- Academy Zoo (High Ranking Conferences)
- Session 0: Heterogeneous Trusted Execution
- Session 1: Towards a Better Enclave Architecture
- Session 2: Automation Toolchain and Language Runtime
- Session 3: Enclave-based Secure (Lib)OS
- Session 4: BFT, Blockchain and Online Payment System
- Session 5: Privacy-Preserving Database and Analysis
- Session 6: Secure Network Functions
- Session 7: Storage, File System and Key-Value Store
- Session 8: ML Training and Inference
- Session 9: Performance Still Matters
- Session 10: Enclave Vulnerabilities and Side Channels
- Session 11: Enclave Protection and Attack Mitigations
- Session 12: Miscellaneous
- Other Online Resources
-
Honeycomb: Secure and Efficient GPU Executions via Static Validation, OSDI 2023
-
Confidential Computing within an AI Accelerator, ATC 2023
-
SAGE: Software-based Attestation for GPU Execution, ATC 2023
-
Root Crash Consistency of SGX-style Integrity Trees in Secure Non-Volatile Memory Systems, HPCA 2023
-
StrongBox: A GPU TEE on Arm Endpoints, CCS 2022
-
TNPU: Supporting Trusted Execution with Tree-less Integrity Protection for Neural Processing Unit, HPCA 2022
-
SecNDP: Secure Near-Data Processing with Untrusted Memory, HPCA 2022
-
Adaptive Security Support for Heterogeneous Memory on GPUs, HPCA 2022
-
Secure and Policy-CompliantQuery Processing on Heterogeneous Computational Storage Architectures, SIGMOD 2022
-
IceClave: A Trusted Execution Environment for In-Storage Computing, MICRO 2021
-
Enabling Rack-scale Confidential Computing using Heterogeneous Trusted Execution Environment, IEEE S&P 2020
-
Heterogeneous Isolated Execution for Commodity GPUs, ASPLOS 2019
-
Graviton: Trusted Execution Environments on GPUs, OSDI 2018
-
A Quantum Computer Trusted Execution Environment, HPCA 2024
-
Data Enclave: A Data-Centric Trusted Execution Environment, HPCA 2024
-
TEE-SHirT: Scalable Leakage-Free Cache Hierarchies for TEEs, NDSS 2024
-
Reusable Enclaves for Confidential Serverless Computing, USENIX Security 2023
-
Cerberus: A Formal Approach to Secure and Efficient Enclave Memory Sharing, CCS 2022
-
ShEF: Shielded Enclaves for Cloud FPGAs, ASPLOS 2022
-
Elasticlave: An Efficient Memory Model for Enclaves, USENIX Security 2022
-
Cryptographic Capability Computing, MICRO 2021
-
Scalable Memory Protection in the Penglai Enclave, OSDI 2021
-
Confidential Serverless Made Efficient with Plug-In Enclaves, ISCA 2021
-
CURE: A Security Architecture with CUstomizable and Resilient Enclaves, USENIX Security 2021
-
Nested Enclave: Supporting Fine-Grained Hierarchical Isolation with SGX, ISCA 2020
-
InvisiPage: Oblivious Demand Paging for Secure Enclaves, ISCA 2019
-
TIMBER-V: Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V, NDSS 2019
-
ARMing TrustZone with User-space Enclaves, NDSS 2019
-
Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software, SOSP 2017
-
Lejacon: A Lightweight and Efficient Approach to Java Confidential Computing on SGX, ICSE 2023
-
SGX Switchless Calls Made Configless, DSN 2023
-
Towards Formal Verification of State Continuity for Enclave Programs, USENIX Security 2021
-
Twine: An Embedded Trusted Runtime for WebAssembly, ICDE 2021
-
Civet: An Efficient Java Partitioning Framework for Hardware Enclaves, USENIX Security 2020
-
CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves, ATC 2019
-
Secured Routines: Language-Based Construction of Trusted Execution Environments, ATC 2019
-
SGXElide: Enabling Enclave Code Secrecy via Self Modification, CGO 2018
-
Glamdring: Automatic Application Partitioning for Intel SGX, ATC 2017
-
A Design and Verification Methodology for Secure Isolated Regions, PDLI 2016
-
Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX, ASPLOS 2020
-
Graphene-SGX: A Practical Library Operating System for Unmodified Applications on Intel SGX, ATC 2017
-
Panoply: Low Trusted Computing Base (TCB) Linux Applications with Intel SGX Enclaves, NDSS 2017
-
Secure Live Migration of Intel SGX Enclaves on an Untrusted Cloud, DSN 2017
-
Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data, OSDI 2016
-
Shield Applications from an Untrusted Cloud with Haven, OSDI 2014
-
Dissecting BFT Consensus: In Trusted Components we Trust!, EuroSys 2023
-
ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes, CCS 2022
-
Twilight: A Differentially Private Payment Channel Network, USENIX Security 2022
-
Teechain: A Secure Payment Network with Asynchronous Blockchain Access, SOSP 2019
-
