SGXCrypter: IP protection for portable executables using Intel's SGX technology

Dimitrios Tychalas, Nektarios Georgios Tsoutsos, Michail Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Executable packing schemes are popular for obfuscating the binary code of a target program through compression or encryption, and can be leveraged for protecting proprietary code against analysis and reverse engineering. Although achieving their confidentiality objective, packed executables are prepended with decryption or decompression code that processes the rest of the binary, which is a lucrative target for reverse-engineering attackers. To thwart such attacks, we introduce a novel packing scheme called SGXCrypter, which utilizes Intel's novel Software Guard Extensions to securely unpack and execute Windows binaries. Unlike state-of-the-art crypters, SGXCrypter's code is never flagged as malicious against 35 popular antivirus engines, minimally increasing the loading time of the protected executable by an average of 0.6 seconds per MB.

Original languageEnglish (US)
Title of host publication2017 22nd Asia and South Pacific Design Automation Conference, ASP-DAC 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages354-359
Number of pages6
ISBN (Electronic)9781509015580
DOIs
StatePublished - Feb 16 2017
Event22nd Asia and South Pacific Design Automation Conference, ASP-DAC 2017 - Chiba, Japan
Duration: Jan 16 2017Jan 19 2017

Publication series

NameProceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC

Other

Other22nd Asia and South Pacific Design Automation Conference, ASP-DAC 2017
CountryJapan
CityChiba
Period1/16/171/19/17

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design

Fingerprint Dive into the research topics of 'SGXCrypter: IP protection for portable executables using Intel's SGX technology'. Together they form a unique fingerprint.

Cite this