[25.03.17] IEEE S&P 2025 Paper Acceptance Announcement from Professor Lee Ho-jun’s Research Laboratory (SSLab)
- SKKU National Program of Excellence in Software
- Hit346
- 2025-03-28
[IEEE S&P 2025 Acceptance Announcement – SSLab, Professor Hojoon Lee]
The paper from the System Security Laboratory (SSLab), under the supervision of Professor Hojoon Lee, has been accepted for publication at IEEE S&P 2025, one of the four premier international conferences in the security field. The paper is scheduled for presentation in May in San Francisco, California, USA.
Title:
IncognitOS: A Practical Unikernel Design for Full-System Obfuscation in Confidential Virtual Machines
Authors:
Kha Dinh Duy, Jaeyoon Kim, Hajeong Lim, Hojoon Lee
Summary:
Recent works have repeatedly proven the practicality of side-channel attacks in undermining the confidentiality guarantees of Trusted Execution Environments such as Intel SGX. Meanwhile, the trusted execution in the cloud is witnessing a trend shift towards confidential virtual machines (CVMs). Unfortunately, several side-channel attacks have survived the shift and are feasible even for CVMs, along with the new attacks discovered on the CVM architectures. Previous works have explored defensive measures for securing userspace enclaves (i.e., Intel SGX) against side-channel attacks. However, the design space for a CVM-based obfuscation execution engine is largely unexplored.
This paper proposes a unikernel design named IncognitOS to provide full-system obfuscation for CVM-based cloud workloads. IncognitOS fully embraces unikernel principles such as minimized TCB and direct hardware access to render full-system obfuscation feasible. IncognitOS retrofits two key OS components, the scheduler and memory management, to implement a novel adaptive obfuscation scheme. IncognitOS's scheduling is designed to be self-sovereign from the timer interrupts from the untrusted hypervisor with its synchronous tick delivery. This allows IncognitOS to reliably monitor the frequency of the hypervisor's possession of execution control (i.e., VMExits) and adjust the frequency of memory rerandomization performed by the paging subsystem, which transparently performs memory rerandomization through direct MMU access. The resulting IncognitOS design makes a case for self-obfuscating unikernel as a secure CVM deployment strategy while further advancing the obfuscation technique compared to previous works. Evaluation results demonstrate IncognitOS's resilience against CVM attacks and show that its adaptive obfuscation scheme enables practical performance for real-world programs.