English
Related papers

Related papers: Algorithmic Diversity for Software Security

200 papers

In this paper, we report our ongoing investigations of the inherent non-determinism in contemporary execution environments that can potentially lead to divergence in state of a multi-channel hardware/software system. Our approach involved…

Distributed, Parallel, and Cluster Computing · Computer Science 2015-10-09 Peter Okech , Nicholas Mc Guire , William Okelo-Odongo

Tamper-resistance is a fundamental software security research area. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, to our best knowledge, none of them can…

Cryptography and Security · Computer Science 2015-06-10 Hui Xu , Yangfan Zhou , Michael R. Lyu

As automatic optimization techniques find their way into industrial applications, the behavior of many complex systems is determined by some form of planner picking the right actions to optimize a given objective function. In many cases,…

Neural and Evolutionary Computing · Computer Science 2018-10-31 Thomas Gabor , Lenz Belzner , Thomy Phan , Kyrill Schmid

The open-source Helix++ project improves the security posture of computing platforms by applying cutting-edge cybersecurity techniques to diversify and harden software automatically. A distinguishing feature of Helix++ is that it does not…

Cryptography and Security · Computer Science 2023-04-12 Jack W. Davidson , Jason D. Hiser , Anh Nguyen-Tuong

Maximum diversity aims at selecting a diverse set of high-quality objects from a collection, which is a fundamental problem and has a wide range of applications, e.g., in Web search. Diversity under a uniform or partition matroid constraint…

Data Structures and Algorithms · Computer Science 2021-04-13 Guangyi Zhang , Aristides Gionis

Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming (OOP)…

Software Engineering · Computer Science 2025-09-10 Mterorga Ukor

With the recent growth in the number of malicious activities on the internet, cybersecurity research has seen a boost in the past few years. However, as certain variants of malware can provide highly lucrative opportunities for bad actors,…

Cryptography and Security · Computer Science 2019-11-20 Amir Atapour-Abarghouei , Stephen Bonner , Andrew Stephen McGough

In spam and malware detection, attackers exploit randomization to obfuscate malicious data and increase their chances of evading detection at test time; e.g., malware code is typically obfuscated using random strings or byte sequences to…

Machine Learning · Computer Science 2016-09-07 Samuel Rota Bulò , Battista Biggio , Ignazio Pillai , Marcello Pelillo , Fabio Roli

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software (OSS) is included in the…

Software Engineering · Computer Science 2025-09-23 James J. Cusick

Though deep neural networks have achieved significant progress on various tasks, often enhanced by model ensemble, existing high-performance models can be vulnerable to adversarial attacks. Many efforts have been devoted to enhancing the…

Machine Learning · Computer Science 2019-05-30 Tianyu Pang , Kun Xu , Chao Du , Ning Chen , Jun Zhu

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities…

Cryptography and Security · Computer Science 2017-07-26 Benjamin L. Bullough , Anna K. Yanchenko , Christopher L. Smith , Joseph R. Zipkin

CPU caches introduce variations into the execution time of programs that can be exploited by adversaries to recover private information about users or cryptographic keys. Establishing the security of countermeasures against this threat…

Cryptography and Security · Computer Science 2017-05-12 Goran Doychev , Boris Köpf

A number of security mechanisms have been proposed to harden programs written in unsafe languages, each of which mitigates a specific type of memory error. Intuitively, enforcing multiple security mechanisms on a target program will improve…

Cryptography and Security · Computer Science 2017-06-01 Meng Xu , Kangjie Lu , Taesoo Kim , Wenke Lee

Adversarial attacks often involve random perturbations of the inputs drawn from uniform or Gaussian distributions, e.g., to initialize optimization-based white-box attacks or generate update directions in black-box attacks. These simple…

Machine Learning · Computer Science 2020-11-02 Yusuke Tashiro , Yang Song , Stefano Ermon

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Population diversity plays a key role in evolutionary algorithms that enables global exploration and avoids premature convergence. This is especially more crucial in dynamic optimization in which diversity can ensure that the population…

Neural and Evolutionary Computing · Computer Science 2019-10-15 Maryam Hasani-Shoreh , Frank Neumann

This paper presents DAEDALUS, a software diversity-based framework designed to resist ROP attacks on Linux-based IoT devices. DAEDALUS generates unique, semantically equivalent but syntactically different rewrites of IoT firmware,…

Cryptography and Security · Computer Science 2024-01-30 Islam Obaidat , Meera Sridhar , Fatemeh Tavakoli

Cybersecurity threat and risk analysis (RA) approaches are used to identify and mitigate security risks early-on in the software development life-cycle. Existing approaches automate only parts of the analysis procedure, leaving key…

Software Engineering · Computer Science 2022-08-04 Katja Tuma , Romy Van Der Lee

Context: Interest in diversity in software development has significantly increased in recent years. Reporting on diversity in software projects can enhance user trust and assist regulators in evaluating adoption. Recent AI directives…

Software Engineering · Computer Science 2025-10-29 Joan Giner-Miguelez , Sergio Morales , Sergio Cobos , Javier Luis Canovas Izquierdo , Robert Clariso , Jordi Cabot

With the discovery of new exploit techniques, new protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for…

Cryptography and Security · Computer Science 2010-08-25 Piotr Bania