English
Related papers

Related papers: Securing The Kernel via Static Binary Rewriting an…

200 papers

Linux Seccomp is widely used by the program developers and the system maintainers to secure the operating systems, which can block unused syscalls for different applications and containers to shrink the attack surface of the operating…

Cryptography and Security · Computer Science 2025-10-07 Dongyang Zhan , Zhaofeng Yu , Xiangzhan Yu , Hongli Zhang , Lin Ye

The Linux kernel is one of the most important Free/Libre Open Source Software (FLOSS) projects. It is installed on billions of devices all over the world, which process various sensitive, confidential or simply private data. It is crucial…

Software Engineering · Computer Science 2020-01-07 Denis Efremov , Ilya Shchepetkov

Interactive theorem proving software is typically designed around a trusted proof-checking kernel, the sole system component capable of authenticating theorems. Untrusted automation procedures reside outside of the kernel, and drive it to…

Cryptography and Security · Computer Science 2022-05-09 Dominic P. Mulligan , Nick Spinale

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

Unauthorized data alteration has been a longstanding threat since the emergence of malware. System and application software can be reinstalled and hardware can be replaced, but user data is priceless in many cases. Especially in recent…

Cryptography and Security · Computer Science 2019-05-28 Lianying Zhao , Mohammad Mannan

Monolithic operating systems, where all kernel functionality resides in a single, shared address space, are the foundation of most mainstream computer systems. However, a single flaw, even in a non-essential part of the kernel (e.g., device…

Cryptography and Security · Computer Science 2024-04-16 Soo Yee Lim , Sidhartha Agrawal , Xueyuan Han , David Eyers , Dan O'Keeffe , Thomas Pasquier

The kind of malware designed to conceal malicious system resources (e.g. processes, network connections, files, etc.) is commonly referred to as a rootkit. This kind of malware represents a significant threat in contemporany systems.…

Cryptography and Security · Computer Science 2025-06-10 Enrique Soriano-Salvador , Gorka Guardiola Múzquiz , Juan González Gómez

The security of applications hinges on the trustworthiness of the operating system, as applications rely on the OS to protect code and data. As a result, multiple protections for safeguarding the integrity of kernel code and data are being…

Cryptography and Security · Computer Science 2019-05-16 Salessawi Ferede Yitbarek , Todd Austin

Trusted execution environments (TEEs) provide an environment for running workloads in the cloud without having to trust cloud service providers, by offering additional hardware-assisted security guarantees. However, main memory encryption…

Cryptography and Security · Computer Science 2023-09-25 Jan Wichelmann , Anna Pätschke , Luca Wilke , Thomas Eisenbarth

With the rise of attacks using PowerShell in the recent months, there has not been a comprehensive solution for monitoring or prevention. Microsoft recently released the AMSI solution for PowerShell v5, however this can also be bypassed.…

Cryptography and Security · Computer Science 2017-09-25 Amanda Rousseau

Notebooks provide an author-friendly environment for iterative development, modular execution, and easy sharing. Distributed workflows are increasingly being authored and executed in notebooks, yet sharing and reproducing them remains…

Software Engineering · Computer Science 2026-03-31 Talha Azaz , Raza Ahmad , Md Saiful Islam , Douglas Thain , Tanu Malik

Zipr is a tool for static binary rewriting, first published in 2016. Zipr was engineered to support arbitrary program modification with an emphasis on low overhead, robustness, and flexibility to perform security enhancements and…

Cryptography and Security · Computer Science 2023-12-04 Jason D. Hiser , Anh Nguyen-Tuong , Jack W. Davidson

We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating…

Cryptography and Security · Computer Science 2024-08-05 Sunandan Adhikary , Ipsita Koley , Sumana Ghosh , Saurav Kumar Ghosh , Soumyajit Dey , Debdeep Mukhopadhyay

The static instrumentation of machine code, also known as binary rewriting, is a power technique, but suffers from high runtime overhead compared to compiler-level instrumentation. Recent research has shown that tools can achieve…

Cryptography and Security · Computer Science 2021-05-11 Xiaozhu Meng , Buddhika Chamith , Ryan Newton

With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for…

Cryptography and Security · Computer Science 2010-08-25 Piotr Bania

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow.…

Cryptography and Security · Computer Science 2025-07-09 Oleksii Oleksenko , Flavien Solt , Cédric Fournet , Jana Hofmann , Boris Köpf , Stavros Volos

Leakage of confidential information represents a serious security risk. Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be…

Cryptography and Security · Computer Science 2010-07-07 Jonathan Heusser , Pasquale Malacaria

The Spectre vulnerability in modern processors has been widely reported. The key insight in this vulnerability is that speculative execution in processors can be misused to access the secrets. Subsequently, even though the speculatively…

Cryptography and Security · Computer Science 2019-11-13 Guanhua Wang , Sudipta Chattopadhyay , Ivan Gotovchits , Tulika Mitra , Abhik Roychoudhury

Binary analysis is traditionally used in the realm of malware detection. However, the same technique may be employed by an attacker to analyze the original binaries in order to reverse engineer them and extract exploitable weaknesses. When…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-12-04 Novak Boskov , Mihailo Isakov , Michel A. Kinsy

Extended Berkeley Packet Filter (BPF) has emerged as a powerful method to extend packet-processing functionality in the Linux operating system. BPF allows users to write code in high-level languages (like C or Rust) and execute them at…

Networking and Internet Architecture · Computer Science 2021-07-16 Qiongwen Xu , Michael D. Wong , Tanvi Wagle , Srinivas Narayana , Anirudh Sivaraman