English
Related papers

Related papers: A Type System for Data-Flow Integrity on Windows V…

200 papers

We introduce the use, monitoring, and enforcement of integrity constraints in trust management-style authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then…

Cryptography and Security · Computer Science 2007-05-23 Sandro Etalle , William H. Winsborough

Critical software systems face stringent requirements in safety, security, and reliability due to the circumstances surrounding their operation. Safety and security have progressively gained importance over the years due to the integration…

Software Engineering · Computer Science 2015-12-16 Julio Escribano-Barreno , Marisol García-Valls

Secure software architecture is increasingly important in a data-driven world. When security is neglected sensitive information might leak through unauthorized access. To mitigate this software architects needs tools and methods to quantify…

Software Engineering · Computer Science 2024-01-17 Rasmus Carl Rønneberg

Spatial memory safety violation is still a major issue for C programs. Checked-C is a safe dialect of C and extends it with Checked pointer types and annotations that guarantee spatial memory safety in a backward-compatible manner, allowing…

Cryptography and Security · Computer Science 2023-02-06 Liyi Li , Arunkumar Bhattar , Le Chang , Mingwei Zhu , Aravind Machiry

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Scott A. Carr , Joseph Nash , Per Larsen , Michael Franz , Stefan Brunthaler , Mathias Payer

Type systems hide data that is captured by function closures in function types. In most cases this is a beneficial design that favors simplicity and compositionality. However, some applications require explicit information about the data…

Programming Languages · Computer Science 2013-12-03 Gabriel Scherer , Jan Hoffmann

Control flow integrity (CFI) has received significant attention in the community to combat control hijacking attacks in the presence of memory corruption vulnerabilities. The challenges in creating a practical CFI has resulted in the…

Cryptography and Security · Computer Science 2020-02-17 Reza Mirzazade Farkhani , Saman Jafari , Sajjad Arshad , William Robertson , Engin Kirda , Hamed Okhravi

Attestation means providing evidence that a remote target system is worthy of trust for some sensitive interaction. Although attestation is already used in network access control, security management, and trusted execution environments, it…

Cryptography and Security · Computer Science 2026-03-09 Will Thomas , Logan Schmalz , Adam Petz , Perry Alexander , Joshua D. Guttman , Paul D. Rowe , James Carter

Databases in the past have helped businesses maintain and extract insights from their data. Today, it is common for a business to involve multiple independent, distrustful parties. This trend towards decentralization introduces a new and…

Databases · Computer Science 2020-08-24 Meihui Zhang , Zhongle Xie , Cong Yue , Ziyue Zhong

CFI is a computer security technique that detects runtime attacks by monitoring a program's branching behavior. This work presents a detailed analysis of the security policies enforced by 21 recent hardware-based CFI architectures. The goal…

Cryptography and Security · Computer Science 2017-08-01 Ruan de Clercq , Ingrid Verbauwhede

Individuals lack oversight over systems that process their data. This can lead to discrimination and hidden biases that are hard to uncover. Recent data protection legislation tries to tackle these issues, but it is inadequate. It does not…

Software Engineering · Computer Science 2023-05-22 Valentin Zieglmeier , Alexander Pretschner

We introduce two-sided type systems, which are sequent calculi for typing formulas. Two-sided type systems allow for hypothetical reasoning over the typing of compound program expressions, and the refutation of typing formulas. By…

Programming Languages · Computer Science 2023-10-23 Steven Ramsay , Charlie Walpole

Advanced Persistent Threats (APTs) are stealthy customized attacks by intelligent adversaries. This paper deals with the detection of APTs that infiltrate cyber systems and compromise specifically targeted data and/or infrastructures.…

Computer Science and Game Theory · Computer Science 2021-06-29 Shana Moothedath , Dinuka Sahabandu , Joey Allen , Andrew Clark , Linda Bushnell , Wenke Lee , Radha Poovendran

Latency-insensitive design mitigates increasing interconnect delay and enables productive component reuse in complex digital systems. This design style has been adopted in high-level design flows because untimed functional blocks connected…

Logic in Computer Science · Computer Science 2021-02-19 Steve Dai , Alicia Klinefelter , Haoxing Ren , Rangharajan Venkatesan , Ben Keller , Nathaniel Pinckney , Brucek Khailany

It is a strength of graph-based data formats, like RDF, that they are very flexible with representing data. To avoid run-time errors, program code that processes highly-flexible data representations exhibits the difficulty that it must…

Programming Languages · Computer Science 2019-07-02 Martin Leinberger , Philipp Seifer , Claudia Schon , Ralf Lämmel , Steffen Staab

Operating systems are vital system software that, without them, humans would not be able to manage and use computer systems. In essence, an operating system is a collection of software programs whose role is to manage computer resources and…

Operating Systems · Computer Science 2012-04-03 Youssef Bassil

We present an approach for verifying systems at runtime. Our approach targets distributed systems whose components communicate with monitors over unreliable channels, where messages can be delayed, reordered, or even lost. Furthermore, our…

Logic in Computer Science · Computer Science 2019-09-26 David Basin , Felix Klaedtke , Eugen Zalinescu

Prior research yielded many techniques to mitigate software compromise for low-end Internet of Things (IoT) devices. Some of them detect software modifications via remote attestation and similar services, while others preventatively ensure…

Cryptography and Security · Computer Science 2025-01-17 Sashidhar Jakkamsetti , Youngil Kim , Andrew Searles , Gene Tsudik

The Internet of Things paradigm improves the classical information sharing scheme. However, it has increased the need for granting the security of the connected systems. In the industrial field, the problem becomes more complex due to the…

Systems and Control · Electrical Eng. & Systems 2019-10-04 Federica Battisti , Giuseppe Bernieri , Marco Carli , Michela Lopardo , Federica Pascucci

Distributed intrustion detection systems detect attacks on computer systems by analyzing data aggregated from distributed sources. The distributed nature of the data sources allows patterns in the data to be seen that might not be…

Cryptography and Security · Computer Science 2007-05-23 Michael Treaster