Abstract | ||
---|---|---|
Software Guard eXtensions (SGX) is a hardware-based technology that introduces unobservable portions of memory, called enclaves, that physically screens software components from system tampering. Enclaves can be used to run arbitrary programs (including malicious code), but their actual impact on digital forensics and incident response remains unknown. In our work, we propose a methodical study of what information can be retrieved from an SGX machine and how to use this information to infer the enclaves interfaces and structure layout. |
Year | DOI | Venue |
---|---|---|
2021 | 10.1016/j.fsidi.2021.301313 | Forensic Science International: Digital Investigation |
Keywords | DocType | Volume |
SGX,TEE,Memory forensics | Journal | 39 |
ISSN | Citations | PageRank |
2666-2817 | 0 | 0.34 |
References | Authors | |
0 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Flavio Toffalini | 1 | 0 | 0.34 |
Andrea Oliveri | 2 | 0 | 0.68 |
Mariano Graziano | 3 | 0 | 0.34 |
Jianying Zhou | 4 | 2868 | 229.06 |
Davide Balzarotti | 5 | 2040 | 113.64 |