乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T22:22:24Z","timestamp":1730326944009,"version":"3.28.0"},"publisher-location":"New York, NY, USA","reference-count":104,"publisher":"ACM","funder":[{"name":"MSIT","award":["NRF-2020R1A2C2101134"]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607210","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"397-411","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["EnclaveVPN: Toward Optimized Utilization of Enclave Page Cache and Practical Performance of Data Plane for Security-Enhanced Cloud VPN"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0000-0001-8292-9953","authenticated-orcid":false,"given":"Jaemin","family":"Park","sequence":"first","affiliation":[{"name":"The Affiliated Institute of ETRI, Republic of Korea"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-8984-1006","authenticated-orcid":false,"given":"Brent Byunghoon","family":"Kang","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science and Technology, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"volume-title":"Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. Article 13","year":"2013","author":"Anati Ittai","key":"e_1_3_2_1_1_1","unstructured":"Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative Technology for CPU Based Attestation and Sealing. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. Article 13, 7\u00a0pages."},{"volume-title":"12th USENIX Symp. Operating Systems Design and Implementation, Vol.\u00a016","year":"2016","author":"Arnautov Sergei","key":"e_1_3_2_1_2_1","unstructured":"Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Daniel O\u2019Keeffe, Mark\u00a0L Stillwell, 2016. SCONE: Secure linux containers with Intel SGX. In 12th USENIX Symp. Operating Systems Design and Implementation, Vol.\u00a016. 689\u2013703."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2017.8056951"},{"key":"e_1_3_2_1_4_1","unstructured":"AWS. (n.d.). AWS Managed VPN Connections. https:\/\/docs.aws.amazon.com\/vpc\/latest\/userguide\/VPC_VPN.html Accessed: 2023-3-20."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2799647"},{"volume-title":"IEEE\/ACM Symposium on. IEEE, 14\u201327","year":"2016","author":"Bhardwaj Ketan","key":"e_1_3_2_1_6_1","unstructured":"Ketan Bhardwaj, Ming-Wei Shih, Pragya Agarwal, Ada Gavrilovska, Taesoo Kim, and Karsten Schwan. 2016. Fast, scalable and secure onloading of edge functions using AirBox. In Edge Computing (SEC), IEEE\/ACM Symposium on. IEEE, 14\u201327."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Scott Bradner and Jim McQuaid. 1999. Benchmarking Methodology for Network Interconnect Devices. https:\/\/tools.ietf.org\/html\/rfc2544. Accessed: 2023-3-20.","DOI":"10.17487\/rfc2544"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359809"},{"volume-title":"Software Grand Exposure: SGX Cache Attacks Are Practical. In 11th USENIX Workshop on Offensive Technologies (WOOT 17)","year":"2017","author":"Brasser Ferdinand","key":"e_1_3_2_1_9_1","unstructured":"Ferdinand Brasser, Urs M\u00fcller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. 2017. Software Grand Exposure: SGX Cache Attacks Are Practical. In 11th USENIX Workshop on Offensive Technologies (WOOT 17). 12\u00a0pages."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2019.00020"},{"volume-title":"Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 178\u2013194","year":"2018","author":"Chen Guoxing","key":"e_1_3_2_1_11_1","unstructured":"Guoxing Chen, Wenhao Wang, Tianyu Chen, Sanchuan Chen, Yinqian Zhang, XiaoFeng Wang, Ten-Hwang Lai, and Dongdai Lin. 2018. Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 178\u2013194."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053007"},{"key":"e_1_3_2_1_13_1","unstructured":"CISCO. (n.d.). Cisco Cloud Services Router 1000V Series. https:\/\/www.cisco.com\/c\/en\/us\/products\/routers\/cloud-services-router-1000v-series\/index.html Accessed: 2023-3-20."