S-TSG: Description Model of Transient Execution Attacks in Intel SGX
摘要
Intel Software Guard Extensions (SGX) protect sensitive content of applications on the cloud platform by creating an isolated environment on an untrusted operating system. However, resent works have shown that the SGX is vulnerable to a variety of transient execution attacks. Unfortunately, there is a lack of a systematic approach to describing transient execution attacks in the SGX environment. In this paper, we start by exploring the principles of generating transient execution attacks in SGX. Building upon the topological sort graph (TSG) model and incorporating data flow analysis, we propose a security problem description model for transient execution attacks in SGX, named S-TSG (SGX topological sort graph). We propose a new modeling approach that combines formal description characteristics and data flow analysis technology for transient execution attacks in SGX on the basis of TSG model. By applying S-TSG model to transient execution attacks and defense methods in SGX, we prove that the effectiveness of the S-TSG model in analyzing the transient execution attack principles and the evaluation of defense methods in SGX.