Course Overview

This course focuses on studying security techniques for trusted computing systems. The course starts with discussing software/system security fundamentals and principals for designing and building trusted computing systems. Then we study comprehensive security oriented hardenning techniques for trusted computing platforms as well as promising new services and applications. Lastly we will cover possible attacks and defenses against trusted computing systems.

The course will be mostly based on research papers. Each lecture will cover one research paper, and each student is expected to present a few research papers (one or two) throughout the semester. In order to facilitate discussion, all students are strongly encouraged to read the paper before the class and actively participate the in-class discussion. Students are also required to pick the research topic related to the class, and perform their own research project.

Schedule (Tentative)

Date Topic Paper
01/10 Introduction (online meetup)
01/12 - No class (travel)
01/17 Introduction Intro. on trusted computing (1)
01/19 Introduction Intro. on trusted computing (2)
01/24 Toward trusted computing AEGIS [ICS 03]
01/26 Toward trusted computing SecVisor [SOSP 07]
01/31 Toward trusted computing OverShadow [ASPLOS 08]
02/02 Toward trusted computing Flicker [EuroSys 08]
02/07 Toward trusted computing TrustVisor [SP 10]
02/09 Toward trusted computing TrustZone-TLR [ASPLOS 14]
02/14 SandBox for trusted computing Haven [OSDI 14]
02/16 SandBox for trusted computing No class
02/21 SandBox for trusted computing A2C [NDSS 17] practice talk
02/21 SandBox for trusted computing Graphene [EuroSys 14] makeup
02/23 SandBox for trusted computing VC3 [SP 15]
02/23 SandBox for trusted computing Ryoan [OSDI 16] makeup
02/28 - No class (NDSS travel)
03/02 - No class (NDSS travel)
03/07 SandBox for trusted computing MiniBox [ATC 14]
03/07 Trusted services CryptDB [SOSP 11] makeup
03/09 SandBox for trusted computing Scone [OSDI 16]
03/09 SandBox for trusted computing T-SGX [NDSS 17] makeup
03/14 - No class (Spring break)
03/16 - No class (Spring break)
03/21 Trusted services BlindBox [SIGCOMM 15]
03/23 Trusted services Embark [NSDI 16]
03/28 - JForce [WWW 17] practice talk
03/30 Trusted services Mylar [NSDI 14]
04/04 Securing access patterns Path ORAM [CCS 13]
04/06 Securing access patterns Raccoon [SEC 15]
04/06 Securing access patterns HOP [NDSS 17]
04/11 Attacks/Defenses Iago Attacks [ASPLOS 13]
04/11 Attacks/Defenses Controlled-channel attacks [SP 15]
04/13 Attacks/Defenses Drammer
04/18 Attacks/Defenses SGX Cache timing attacks
04/20 Attacks/Defenses Memoir [SP 11]
04/25 Attacks/Defenses StealthMem [SEC 12]
04/27 Attacks/Defenses BOOMERANG [NDSS 17]
  • This schedule is subject to change, and changes will be announced in class or emailed if necessary.

Related Papers

  • Toward trusted computing

    • (XOM) Architectural Support for Copy and Tamper Resistant Software [ASPLOS 00] [pdf]
    • AEGIS: architecture for tamper-evident and tamper-resistant processing [ICS 03] [pdf]
    • SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes [SOSP 07] [pdf]
    • Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems [ASPLOS 08] [pdf]
    • InkTag: secure applications on an untrusted operating system [ASPLOS 13] [pdf]
    • Flicker: An execution infrastructure for TCB minimization [EuroSys 08] [pdf]
    • TrustVisor: Efficient TCB reduction and attestation [SP 10] [pdf]
    • (TrustZone-TLR) Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications [ASPLOS 14] [pdf]
  • SandBox/Containers for trusted computing

    • MiniBox: A two-way sandbox for x86 native code [ATC 14] [pdf]
    • VC3: trustworthy data analytics in the cloud using SGX [SP 15] [pdf]
    • Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data [OSDI 16] [pdf]
    • (Graphene) Cooperation and Security Isolation of Library OSes for Multi-Process Applications [EuroSys 14] [pdf]
    • SCONE: Secure Linux Containers with Intel SGX [OSDI 16] [pdf]
    • Shielding Applications from an Untrusted Cloud with Haven [OSDI 14] [pdf]
    • Panoply: Low-TCB Linux Applications With SGX Enclaves [NDSS 17] [pdf]
  • Trusted Services

    • Secure Untrusted Data Repository (SUNDR) [OSDI 04] [pdf]
    • CryptDB: protecting confidentiality with encrypted query processing [SOSP 11] [pdf]
    • BlindBox: Deep packet inspection over encrypted traffic [SIGCOMM 15] [pdf]
    • Embark: Securely Outsourcing Middleboxes to the Cloud [NSDI 16] [pdf]
    • Building web applications on top of encrypted data using Mylar [NSDI 14] [pdf]
  • Securing access patterns

    • Path ORAM: An Extremely Simple Oblivious RAM Protocol [CCS 13] [pdf]
    • Raccoon: Closing Digital Side-Channels through Obfuscated Execution [SEC 15] [pdf]
    • Oblivious multi-party machine learning on trusted processors [SEC 16] [pdf]
    • HOP: Hardware makes Obfuscation Practical [NDSS 17] [pdf]
    • T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs [NDSS 17] [pdf]
    • ObliviSync: Practical Oblivious File Backup and Synchronization [NDSS 17] [pdf]
  • Attacks and defenses

    • Iago attacks: why the system call API is a bad untrusted RPC interface [ASPLOS 13] [pdf]
    • Controlled-channel attacks: Deterministic side channels for untrusted operating systems [SP 15] [pdf]
    • Memoir: Practical state continuity for protected modules [SP 11] [pdf]
    • STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud [SEC 12] [pdf]
    • Drammer: Deterministic Rowhammer Attacks on Mobile Platforms [CCS 16] [pdf]
    • SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs [NDSS 17] [pdf]
    • BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments [NDSS 17] [pdf]
  • Other related papers

    • Enhancing Security and Privacy of Tor's Ecosystem by using Trusted Execution Environments [NSDI 17]
    • Software Grand Exposure: SGX Cache Attacks Are Practical [pdf]
    • Malware Guard Extension: Using SGX to Conceal Cache Attacks [pdf]
    • Sanctum: Minimal Hardware Extensions for Strong Software Isolation [SEC 16] [pdf]
    • Opaque: An Oblivious and Encrypted Distributed Analytics Platform [NSDI 17] [[pdf]]opaque


  • Paper Presentations: 30%
  • Paper Reviews: 20%
  • Participation: 20%
  • Research projects: 30%

For academic honesty refer to the Purdue integrity/code of conduct; Except as by prior arrangement or notification by the professor of an extension before the deadline, missing or late work will be counted as a zero/fail.