},{"volume-title":"Sanctum: Minimal hardware extensions for strong software isolation. In 25th { USENIX} Security Symposium ({ USENIX} Security 16). 857\u2013874.","year":"2016","author":"Costan Victor","key":"e_1_3_2_1_14_1","unstructured":"Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal hardware extensions for strong software isolation. In 25th { USENIX} Security Symposium ({ USENIX} Security 16). 857\u2013874."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3040992.3040994"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23822-2_18"},{"key":"e_1_3_2_1_17_1","unstructured":"A Danial. (n.d.). Count lines of code. https:\/\/github.com\/AlDanial\/cloc Accessed: 2023-3-20."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1976.1055638"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3309697.3331480"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"Jason\u00a0A Donenfeld. 2017. WireGuard: Next Generation Kernel Network Tunnel.. In NDSS. 1\u201312.","DOI":"10.14722\/ndss.2017.23160"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3339814"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Muhammad El-Hindi Tobias Ziegler Matthias Heinrich Adrian Lutsch Zheguang Zhao and Carsten Binnig. 2022. Benchmarking the Second Generation of Intel SGX Hardware. In Data Management on New Hardware. 1\u20138.","DOI":"10.1145\/3533737.3535098"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3173204"},{"key":"e_1_3_2_1_24_1","unstructured":"Fast Data\u00a0Project (FD.io). (n.d.). Github repository for Vector Packet Processing. https:\/\/github.com\/FDio\/vpp Accessed: 2023-3-20."},{"key":"e_1_3_2_1_25_1","unstructured":"Fast Data\u00a0Project (FD.io). (n.d.). Vector Packet Processing. https:\/\/wiki.fd.io\/view\/VPP Accessed: 2023-3-20."},{"volume-title":"Comparison of Frameworks for High-Performance Packet IO. In 2015 ACM\/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS). IEEE, 29\u201338","year":"2015","author":"Gallenm\u00fcller Sebastian","key":"e_1_3_2_1_26_1","unstructured":"Sebastian Gallenm\u00fcller, Paul Emmerich, Florian Wohlfart, Daniel Raumer, and Georg Carle. 2015. Comparison of Frameworks for High-Performance Packet IO. In 2015 ACM\/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS). IEEE, 29\u201338."},{"volume-title":"EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution. In 2018 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 386\u2013397","year":"2018","author":"Goltzsche David","key":"e_1_3_2_1_27_1","unstructured":"David Goltzsche, Signe R\u00fcsch, Manuel Nieke, S\u00e9bastien Vaucher, Nico Weichbrodt, Valerio Schiavoni, Pierre-Louis Aublin, Paolo Cosa, Christof Fetzer, Pascal Felber, 2018. EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution. In 2018 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 386\u2013397."},{"key":"e_1_3_2_1_28_1","unstructured":"Google. 2022. Encryption in Transit in Google Cloud. https:\/\/cloud.google.com\/security\/encryption-in-transit Accessed: 2023-3-20."},{"key":"e_1_3_2_1_29_1","unstructured":"Google. (n.d.). Google Cloud VPN. https:\/\/cloud.google.com\/vpn\/docs\/concepts\/overview Accessed: 2023-3-20."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3065913.3065915"},{"volume-title":"26th { USENIX} Security Symposium ({ USENIX} Security 17). 217\u2013233.","author":"Gruss Daniel","key":"e_1_3_2_1_31_1","unstructured":"Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa. 2017. Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory. In 26th { USENIX} Security Symposium ({ USENIX} Security 17). 217\u2013233."},{"key":"e_1_3_2_1_32_1","unstructured":"Shay Gueron. 2016. A Memory Encryption Engine Suitable for General Purpose Processors. https:\/\/eprint.iacr.org\/2016\/204. Accessed: 2023-3-20."},{"volume-title":"High-Resolution Side Channels for Untrusted Operating Systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17)","year":"2017","author":"H\u00e4hnel Marcus","key":"e_1_3_2_1_33_1","unstructured":"Marcus H\u00e4hnel, Weidong Cui, and Marcus Peinado. 