English
Related papers

Related papers: Security Mitigations for Return-Oriented Programmi…

200 papers

Existing countermeasures for hardware IP protection, such as obfuscation, camouflaging, and redaction, aim to defend against confidentiality and integrity attacks. However, within the current threat model, these techniques overlook the…

Cryptography and Security · Computer Science 2025-01-22 Aritra Dasgupta , Sudipta Paria , Christopher Sozio , Andrew Lukefahr , Swarup Bhunia

Malware is one of the most common and severe cyber-attack today. Malware infects millions of devices and can perform several malicious activities including mining sensitive data, encrypting data, crippling system performance, and many more.…

Cryptography and Security · Computer Science 2024-01-30 Pascal Maniriho , Abdun Naser Mahmood , Mohammad Jabed Morshed Chowdhury

Modern organizations struggle with insurmountable number of vulnerabilities that are discovered and reported by their network and application vulnerability scanners. Therefore, prioritization and focus become critical, to spend their…

Cryptography and Security · Computer Science 2022-06-23 Constantin Adam , Muhammed Fatih Bulut , Daby Sow , Steven Ocepek , Chris Bedell , Lilian Ngweta

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the…

Cryptography and Security · Computer Science 2018-03-13 Thomas Nyman , Ghada Dessouky , Shaza Zeitouni , Aaro Lehikoinen , Andrew Paverd , N. Asokan , Ahmad-Reza Sadeghi

We present a novel class of jailbreak adversarial attacks on LLMs, termed Task-in-Prompt (TIP) attacks. Our approach embeds sequence-to-sequence tasks (e.g., cipher decoding, riddles, code execution) into the model's prompt to indirectly…

Cryptography and Security · Computer Science 2025-06-03 Sergey Berezin , Reza Farahbakhsh , Noel Crespi

The wide-spread adoption of system defenses such as the randomization of code, stack, and heap raises the bar for code-reuse attacks. Thus, attackers utilize a scripting engine in target programs like a web browser to prepare the code-reuse…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Philipp Koppe , Thorsten Holz

Despite the deployment of preventive security mechanisms to protect the assets and computing platforms of users, intrusions eventually occur. We propose a novel intrusion survivability approach to withstand ongoing intrusions. Our approach…

Cryptography and Security · Computer Science 2019-12-17 Ronny Chevalier , David Plaquin , Chris Dalton , Guillaume Hiet

Just-in-time return-oriented programming (JIT-ROP) is a powerful memory corruption attack that bypasses various forms of code randomization. Execute-only memory (XOM) can potentially prevent these attacks, but requires source code. In…

Cryptography and Security · Computer Science 2020-07-08 Jannik Pewny , Philipp Koppe , Lucas Davi , Thorsten Holz

With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…

Cryptography and Security · Computer Science 2019-08-14 Michael Flanders

Fault-tolerant routing (FTR) in Networks-on-Chip (NoCs) has become a common practice to sustain the performance of multi-core systems with an increasing number of faults on a chip. On the other hand, usage of third-party intellectual…

Hardware Architecture · Computer Science 2019-08-02 N Prasad , Navonil Chatterjee , Santanu Chattopadhyay , Indrajit Chakrabarti

With the advancement of technology, large language models (LLMs) have achieved remarkable performance across various natural language processing (NLP) tasks, powering LLM-integrated applications like Microsoft Copilot. However, as LLMs…

Cryptography and Security · Computer Science 2025-08-05 Yulin Chen , Haoran Li , Zihao Zheng , Yangqiu Song , Dekai Wu , Bryan Hooi

Machine-learning techniques are widely used in security-related applications, like spam and malware detection. However, in such settings, they have been shown to be vulnerable to adversarial attacks, including the deliberate manipulation of…

Machine Learning · Computer Science 2017-09-04 Ambra Demontis , Paolo Russu , Battista Biggio , Giorgio Fumera , Fabio Roli

The Rowhammer bug allows unauthorized modification of bits in DRAM cells from unprivileged software, enabling powerful privilege-escalation attacks. Sophisticated Rowhammer countermeasures have been presented, aiming at mitigating the…

Cryptography and Security · Computer Science 2018-02-01 Daniel Gruss , Moritz Lipp , Michael Schwarz , Daniel Genkin , Jonas Juffinger , Sioli O'Connell , Wolfgang Schoechl , Yuval Yarom

Malware detectors based on deep learning (DL) have been shown to be susceptible to malware examples that have been deliberately manipulated in order to evade detection, a.k.a. adversarial malware examples. More specifically, it has been…

Cryptography and Security · Computer Science 2024-03-14 Daniel Gibert , Giulio Zizzo , Quan Le

In this paper we present three attacks on private internal networks behind a NAT and a corresponding new protection mechanism, Internal Network Policy, to mitigate a wide range of attacks that penetrate internal networks behind a NAT. In…

Cryptography and Security · Computer Science 2019-10-04 Yehuda Afek , Anat Bremler-Barr , Alon Noy

With lowering thresholds, transparently defending against Rowhammer within DRAM is challenging due to the lack of time to perform mitigation. Commercially deployed in-DRAM defenses like TRR that steal time from normal refreshes~(REF) to…

Cryptography and Security · Computer Science 2025-01-14 Hritvik Taneja , Moinuddin Qureshi

Malware is a security threat, and various means are adapted to detect and block them. In this paper, we demonstrate a method where malware can evade malware analysis. The method is based on single-step reverse execution of code using the…

Cryptography and Security · Computer Science 2021-11-30 Adhokshaj Mishra , Animesh Roy , Manjesh Kumar Hanawal

Most attacks are launched inside the companies by the employees of the same company. These kinds of attacks are generally against layer-2, not against layer-3 or IP. These attacks abuse the switch operation at layer-2. One of the attacks of…

Cryptography and Security · Computer Science 2017-08-07 Yuksel Arslan

Gradient-based adversarial attacks on deep neural networks pose a serious threat, since they can be deployed by adding imperceptible perturbations to the test data of any network, and the risk they introduce cannot be assessed through the…

Cryptography and Security · Computer Science 2021-04-06 Rehana Mahfuz , Rajeev Sahay , Aly El Gamal

To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well-known, however, that attackers can exploit…

Cryptography and Security · Computer Science 2019-07-04 Jens Van den Broeck , Bart Coppens , Bjorn De Sutter