EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution
暂无分享,去创建一个
Rüdiger Kapitza | Valerio Schiavoni | Peter R. Pietzuch | Christof Fetzer | Pascal Felber | Paolo Costa | Manuel Nieke | David Goltzsche | Signe Rüsch | Sébastien Vaucher | Nico Weichbrodt | Pierre-Louis Aublin | Paolo Costa | P. Felber | C. Fetzer | Pierre-Louis Aublin | Nico Weichbrodt | R. Kapitza | David Goltzsche | Manuel Nieke | Sébastien Vaucher | P. Pietzuch | Signe Rüsch | V. Schiavoni
[1] Vyas Sekar,et al. Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.
[2] Rüdiger Kapitza,et al. AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves , 2016, ESORICS.
[3] Ittai Anati,et al. Innovative Technology for CPU Based Attestation and Sealing , 2013 .
[4] A.L. Narasimha Reddy,et al. Mitigation of DoS attacks through QoS regulation , 2002, IEEE 2002 Tenth IEEE International Workshop on Quality of Service (Cat. No.02EX564).
[5] Collin Jackson,et al. Analyzing Forged SSL Certificates in the Wild , 2014, 2014 IEEE Symposium on Security and Privacy.
[6] Insik Shin,et al. SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs , 2017, NDSS.
[7] Shweta Shinde,et al. Panoply: Low-TCB Linux Applications With SGX Enclaves , 2017, NDSS.
[8] Sylvia Ratnasamy,et al. BlindBox: Deep Packet Inspection over Encrypted Traffic , 2015, SIGCOMM.
[9] Mona Vij,et al. Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX) , 2018, ArXiv.
[10] Christos Gkantsidis,et al. Enabling End-Host Network Functions , 2015, Comput. Commun. Rev..
[11] Ralph Droms,et al. Data Center use of Static Diffie-Hellman in TLS 1.3 , 2017 .
[12] Christof Fetzer,et al. SecureKeeper: Confidential ZooKeeper using Intel SGX , 2016, Middleware.
[13] Marcus Peinado,et al. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.
[14] Antony I. T. Rowstron,et al. Network exception handlers: host-network control in enterprise networks , 2008, SIGCOMM '08.
[15] Vinod Ganapathy,et al. EnGarde: Mutually-Trusted Inspection of SGX Enclaves , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).
[16] Yan Grunenberger,et al. The Cost of the "S" in HTTPS , 2014, CoNEXT.
[17] Christos Gkantsidis,et al. And Then There Were More: Secure Communication for More Than Two Parties , 2017, CoNEXT.
[18] Susana Sargento,et al. Toward a telco cloud environment for service functions , 2015, IEEE Communications Magazine.
[19] Mark Silberstein,et al. Eleos: ExitLess OS Services for SGX Enclaves , 2017, EuroSys.
[20] Alfred V. Aho,et al. Efficient string matching , 1975, Commun. ACM.
[21] Robert Ricci,et al. Fast and flexible: Parallel packet processing with GPUs and click , 2013, Architectures for Networking and Communications Systems.
[22] Cong Wang,et al. Privacy-preserving deep packet inspection in outsourced middleboxes , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.
[23] Thomas E. Anderson,et al. ETTM: A Scalable Fault Tolerant Network Manager , 2011, NSDI.
[24] Eric Wustrow,et al. Trusted Click: Overcoming Security issues of NFV in the Cloud , 2017, SDN-NFV@CODASPY.
[25] Markus Feilner,et al. OpenVPN: Building and Integrating Virtual Private Networks: Learn how to build secure VPNs using this powerful Open Source application , 2006 .
[26] Shay Gueron,et al. A Memory Encryption Engine Suitable for General Purpose Processors , 2016, IACR Cryptol. ePrint Arch..
[27] Dongsu Han,et al. SGX-Box: Enabling Visibility on Encrypted Traffic using a Secure Middlebox Module , 2017, APNet.
[28] Leslie Lamport,et al. Paxos Made Simple , 2001 .
[29] Seungjoon Lee,et al. Network function virtualization: Challenges and opportunities for innovations , 2015, IEEE Communications Magazine.
[30] Pablo Rodriguez,et al. Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS , 2015, Comput. Commun. Rev..
[31] Frank Piessens,et al. SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control , 2017, SysTEX@SOSP.
[32] David M. Eyers,et al. SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.
[33] Zhi Liu,et al. Embark: Securely Outsourcing Middleboxes to the Cloud , 2016, NSDI.
[34] Cong Wang,et al. LightBox: SGX-assisted Secure Network Functions at Near-native Speed , 2017, ArXiv.
[35] Christof Fetzer,et al. ShieldBox: Secure Middleboxes using Shielded Execution , 2018, SOSR.
[36] Marko Vukolic,et al. The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication , 2015, iNetSeC.
[37] Jim Esch,et al. Software-Defined Networking: A Comprehensive Survey , 2015, Proc. IEEE.
[38] Christof Fetzer,et al. TaLoS : Secure and Transparent TLS Termination inside SGX Enclaves , 2017 .
[39] Marcus Peinado,et al. T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs , 2017, NDSS.
[40] Guyue Liu,et al. SDNFV: Flexible and Dynamic Software Defined Control of an Application- and Flow-Aware Data Plane , 2016, Middleware.
[41] Hovav Shacham,et al. Iago attacks: why the system call API is a bad untrusted RPC interface , 2013, ASPLOS '13.
[42] SekarVyas,et al. Making middleboxes someone else's problem , 2012 .
[43] EDDIE KOHLER,et al. The click modular router , 2000, TOCS.
[44] Donald E. Porter,et al. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX , 2017, USENIX Annual Technical Conference.