2017. High-Resolution Side Channels for Untrusted Operating Systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17). 299\u2013312."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106989.3106994"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Dan Harkins Dave Carrel 1998. The Internet Key Exchange (IKE). https:\/\/tools.ietf.org\/html\/rfc2409. Accessed: 2023-3-20.","DOI":"10.17487\/rfc2409"},{"volume-title":"P4-IPsec: Implementation of IPsec Gateways in P4 with SDN Control for Host-to-Site Scenarios. arXiv preprint arXiv:1907.03593","year":"2019","author":"Hauser Frederik","key":"e_1_3_2_1_36_1","unstructured":"Frederik Hauser, Marco H\u00e4berle, Mark Schmidt, and Michael Menth. 2019. P4-IPsec: Implementation of IPsec Gateways in P4 with SDN Control for Host-to-Site Scenarios. arXiv preprint arXiv:1907.03593 (2019)."},{"key":"e_1_3_2_1_37_1","unstructured":"Intel Corporation. 2016. SGX Virtualization. https:\/\/01.org\/intel-software-guard-extensions\/sgx-virtualization. Accessed: 2023-3-20."},{"volume-title":"What Technology Change Enables 1 Terabyte (TB) Enclave Page Cache (EPC) size in 3rd Generation Intel Xeon Scalable Processor Platforms?","year":"2021","author":"Intel Corporation","key":"e_1_3_2_1_38_1","unstructured":"Intel Corporation. 2021. What Technology Change Enables 1 Terabyte (TB) Enclave Page Cache (EPC) size in 3rd Generation Intel Xeon Scalable Processor Platforms?, 2021.https:\/\/www.intel.com\/content\/www\/us\/en\/support\/articles\/000059614\/software\/intel-security-products.html, Accessed: 2023-3-20."},{"key":"e_1_3_2_1_39_1","unstructured":"Intel Corporation. (n.d.). Attestation Service for Intel Software Guard Extensions (Intel SGX): API Documentation. https:\/\/software.intel.com\/sites\/default\/files\/managed\/7e\/3b\/ias-api-spec.pdf. Accessed: 2023-3-20."},{"key":"e_1_3_2_1_40_1","unstructured":"Intel Corporation. (n.d.). Intel SGX SSL. https:\/\/github.com\/intel\/intel-sgx-ssl\/. Accessed: 2023-3-20."},{"key":"e_1_3_2_1_41_1","unstructured":"Intel Corporation. (n.d.). Intel Software Guard Extensions for Linux OS. https:\/\/github.com\/intel\/linux-sgx. Accessed: 2023-3-20."},{"key":"e_1_3_2_1_42_1","unstructured":"Intel Corporation. (n.d.). Xeon processors supporting SGX. https:\/\/ark.intel.com\/content\/www\/us\/en\/ark\/search\/featurefilter.html?productType=873&2_SoftwareGuardExtensions=No. Accessed: 2023-07-13."},{"key":"e_1_3_2_1_43_1","unstructured":"Wayne Jansen and Timothy Grance. 2011. SP 800-144: Guidelines on Security and Privacy in Public Cloud Computing. https:\/\/nvlpubs.nist.gov\/nistpubs\/Legacy\/SP\/nistspecialpublication800-144.pdf. Accessed: 2023-3-20."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053034"},{"key":"e_1_3_2_1_45_1","unstructured":"C Kaufman P Hoffman Y Nir and P Eronen. 2010. Internet Key Exchange (IKEv2) Protocol. https:\/\/tools.ietf.org\/html\/rfc5996. Accessed: 2023-3-20."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Stephen Kent. 2005. IP Encapsulating Security Payload (ESP). https:\/\/tools.ietf.org\/html\/rfc4303. Accessed: 2023-3-20.","DOI":"10.17487\/rfc4303"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Stephen Kent and Karen Seo. 2005. Security Architecture for the Internet Protocol. https:\/\/tools.ietf.org\/html\/rfc4301. Accessed: 2023-3-20.","DOI":"10.17487\/rfc4301"},{"key":"e_1_3_2_1_48_1","first-page":"1","article-title":"A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks. ACM","volume":"7","author":"Kim Seongmin","year":"2015","unstructured":"Seongmin Kim, Youjung Shin, Jaehyung Ha, Taesoo Kim, and Dongsu Han. 2015. A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks. ACM, Article 7, 7:1\u20137:7\u00a0pages.","journal-title":"Article"},{"key":"e_1_3_2_1_49_1","unstructured":"Seong\u00a0Min Kim Juhyeng Han Jaehyeong Ha Taesoo Kim and Dongsu Han. 2017. Enhancing Security and Privacy of Tor\u2019s Ecosystem by Using Trusted Execution Environments. In NSDI. 145\u2013161."