English
Related papers

Related papers: Fully Countering Trusting Trust through Diverse Do…

200 papers

Modern software deployment process produces software that is uniform, and hence vulnerable to large-scale code-reuse attacks. Compiler-based diversification improves the resilience and security of software systems by automatically…

Cryptography and Security · Computer Science 2020-07-20 Rodothea Myrsini Tsoupidi , Roberto Castañeda Lozano , Benoit Baudry

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. Following prior work, we advocate using secure program partitioning to synthesize cryptographic…

Cryptography and Security · Computer Science 2024-01-10 Coşku Acay , Joshua Gancher , Rolph Recto , Andrew C. Myers

CompCert is the first realistic formally verified compiler: it provides a machine-checked mathematical proof that the code it generates matches the source code. Yet, there could be loopholes in this approach. We comprehensively analyze…

Logic in Computer Science · Computer Science 2022-10-11 David Monniaux , Sylvain Boulmé

In the software engineering community, deep learning (DL) has recently been applied to many source code processing tasks. Due to the poor interpretability of DL models, their security vulnerabilities require scrutiny. Recently, researchers…

Software Engineering · Computer Science 2022-11-01 Jia Li , Zhuo Li , Huangzhao Zhang , Ge Li , Zhi Jin , Xing Hu , Xin Xia

Compartmentalization is good security-engineering practice. By breaking a large software system into mutually distrustful components that run with minimal privileges, restricting their interactions to conform to well-defined interfaces, we…

Cryptography and Security · Computer Science 2017-04-18 Yannis Juglaret , Catalin Hritcu , Arthur Azevedo de Amorim , Boris Eng , Benjamin C. Pierce

A Digital Twin (DT) is a digital representation of a physical object used to simulate it before it is built or to predict failures after the object is deployed. In this article, we introduce our approach, which applies the concept of a…

Cryptography and Security · Computer Science 2021-10-01 Ana Cristina Franco da Silva , Stefan Wagner , Eddie Lazebnik , Eyal Traitel

Many systems today distribute trust across multiple parties such that the system provides certain security properties if a subset of the parties are honest. In the past few years, we have seen an explosion of academic and industrial…

Cryptography and Security · Computer Science 2022-11-11 Emma Dauterman , Vivian Fang , Natacha Crooks , Raluca Ada Popa

Traditional redundancy (lockstep, TMR) executes identical binaries with identical memory layouts. A single correlated fault - for example, an arbitrary program counter value or a perturbation delta-PC in all replicas - redirects all…

Programming Languages · Computer Science 2026-05-14 Petro Baran Yrievich

Weird machines---the computational models accessible by exploiting security vulnerabilities---arise from the difference between the model a programmer has in her head of how her program should run and the implementation that actually…

Cryptography and Security · Computer Science 2019-11-04 Jennifer Paykin , Eric Mertens , Mark Tullsen , Luke Maurer , Benoît Razet , Alexander Bakst , Scott Moore

Despite their strong performance on reasoning benchmarks, large language models (LLMs) have proven brittle when presented with counterfactual questions, suggesting weaknesses in their causal reasoning ability. While recent work has…

Machine Learning · Computer Science 2026-02-20 Victoria Lin , Xinnuo Xu , Rachel Lawrence , Risa Ueno , Amit Sharma , Javier Gonzalez , Niranjani Prasad

While vulnerability research often focuses on technical findings and post-public release industrial response, we provide an analysis of the rest of the story: the coordinated disclosure process from discovery through public release. The…

Cryptography and Security · Computer Science 2022-09-23 Nicholas Boucher , Ross Anderson

Application developers often place executable assertions -- equipped with program-specific predicates -- in their system, targeting programming errors. However, these detectors can detect data errors resulting from transient hardware faults…

Software Engineering · Computer Science 2016-08-23 Michael Lenz , Horst Schirmeier

We propose a new formal criterion for secure compilation, providing strong security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion goes beyond recent proposals, which protect…

A compiler is fully-abstract if the compilation from source language programs to target language programs reflects and preserves behavioural equivalence. Such compilers have important security benefits, as they limit the power of an…

Programming Languages · Computer Science 2023-06-22 Dominique Devriese , Marco Patrignani , Frank Piessens , Steven Keuchel

The trend of increasing cluster sizes of supercomputers leads to a growing susceptibility to Silent Data Corruption (SDC) that can invalidate program results. A common strategy for SDC protection is replication, where the computation is…

Distributed, Parallel, and Cluster Computing · Computer Science 2026-05-29 Mia Reitz , Claudia Fohry

Multi-Party Quantum Computation (MPQC) has attracted a lot of attention as a potential killer-app for quantum networks through it's ability to preserve privacy and integrity of the highly valuable computations they would enable.…

Quantum Physics · Physics 2023-04-18 Theodoros Kapourniotis , Elham Kashefi , Luka Music , Harold Ollivier

Cyber-Physical Systems (CPS) are abundant in safety-critical domains such as healthcare, avionics, and autonomous vehicles. Formal verification of their operational safety is, therefore, of utmost importance. In this paper, we address the…

Cryptography and Security · Computer Science 2025-05-08 Atanu Kundu , Sauvik Gon , Rajarshi Ray

Compilers are fundamental to modern software development, making the effective identification and resolution of compiler faults essential. However, localizing these faults to specific source files remains highly challenging due to the…

Software Engineering · Computer Science 2025-12-30 Qingyang Li , Yibiao Yang , Maolin Sun , Jiangchang Wu , Qingkai Shi , Yuming Zhou

Control flow integrity (CFI) has received significant attention in the community to combat control hijacking attacks in the presence of memory corruption vulnerabilities. The challenges in creating a practical CFI has resulted in the…

Cryptography and Security · Computer Science 2020-02-17 Reza Mirzazade Farkhani , Saman Jafari , Sajjad Arshad , William Robertson , Engin Kirda , Hamed Okhravi

Backdoor (Trojan) attacks are emerging threats against deep neural networks (DNN). A DNN being attacked will predict to an attacker-desired target class whenever a test sample from any source class is embedded with a backdoor pattern; while…

Cryptography and Security · Computer Science 2021-12-08 Xi Li , Zhen Xiang , David J. Miller , George Kesidis