[1] Guninski G. Linux kernel 2.6 fun, Windoze is a joke[EB/OL]. [2005-02-15]. http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
[2] Lafon M, Francoise R, CAN-2005-0400: Information leak in the Linux kernel ext2 implementation[EB/OL]. [2005-03-25]. https://seclists.org/bugtraq/2005/Apr/17
[3] National Vulnerability Database. CVE-2014-0069[EB/OL]. [2014-02-28]. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0069.
[4] National Vulnerability Database. CVE-2014-4653[EB/OL]. [2014-03-07]. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4653.
[5] Chow J, Pfaff B, Garfinkel T, et al. Understanding data lifetime via whole system simulation[C]// Proc of the 13th USENIX Security Symp. Berkeley: USENIX, 2004: 321-336
[6] The MITRE Corporation. CWE-212: Improper cross-boundary removal of sensitive data[EB/OL]. [2018-04-03]. https://cwe.mitre.org/data/definitions/212.html.
[7] The MITRE Corporation. CWE-226: Sensitive information uncleared before release[EB/OL]. [2018-05-29]. https://cwe.mitre.org/data/definitions/226.html.
[8] Szekeres L, Payer M, Wei T, et al. Sok: Eternal war in memory[C]// Proc of the 34th IEEE Symp on Security and Privacy. Piscataway,NJ: IEEE, 2013: 48-62
[9] Halderman J A, Schoen S D, Heninger N, et al. Lest we remember: cold-boot attacks on encryption keys[J]. Communications of the ACM, 2009, 52(5): 91-98
[10] Stewin P, Bystrov I. Understanding DMA malware[C]//Proc of Int Conf on Setection of Intrusions and Malware, and Vulnerability Assessment. Berlin:Springer, 2012: 21-41
[11] Becher M, Dornseif M, Klein C N. FireWire:All your memory are belong to us[J]. Proceedings of CanSecWest, 2005: 67
[12] Blass E O, Robertson W. TRESOR-HUNT: Attacking CPU-bound encryption[C]//Proc of the 28th Annual Computer Security Applications Conference. New York:ACM, 2012: 71-78
[13] Li Y, McCune J M, Perrig A. VIPER: Verifying the integrity of peripherals' firmware[C]//Proc of the 18th ACM Conf on Computer and Communications Security. New York:ACM, 2011: 3-16
[14] Müller T, Freiling F C, Dewald A. TRESOR runs encryption securely outside RAM[C]//Proc of USENIX Security Symp. Berkeley : USENIX, 2011
[15] Simmons P. Security through Amnesia: A software-based solution to the cold boot attack on disk encryption[C]//Proc of the 27th Annual Computer Security Applications Conf. New York:ACM, 2011: 73-82
[16] Garmany B, Müller T. PRIME: Private RSA infrastructure for memory-less encryption[C]//Proc of the 29th Annual Computer Security Applications Conf. New York:ACM, 2013: 149-158
[17] Zhao Y, Lin J, Pan W, et al. RegRSA: Using registers as buffers to resist memory disclosure attacks[C]//Proc of IFIP Int Information Security and Privacy Conf. Berlin:Springer, 2016: 293-307
[18] Pabel J. FrozenCache: Mitigating cold-boot attacks for full-disk-encryption software[C]//Proc of the 27th Chaos Communication Congress. 2010
[19] Guan L, Lin J, Luo B, et al. Copker: Computing with private keys without RAM[C]// Proc of 21st Annual Network and Distributed System Security Symp. Rosten:the Internet Society, 2014: 23-26
[20] Lin J, Guan L, Ma Z, et al. Copker: A cryptographic engine against cold-boot attacks[J]. IEEE Trans on Dependable and Secure Computing, 2018, 15(5): 742-754
[21] Colp P, Zhang J, Gleeson J, et al. Protecting data on smartphones and tablets from memory attacks[C]// Proc of the 20th Int Conf on Architectural Support for Programming Languages and Operating Systems. New York:ACM, 2015
[22] Guan L, Lin J, Luo B, et al. Protecting private keys against memory disclosure attacks using hardware transactional memory[C]//Proc of IEEE Symp on Security and Privacy, Piscataway: IEEE, 2015: 3-19
[23] Sun H, Sun K, Wang Y, et al. TrustOTP: Transforming smartphones into secure one-time password tokens[C]//Proc of the 22nd ACM Conf on Computer and Communications Security. News York:ACM, 2015: 976-988