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/354871.354874"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3007788.3007793"},{"volume-title":"Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium (USENIX Security 17)","year":"2017","author":"Lee Sangho","key":"e_1_3_2_1_52_1","unstructured":"Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium (USENIX Security 17). 557\u2013574."},{"volume-title":"Glamdring: Automatic application partitioning for intel { SGX}. In 2017 { USENIX} Annual Technical Conference ({ USENIX}{ ATC} 17). 285\u2013298.","year":"2017","author":"Lind Joshua","key":"e_1_3_2_1_53_1","unstructured":"Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O\u2019Keeffe, Pierre-Louis Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David Eyers, R\u00fcdiger Kapitza, 2017. Glamdring: Automatic application partitioning for intel { SGX}. In 2017 { USENIX} Annual Technical Conference ({ USENIX}{ ATC} 17). 285\u2013298."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2460136.2460140"},{"volume-title":"ROTE: Rollback Protection for Trusted Execution. In 26th { USENIX} Security Symposium ({ USENIX} Security 17).","year":"2017","author":"Matetic Sinisa","key":"e_1_3_2_1_55_1","unstructured":"Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun. 2017. ROTE: Rollback Protection for Trusted Execution. In 26th { USENIX} Security Symposium ({ USENIX} Security 17)."},{"key":"e_1_3_2_1_56_1","first-page":"1","article-title":"Innovative Instructions and Software Model for Isolated Execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. ACM","volume":"10","author":"McKeen Frank","year":"2013","unstructured":"Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos\u00a0V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday\u00a0R. Savagaonkar. 2013. Innovative Instructions and Software Model for Isolated Execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. ACM, Article 10, 10:1\u201310:8\u00a0pages.","journal-title":"Article"},{"volume-title":"Towards High-Performance IPsec on Cavium OCTEON Platform. In International Conference on Trusted Systems. Springer, 37\u201346","year":"2010","author":"Meng Jinli","key":"e_1_3_2_1_57_1","unstructured":"Jinli Meng, Xinming Chen, Zhen Chen, Chuang Lin, Beipeng Mu, and Lingyun Ruan. 2010. Towards High-Performance IPsec on Cavium OCTEON Platform. In International Conference on Trusted Systems. Springer, 37\u201346."},{"key":"e_1_3_2_1_58_1","unstructured":"Microsoft. (n.d.). Azure VPN Gateway. https:\/\/azure.microsoft.com\/en-us\/services\/vpn-gateway\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_59_1","unstructured":"Microsoft. (n.d.). Linux Virtual Machines Pricing in Microsoft Azure. https:\/\/azure.microsoft.com\/en-us\/pricing\/details\/virtual-machines\/linux\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/3214292.3214301"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66787-4_4"},{"key":"e_1_3_2_1_62_1","unstructured":"Juniper Networks. (n.d.). Juniper vSRX Virtual Firewall. https:\/\/www.juniper.net\/us\/en\/products-services\/security\/srx-series\/vsrx\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560620"},{"volume-title":"Varys: Protecting { SGX} Enclaves from Practical Side-Channel Attacks. In 2018 { Usenix} Annual Technical Conference ({ USENIX}{ ATC} 18). 227\u2013240.","year":"2018","author":"Oleksenko Oleksii","key":"e_1_3_2_1_64_1","unstructured":"Oleksii Oleksenko, Bohdan Trach, Robert Krahn, Mark Silberstein, and Christof Fetzer. 2018. Varys: Protecting { SGX} Enclaves from Practical Side-Channel Attacks. In 2018 { Usenix} Annual Technical Conference ({ USENIX}{ ATC} 18). 227\u2013240."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978329"},{"volume-title":"SafeBricks: Shielding Network Functions in the Cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI\u201918)","year":"2018","author":"Poddar Rishabh","key":"e_1_3_2_1_66_1","unstructured":"Rishabh Poddar, Chang Lan, Raluca\u00a0Ada Popa, and Sylvia Ratnasamy. 