אסף רוזנבאום, הרצאה סמינריונית למגיסטר
יום רביעי, 29.8.2018, 10:00
As the cyber security threat continues to grow, we need to better defend our systems. One of the ways to improve the security of a computer system is to isolate its critical assets from the main execution environment. These critical assets are handled in a Trusted Execution Environment, which can protect them even when the main execution environment is compromised. One of the leading technologies enabling trusted execution environment is ARM TrustZone.
In this talk we'll present our research on trusted execution environments. In particualr, TrustZone based trusted execution environments.
We'll show how a trusted execution environment can help to protect the main execution environment and increase its secuirty. In our work, the trusted execution environment is used to prevent return flow hijacking attacks (such as ROP) in the main execution environment. Our solution utilzes the trusted execution environment to create a secure shadow stack and to enforce that the program return flow remains intact. We'll also mention other aspects of our research.