[24] Sun H, Sun K, Wang Y, et al. TrustICE: Hardware-assisted isolated computing environments on mobile devices[C]//Proc of the 45th Annual IEEE/IFIP Int Conf on Dependable Systems and Networks, Piscataway,NJ:IEEE, 2015: 367-378
[25] Zhang N, Sun K, Lou W, et al. CaSE: Cache-assisted secure execution on arm processors[C]//Proc of IEEE Symp on Security and Privacy, Piscataway,NJ:IEEE, 2016: 72-90
[26] Vasiliadis G, Athanasopoulos E, Polychronakis M, et al. PixelVault: Using PGUs for securing cryptographic operations[C]//Proc of the 2014 ACM Conf on Computer and Communications Security. New York:ACM, 2014: 1131-1142
[27] Zhu Z, Kim S, Rozhanski Y, et al. Understanding the security of discrete GPUs[C]//Proc of the General Purpose GPUs. New York:ACM, 2017: 1-11
[28] Boneh D, Ding X, Tsudik G, et al. A method for fast revocation of public key certificates and security capabilities[C]//Proc of USENIX Security Symp. Berkeley:USENIX, 2001: 22-22
[29] Lindell Y. Fast secure two-party ECDSA signing[C]//Proc of Annual International Cryptology Conference. Berlin:Springer, 2017: 613-644
[30] 林璟锵, 马原, 荆继武, 等. 适用于云计算的基于SM2算法的签名及解密方法和系统: 中国, ZL2014104375995[P]. 2017-11-03
[31] Libert B, Quisquater J J. Efficient revocation and threshold pairing based cryptosystems[C]//Proc of the 22nd Annual Symp on Principles of Distributed Computing. New York:ACM, 2003: 163-171
[32] Tang Y, Ames P, Bhamidipati S, et al. CleanOS: Limiting mobile data exposure with idle eviction[C]//Proc of the 10th USENIX Symp on Operating Systems Design and Implementation. Berkeley:USENIX, 2012: 77-91
[33] Müller T, Taubmann B, Felix C. Freiling. TreVisor - OS-independent software-based full disk encryption secure against main memory attacks[C]// Proc of Int Confon Applied Cryptography and Network Security. Berlin:Springer,2012: 66-83
[34] Shinagawa T, Eiraku H, Tanimoto K, et al. BitVisor: A thin hypervisor for enforcing i/o device security[C]//Proc of the 2009 ACM SIGPLAN/SIGOPS Int Conf on Virtual Execution Environments. New York:ACM, 2009: 121-130
[35] Wang Z, Zheng F, Lin J, et al. Utilizing GPU virtualization to protect the private keys of GPU cryptographic computation[C]//Proc of Int Conf on Information and Communications Security. Berlin:Springer, 2018: 142-157
[36] Mashtizadeh A J, Bittau A, Boneh D, et al. CCFI: Cryptographically enforced control flow integrity[C]//Proc of the 22nd ACM Conf on Computer and Communications Security. New York:ACM, 2015: 941-951
[37] Götzfried J, Müller T, Drescher G, et al. RamCrypt: Kernel-based address space encryption for user-mode processes[C]//Procs of the 11th ACM on Asia Conf on Computer and Communications Security. New York:ACM, 2016: 919-924
[38] Chen Cao, Le Guan, Ning Zhang et al, Wenjing Lou: CryptMe: Data leakage prevention for unmodified programs on ARM devices[G]// LNCS 11050: Proc of Int Symp on Recent Advances in Intrusion Detection. Berlin:Springer, 2018: 380-400
[39] Jingqiang Lin, Bo Luo, Le Guan et al: Secure computing using registers and caches: The problem, challenges, and solutions[J] IEEE Security & Privacy, 2016, 14(6): 63-70
[40] Lipp M, Schwarz M, Gruss D, et al. Meltdown[EB/OL]. [2018-09-01].https://arxiv.org/abs/1801.01207
[41] Kocher P, Genkin D, Gruss D, et al. Spectre attacks: Exploiting speculative execution[EB/OL]. [2018-09-01]. https://arxiv.org/abs/1801.01203
[42] Guoxing Chen, Sanchuan Chen, Yuan Xiao et al, SgxPectre attacks: Stealing Intel secrets from SGX enclaves via speculative execution. [EB/OL]. [2018-02-25]. https://arxiv.org/abs/1802.09085
[43] Hetzelt F, Buhren R. Security analysis of encrypted virtual machines[C]// Proc of the 13th ACM SIGPLAN/SIGOPS Int Conf on Virtual Execution Environments. New York:ACM, 2017
[44] Morbitzer M, Huber M, Horsch J et al. SEVered: Subverting AMD’s virtual machine encryption[EB/OL].[2018-05-24]. https://arxiv.org/abs/1805.09604
|