Practical Enclave Malware with Intel SGX

Michael Schwarz, Samuel Weiser, Daniel Gruß

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Modern CPU architectures offer strong isolation guarantees
towards user applications in the form of enclaves. However, Intel’s threat
model for SGX assumes fully trusted enclaves and there doubt about
how realistic this is. In particular, it is unclear to what extent enclave
malware could harm a system. In this work, we practically demonstrate
the first enclave malware which fully and stealthily impersonates its host
application. Together with poorly-deployed application isolation on personal computers, such malware can not only steal or encrypt documents
for extortion but also act on the user’s behalf, e.g., send phishing emails
or mount denial-of-service attacks. Our SGX-ROP attack uses new TSX-based memory-disclosure primitive and a write-anything-anywhere primitive to construct a code-reuse attack from within an enclave which is
then inadvertently executed by the host application. With SGX-ROP,
we bypass ASLR, stack canaries, and address sanitizer. We demonstrate
that instead of protecting users from harm, SGX currently poses a security threat, facilitating so-called super-malware with ready-to-hit exploits. With our results, we demystify the enclave malware threat and
lay ground for future research on defenses against enclave malware.
Original languageEnglish
Title of host publicationDetection of Intrusions and Malware, and Vulnerability Assessment
Subtitle of host publication16th International Conference, DIMVA 2019, 2019
Place of PublicationCham
PublisherSpringer International
ISBN (Electronic)978-3-030-22038-9
ISBN (Print)978-3-030-22037-2
Publication statusPublished - Jun 2019
Event16th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Gothenburg, Gothenburg, Sweden
Duration: 19 Jun 201920 Jun 2019

Publication series

NameLecture Notes in Computer Science


Conference16th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Abbreviated titleDIMVA 2019
Internet address

ASJC Scopus subject areas

  • Computer Science(all)

Cite this