Tesseract: Real-time cryptocurrency exchange using trusted hardware, CCS 2019
-
FastKitten: Practical Smart Contracts on Bitcoin, USENIX Security 2019
-
Bite: Bitcoin Lightweight Client Privacy using Trusted Execution, USENIX Security 2019
-
Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution, EuroS&P 2019
-
REM: Resource-Efficient Mining for Blockchains, USENIX Security 2017
-
Town Crier: An Authenticated Data Feed for Smart Contracts, CCS 2016
-
Encrypted Databases Made Secure Yet Maintainable, OSDI 2023
-
Operon: An Encrypted Database for Ownership-Preserving Data Management, VLDB 2022
-
Full encryption: an end to end encryption mechanism in GaussDB, VLDB 2021
-
EncDBDB: Searchable Encrypted, Fast, Compressed, In-Memory Database Using Enclaves, DSN 2021
-
Building Enclave-Native Storage Engines for Practical Encrypted Databases, VLDB 2021
-
VeriDB: An SGX-based Verifiable Database, SIGMOD 2021
-
Oblivious Coopetitive Analytics Using Hardware Enclaves, EuroSys 2020
-
ObliDB: Oblivious Query Processing for Secure Databases, VLDB 2019
-
StealthDB: A Scalable Encrypted Database with Full SQL Query Support, PETS 2019
-
EnclaveDB: A Secure Database Using Intel SGX, IEEE S&P 2018
-
Prochlo: Strong Privacy for Analytics in the Crowd, SOSP 2017
-
Opaque: An Oblivious and Encrypted Distributed Analytics Platform, NSDI 2017
-
SGX-BigMatrix: A Practical Encrypted Data Analytic Framework with Trusted Processors, CCS 2017
-
VC3: Trustworthy Data Analytics in the Cloud, IEEE S&P 2015
-
Don't Yank My Chain: Auditable NF Service Chaining, NSDI 2021
-
Achieving Keyless CDNs with Conclaves, USENIX Security 2020
-
LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed, CCS 2019
-
SafeBricks: Shielding Network Functions in the Cloud, NSDI 2018
-
EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution, DSN 2018
-
Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments, NSDI 2017
-
Secure and Lightweight Deduplicated Storage via Shielded Deduplication-Before-Encryption, ATC 2022
-
Snoopy: Surpassing the Scalability Bottleneck of Oblivious Storage, SOSP 2021
-
Avocado: A Secure In-Memory Distributed Storage System, ATC 2021
-
Accelerating Encrypted Deduplication via SGX, ATC 2021
-
Aria: Tolerating Skewed Workloads in Secure In-memory Key-value Stores, ICDE 2021
-
SPEICHER: Securing LSM-based Key-Value Stores using Shielded Execution, FAST 2019
-
ShieldStore: Shielded In-memory Key-value Storage with SGX, EuroSys 2018
-
Pesos: Policy Enhanced Secure Object Store, EuroSys 2018
-
Concerto: A High Concurrency Key-Value Store with Integrity, SIGMOD 2017
-
CAGE: Complementing Arm CCA with GPU Extensions, NDSS 2024
-
SOTER: Guarding Black-box Inference for General Neural Networks at the Edge, ATC 2022
-
DarKnight: An Accelerated Framework for Privacy and Integrity Preserving Deep Learning Using Trusted Hardware, MICRO 2021
-
Citadel: Protecting Data Privacy and Model Confidentiality for Collaborative Learning, SoCC 2021
-
Lasagna: Accelerating Secure Deep Learning Inference in SGX-enabled Edge Cloud, SoCC 2021
-
Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors, SoCC 2020
-
Occlumency: Privacy-preserving Remote Deep-learning Inference Using SGX, MobiSys 2019
-
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware, ICLR 2019
-
VAULT: Reducing Paging Overheads in Intel SGX with Efficient Integrity Verification Structures, ASPLOS 2018
-
EActors: Fast and Flexible Trusted Computing Using Intel SGX, Middleware 2018
-
Eleos: ExitLess Operating System Services for Intel SGX Enclaves, EuroSys 2017
-
Regaining Lost Cycles with HotCalls: A Fast Interface for Intel SGX Secure Enclaves, ISCA 2017
-
Controlled Data Races in Enclaves: Attacks and Detection, USENIX Security 2023
-
SmashEx: Smashing SGX Enclaves Using Exceptions, CCS 2021
-
Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend, USENIX Security 2021
-
VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interface, USENIX Security 2021
-
CrossTalk: Speculative Data Leaks Across Cores Are Real, IEEE S&P 2021
-
An Off-Chip Attack on Hardware Enclaves via the Memory Bus, USENIX Security 2020
-
Plundervolt: Software-based Fault Injection Attacks against Intel SGX, IEEE S&P 2020
-
A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes, CCS 2019
-
MicroScope: Enabling Microarchitectural Replay Attacks, ISCA 2019
-
SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution, IEEE S&P 2019
-
ZombieLoad: Cross-Privilege-Boundary Data Sampling, CCS 2019
-
Fallout: Leaking Data on Meltdown-resistant CPUs, CCS 2019