2018. SafeBricks: Shielding Network Functions in the Cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI\u201918)."},{"volume-title":"SGX-LKL: Securing the Host OS Interface for Trusted Execution. arXiv preprint arXiv:1908.11143","year":"2019","author":"Priebe Christian","key":"e_1_3_2_1_67_1","unstructured":"Christian Priebe, Divya Muthukumaran, Joshua Lind, Huanzhou Zhu, Shujie Cui, Vasily\u00a0A Sartakov, and Peter Pietzuch. 2019. SGX-LKL: Securing the Host OS Interface for Trusted Execution. arXiv preprint arXiv:1908.11143 (2019)."},{"key":"e_1_3_2_1_68_1","unstructured":"DPDK Project. (n.d.). Data Plane Development Kit. https:\/\/www.dpdk.org\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_69_1","first-page":"229","article-title":"Snort: Lightweight intrusion detection for networks","volume":"99","author":"Roesch Martin","year":"1999","unstructured":"Martin Roesch. 1999. Snort: Lightweight intrusion detection for networks. Lisa 99, 1, 229\u2013238.","journal-title":"Lisa"},{"volume-title":"Extending IPsec for Efficient Remote Attestation. In International Conference on Financial Cryptography and Data Security. Springer, 150\u2013165","year":"2010","author":"Sadeghi Ahmad-Reza","key":"e_1_3_2_1_70_1","unstructured":"Ahmad-Reza Sadeghi and Steffen Schulz. 2010. Extending IPsec for Efficient Remote Attestation. In International Conference on Financial Cryptography and Data Security. Springer, 150\u2013165."},{"volume-title":"Secure VPNs for Trusted Computing Environments. In International Conference on Trusted Computing. Springer, 197\u2013216","year":"2009","author":"Schulz Steffen","key":"e_1_3_2_1_71_1","unstructured":"Steffen Schulz and Ahmad-Reza Sadeghi. 2009. Secure VPNs for Trusted Computing Environments. In International Conference on Trusted Computing. Springer, 197\u2013216."},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.10"},{"volume-title":"29th USENIX Security Symposium (USENIX Security 20)","year":"2020","author":"Schwarz Fabian","key":"e_1_3_2_1_73_1","unstructured":"Fabian Schwarz and Christian Rossow. 2020. { SENG}, the { SGX-Enforcing} Network Gateway: Authorizing Communication from Shielded Clients. In 29th USENIX Security Symposium (USENIX Security 20). 753\u2013770."},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354252"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_1"},{"key":"e_1_3_2_1_76_1","unstructured":"Jaebaek Seo Byoungyoung Lee Seong\u00a0Min Kim Ming-Wei Shih Insik Shin Dongsu Han and Taesoo Kim. 2017. SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. In NDSS."},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/2876019.2876032"},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897885"},{"key":"e_1_3_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1145\/3411495.3421357"},{"volume-title":"Protego: Cloud-Scale Multitenant IPsec Gateway. In 2017 USENIX Annual Technical Conference (USENIX ATC 17)","year":"2017","author":"Son Jeongseok","key":"e_1_3_2_1_80_1","unstructured":"Jeongseok Son, Yongqiang Xiong, Kun Tan, Paul Wang, Ze Gan, and Sue Moon. 2017. Protego: Cloud-Scale Multitenant IPsec Gateway. In 2017 USENIX Annual Technical Conference (USENIX ATC 17). USENIX Association, 473\u2013485."},{"key":"e_1_3_2_1_81_1","unstructured":"Spirent. 2020. Spirent TestCenter: Is it possible to run an RFC2544 throughput test on STC for IPSec?https:\/\/support.spirent.com\/SC_KnowledgeView?Id=FAQ19103 Accessed: 2022-03-24."},{"volume-title":"State-Continuity Scheme. In Proceedings of the 30th Annual Computer Security Applications Conference. 106\u2013115","year":"2014","author":"Strackx Raoul","key":"e_1_3_2_1_82_1","unstructured":"Raoul Strackx, Bart Jacobs, and Frank Piessens. 2014. ICE: A Passive, High-Speed, State-Continuity Scheme. In Proceedings of the 30th Annual Computer Security Applications Conference. 106\u2013115."