English
Related papers

Related papers: A Novel Advanced Heap Corruption and Security Meth…

200 papers

In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators…

Operating Systems · Computer Science 2017-09-26 Sam Silvestro , Hongyu Liu , Corey Crosser , Zhiqiang Lin , Tongping Liu

The heap is a critical and widely used component of many applications. Due to its dynamic nature, combined with the complexity of heap management algorithms, it is also a frequent target for security exploits. To enhance the heap's…

Cryptography and Security · Computer Science 2024-06-06 Zhenpeng Lin , Zheng Yu , Ziyi Guo , Simone Campanoni , Peter Dinda , Xinyu Xing

RISC-V is a promising open-source architecture primarily targeted for embedded systems. Programs compiled using the RISC-V toolchain can run bare-metal on the system, and, as such, can be vulnerable to several memory corruption…

Cryptography and Security · Computer Science 2021-05-19 Asmit De , Swaroop Ghosh

Heap-based exploits that leverage memory management errors continue to pose a significant threat to application security. The root cause of these vulnerabilities are the memory management errors within the applications, however various…

Operating Systems · Computer Science 2024-10-24 Stephan Bauroth

In software development, the prevalence of unsafe languages such as C and C++ introduces potential vulnerabilities, especially within the heap, a pivotal component for dynamic memory allocation. Despite its significance, heap management…

Cryptography and Security · Computer Science 2024-09-24 Zheng Yu , Ganxiang Yang , Xinyu Xing

The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically…

Cryptography and Security · Computer Science 2021-06-14 Igor Korkin

Heap memory errors remain a major source of software vulnerabilities. Existing memory safety defenses aim at protecting all objects, resulting in high performance cost and incomplete protection. Instead, we propose an approach that…

Cryptography and Security · Computer Science 2024-08-21 Kaiming Huang , Mathias Payer , Zhiyun Qian , Jack Sampson , Gang Tan , Trent Jaeger

Attacks on heap memory, encompassing memory overflow, double and invalid free, use-after-free (UAF), and various heap spraying techniques are ever-increasing. Existing entropy-based secure memory allocators provide statistical defenses…

Cryptography and Security · Computer Science 2024-05-31 Ruizhe Wang , Meng Xu , N. Asokan

Dynamic memory issues are hard to locate and may cost much of a development project's efforts and was repeatedly reported similarly afterwards independently by different persons. Verification as one formal method may proof a given program's…

Logic in Computer Science · Computer Science 2019-06-28 René Haberland , Kirill Krinkin

The article provides an overview of the existing methods of dynamic memory verification; a comparative analysis is carried out; the applicability for solving problems of control, monitoring, and verification of dynamic memory is evaluated.…

Logic in Computer Science · Computer Science 2022-03-25 René Haberland

Heap layout manipulation is integral to exploiting heap-based memory corruption vulnerabilities. In this paper we present the first automatic approach to the problem, based on pseudo-random black-box search. Our approach searches for the…

Cryptography and Security · Computer Science 2018-09-05 Sean Heelan , Tom Melham , Daniel Kroening

Use-after-free (UAF) is a critical and prevalent problem in memory unsafe languages. While many solutions have been proposed, balancing security, run-time cost, and memory overhead (an impossible trinity) is hard. In this paper, we show one…

Cryptography and Security · Computer Science 2024-05-27 Ruizhe Wang , Meng Xu , N. Asokan

Visible Light Communication (VLC) systems have relatively higher security compared with traditional Radio Frequency (RF) channels due to line-of-sight (LOS) propagation. However, they still are susceptible to eavesdropping. The proposed…

Cryptography and Security · Computer Science 2023-01-13 Ashish Sharma , Harshil Bhatt

As the digital landscape evolves, cybersecurity has become an indispensable focus of IT systems. Its ever-escalating challenges have amplified the importance of digital forensics, particularly in the analysis of heap dumps from main memory.…

Cryptography and Security · Computer Science 2024-04-29 Florian Rascoussier

Current trends in technology, such as cloud computing, allow outsourcing the storage, backup, and archiving of data. This provides efficiency and flexibility, but also poses new risks for data security. It in particular became crucial to…

Cryptography and Security · Computer Science 2017-08-08 Christian Weinert , Denise Demirel , Martín Vigil , Matthias Geihs , Johannes Buchmann

Hardware enclaves rely on a disjoint memory model, which maps each physical address to an enclave to achieve strong memory isolation. However, this severely limits the performance and programmability of enclave programs. While some prior…

We address the problem of securing distributed storage systems against eavesdropping and adversarial attacks. An important aspect of these systems is node failures over time, necessitating, thus, a repair mechanism in order to maintain a…

Information Theory · Computer Science 2011-04-28 Sameer Pawar , Salim El Rouayheb , Kannan Ramchandran

This paper reviews the reasons that Human-in-the-Loop is both critical for preventing widely-understood failure modes for machine learning, and not a practical solution. Following this, we review two current heuristic methods for addressing…

Artificial Intelligence · Computer Science 2018-11-26 David Manheim

Traditionally, HENP computing facilities have been open facilities that are accessed in many different ways by users that are both internal and external to the facility. However, the need to protect the facility from cybersecurity threats…

Computational Physics · Physics 2007-05-23 S. Misawa , O. Rind , T. Throwe

In the existing software development ecosystem, security issues introduced by third-party code cannot be overlooked. Among these security concerns, memory access vulnerabilities stand out prominently, leading to risks such as the theft or…

Cryptography and Security · Computer Science 2025-09-30 Yue Jin , Yibin Xu , Chengyuan Yang , Han Wang , Tianyi Huang , Tianyue Lu , Mingyu Chen
‹ Prev 1 2 3 10 Next ›