-
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic, CCS 2018
-
Another Flip in the Wall of Rowhammer Defenses, IEEE S&P 2018
-
The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX, USENIX Security 2018
-
BranchScope: A New Side-Channel Attack on Directional Branch Predictor, ASPLOS 2018
-
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution, USENIX Security 2018
-
Infer Fine-Grained Control Flow Inside SGX Enclaves with Branch Shadowing, USENIX Security 2017
-
High-Resolution Side Channels for Untrusted Operating Systems, ATC 2017
-
Tell Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution, USENIX Security 2017
-
Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems, IEEE S&P 2015
-
EnclaveFuzz: Finding Vulnerabilities in SGX Applications, NDSS 2024
-
SENSE: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification, NDSS 2024
-
No Forking Way: Detecting Cloning Attacks on Intel SGX Applications, ACSAC 2023
-
SEnFuzzer: Detecting SGX Memory Corruption via Information Feedback and Tailored Interface Analysis, RAID 2023
-
Fuzzing SGX Enclaves via Host Program Mutations, EuroS&P 2023
-
TEESec: Pre-Silicon Vulnerability Discovery for Trusted Execution Environments, ISCA 2023
-
SymGX: Detecting Cross-boundary Pointer Vulnerabilities of SGX Applications via Static Symbolic Execution, CCS 2023
-
AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX Enclaves, USENIX Security 2023
-
EnigMap: External-Memory Oblivious Map for Secure Enclaves, USENIX Security 2023
-
MoLE: Mitigation of Side-channel Attacks against SGX via Dynamic Data Location Escape, ACSAC 2022
-
PRIDWEN: Universally Hardening SGX Programs via Load-Time Synthesis, ATC 2022
-
SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing, USENIX Security 2022
-
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX, USENIX Security 2022
-
CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs, NDSS 2021
-
HybCache: Hybrid Side-Channel-Resilient Caches for Trusted Execution Environments, USENIX Security 2020
-
BesFS: A POSIX Filesystem for Enclaves with a Mechanized Safety Proof, USENIX Security 2020
-
Autarky: Closing controlled channels with self-paging enclaves, EuroSys 2020
-
Towards Memory Safe Enclave Programming with Rust-SGX, CCS 2019
-
OBFSCURO: A Commodity Obfuscation Engine on Intel SGX, NDSS 2019
-
SGXJail: Defeating Enclave Malware via Confinement, RAID 2019
-
ScatterCache: Thwarting Cache Attacks via Cache Set Randomization, USENIX Security 2019
-
Careful-Packing: A Practical and Scalable Anti-Tampering Software Protection enforced by Trusted Computing, CODASPY 2019
-
Varys: Protecting Intel SGX Enclaves from Practical Side-Channel Attacks, ATC 2018
-
JITGuard: Hardening Just-in-Time Compilers with Intel SGX, CCS 2017
-
SGXBounds: Memory Safety for Shielded Execution, EuroSys 2017
-
SGX-Shield: Enabling Address Space Layout Randomization for Intel SGX Programs, NDSS 2017
-
ROTE: Rollback Protection for Trusted Execution, USENIX Security 2017
-
Ariadne: A Minimal Approach to State Continuity, USENIX Security 2016
-
Moat: Verifying Confidentiality Properties of Enclave Programs, CCS 2015
-
MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties, USENIX Security 2022
-
SGXLock: Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX, USENIX Security 2022
-
Practical and Efficient in-Enclave Verification of Privacy Compliance, DSN 2021
-
HyperEnclave: An Open and Cross-platform Trusted Execution Environment, ATC 2022
-
vSGX: Virtualizing SGX Enclaves on AMD SEV, IEEE S&P 2022
-
Bringing Decentralized Search to Decentralized Services, OSDI 2021
-
CYCLOSA: Decentralizing Private Web Search Through SGX-Based Browser Extensions, ICDCS 2018
-
X-Search: Revisiting Private Web Search Using Intel SGX, Middleware 2017
-
Fidelius: Protecting User Secrets from Compromised Browsers, IEEE S&P 2019
-
BASTION-SGX: Bluetooth and Architectural Support for Trusted I/O on SGX, HASP @ ISCA 2018
-
SGXIO: Generic Trusted I/O Path for Intel SGX, CODASPY 2017
-
SMILE: Secure Memory Introspection for Live Enclave, IEEE S&P 2022
-
LibSEAL: Revealing Service Integrity Violations Using Trusted Execution, EuroSys 2018
-
Scotch: Combining Intel SGX and System Management Mode to Monitor Cloud Resource Usage, RAID 2017
-
SoK: How Not to Architect Your Next-Generation TEE Malware, HASP@MICRO 2022
-
Practical Enclave Malware with Intel SGX, DIMVA 2019
-
SGX-Bomb: Locking Down the Processor via Rowhammer Attack, SysTEX@SOSP 2017