},{"key":"e_1_3_2_1_83_1","unstructured":"strongSwan Team. (n.d.). strongSwan. https:\/\/www.strongswan.org\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_84_1","unstructured":"TCG. (n.d.). TPM Main Specification. https:\/\/trustedcomputinggroup.org\/resource\/tpm-main-specification\/. Accessed: 2023-3-20."},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1145\/2988336.2988342"},{"key":"e_1_3_2_1_86_1","unstructured":"Keysight Technologies. 2009. Agilent N2X. https:\/\/about.keysight.com\/en\/newsroom\/imagelibrary\/2009\/13may-em09093\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/3268935.3268942"},{"key":"e_1_3_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1145\/3075564.3075572"},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/3185467.3185469"},{"volume-title":"2017 USENIX Annual Technical Conference (USENIX ATC).","year":"2017","author":"Tsai Chia-Che","key":"e_1_3_2_1_90_1","unstructured":"Chia-Che Tsai, Donald\u00a0E Porter, and Mona Vij. 2017. Graphene-SGX: A practical library OS for unmodified applications on SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC)."},{"key":"e_1_3_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.micpro.2019.102861"},{"volume-title":"Foreshadow: Extracting the keys to the intel { SGX} kingdom with transient out-of-order execution. In 27th { USENIX} Security Symposium ({ USENIX} Security 18). 991\u20131008.","year":"2018","author":"Van\u00a0Bulck Jo","key":"e_1_3_2_1_92_1","unstructured":"Jo Van\u00a0Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas\u00a0F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the intel { SGX} kingdom with transient out-of-order execution. In 27th { USENIX} Security Symposium ({ USENIX} Security 18). 991\u20131008."},{"volume-title":"26th USENIX Security Symposium (USENIX Security 17)","year":"2017","author":"Van\u00a0Bulck Jo","key":"e_1_3_2_1_93_1","unstructured":"Jo Van\u00a0Bulck, Nico Weichbrodt, R\u00fcdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In 26th USENIX Security Symposium (USENIX Security 17). 1041\u20131056."},{"key":"e_1_3_2_1_94_1","unstructured":"Common Vulnerabilities and Exposures (CVE). 2010. CVE-2010-0430. https:\/\/www.cvedetails.com\/cve\/CVE-2010-0430\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_95_1","unstructured":"Common Vulnerabilities and Exposures (CVE). 2015. CVE-2015-3340. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-3340 Accessed: 2023-3-20."},{"key":"e_1_3_2_1_96_1","unstructured":"Common Vulnerabilities and Exposures (CVE). 2015. CVE-2015-6385. https:\/\/www.cvedetails.com\/cve\/CVE-2015-6385\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_97_1","unstructured":"Common Vulnerabilities and Exposures (CVE). 2017. CVE-2017-2341. https:\/\/www.cvedetails.com\/cve\/CVE-2017-2341\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_98_1","unstructured":"Common Vulnerabilities and Exposures (CVE). 2018. CVE-2018-0053. https:\/\/www.cvedetails.com\/cve\/CVE-2018-0053\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_99_1","unstructured":"Common Vulnerabilities and Exposures (CVE). 2019. CVE-2019-17346. https:\/\/www.cvedetails.com\/cve\/CVE-2019-17346\/ Accessed: 2023-3-20."},{"key":"e_1_3_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2017.2750067"},{"key":"e_1_3_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274808.3274824"},{"key":"e_1_3_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_22"},{"key":"e_1_3_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1145\/3140659.3080208"},{"key":"e_1_3_2_1_104_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2023","location":"Hong Kong China"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607210","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,16]],"date-time":"2024-10-16T10:33:44Z","timestamp":1729074824000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607210"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":104,"alternative-id":["10.1145\/3607199.3607210","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607210","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}