"ref42"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/3143361.3143383"},{"key":"ref43","article-title":"CacheZoom: How SGX amplifies the power of cache attacks","author":"moghimi","year":"2017","journal-title":"arXiv 1703 06986"}],"container-title":["IEEE\/ACM Transactions on Networking"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/90\/9295473\/09174843.pdf?arnumber=9174843","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,6]],"date-time":"2023-10-06T06:58:54Z","timestamp":1696575534000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9174843\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12]]},"references-count":71,"journal-issue":{"issue":"6"},"URL":"https:\/\/doi.org\/10.1109\/tnet.2020.3016785","relation":{},"ISSN":["1063-6692","1558-2566"],"issn-type":[{"type":"print","value":"1063-6692"},{"type":"electronic","value":"1558-2566"}],"subject":[],"published":{"date-parts":[[2020,12]]}}}