English
Related papers

Related papers: Control-Flow Integrity: Precision, Security, and P…

200 papers

Integer overflows in commodity software are a main source for software bugs, which can result in exploitable memory corruption vulnerabilities and may eventually contribute to powerful software based exploits, i.e., code reuse attacks…

Cryptography and Security · Computer Science 2017-11-06 Paul Muntean , Jens Grossklags , Claudia Eckert

Circuit compilation, a crucial process for adapting quantum algorithms to hardware constraints, often operates as a ``black box,'' with limited visibility into the optimization techniques used by proprietary systems or advanced open-source…

Quantum Physics · Physics 2025-04-29 Satwik Kundu , Swaroop Ghosh

Performance/security trade-off is widely noticed in CFI research, however, we observe that not every CFI scheme is subject to the trade-off. Motivated by the key observation, we ask three questions. Although the three questions probably…

Cryptography and Security · Computer Science 2021-01-12 Zhilong Wang , Peng Liu

Continuous Integration and Continuous Deployment (CI/CD) pipeline automates software development to speed up and enhance the efficiency of engineering software. These workflows consist of various jobs, such as code validation and testing,…

Software Engineering · Computer Science 2025-04-17 Simin Sun , David Friberg , Miroslaw Staron

Programmers of cryptographic applications written in C need to avoid common mistakes such as sending private data over public channels, modifying trusted data with untrusted functions, or improperly ordering protocol steps. These secrecy,…

Cryptography and Security · Computer Science 2019-07-04 Darion Cassel , Yan Huang , Limin Jia

As AI agents become increasingly autonomous and capable, ensuring their security against vulnerabilities such as prompt injection becomes critical. This paper explores the use of information-flow control (IFC) to provide security guarantees…

We present a preliminary study of buffer overflow vulnerabilities in CUDA software running on GPUs. We show how an attacker can overrun a buffer to corrupt sensitive data or steer the execution flow by overwriting function pointers, e.g.,…

Cryptography and Security · Computer Science 2015-06-30 Andrea Miele

As currently classical malware detection methods based on signatures fail to detect new malware, they are not always efficient with new obfuscation techniques. Besides, new malware is easily created and old malware can be recoded to produce…

Cryptography and Security · Computer Science 2016-09-13 Andree Linke , Nhien-An Le-Khac

As modern hardware designs grow in complexity and size, ensuring security across the confidentiality, integrity, and availability (CIA) triad becomes increasingly challenging. Information flow tracking (IFT) is a widely-used approach to…

Cryptography and Security · Computer Science 2025-04-10 Nowfel Mashnoor , Mohammad Akyash , Hadi Kamali , Kimia Azar

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun

We use browsers daily to access all sorts of information. Because browsers routinely process scripts, media, and executable code from unknown sources, they form a critical security boundary between users and adversaries. A common attack…

Cryptography and Security · Computer Science 2025-09-11 Nils Bars , Lukas Bernhard , Moritz Schloegel , Thorsten Holz

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

Conformal prediction aims to determine precise levels of confidence in predictions for new objects using past experience. However, the commonly used exchangeable assumptions between the training data and testing data limit its usage in…

Machine Learning · Statistics 2022-10-18 Youhui Ye , Meimei Liu , Xin Xing

Cache coherence protocols based on self-invalidation and self-downgrade have recently seen increased popularity due to their simplicity, potential performance efficiency, and low energy consumption. However, such protocols result in memory…

Logic in Computer Science · Computer Science 2023-06-22 Parosh Aziz Abdulla , Mohamed Faouzi Atig , Stefanos Kaxiras , Carl Leonardsson , Alberto Ros , Yunyun Zhu

Maintaining confidential information control in software is a persistent security problem where failure means secrets can be revealed via program behaviors. Information flow control techniques traditionally have been based on static or…

Software Engineering · Computer Science 2021-08-30 Ibrahim Mesecan , Daniel Blackwell , David Clark , Myra B. Cohen , Justyna Petke

Microarchitectural attacks exploit the abstraction gap between the Instruction Set Architecture (ISA) and how instructions are actually executed by processors to compromise the confidentiality and integrity of a system. To secure systems…

Cryptography and Security · Computer Science 2020-12-29 Marco Guarnieri , Marco Patrignani

In recent years, non-control-data attacks have be come a research hotspot in the field of network security, driven by the increasing number of defense methods against control-flow hijacking attacks. These attacks exploit memory…

Cryptography and Security · Computer Science 2025-11-28 Lei Chong

Methods for proving that concurrent software does not leak its secrets has remained an active topic of research for at least the past four decades. Despite an impressive array of work, the present situation remains highly unsatisfactory.…

Logic in Computer Science · Computer Science 2020-01-31 Daniel Schoepe , Toby Murray , Andrei Sabelfeld

This paper considers the development of information flow analyses to support resilient design and active detection of adversaries in cyber physical systems (CPS). The area of CPS security, though well studied, suffers from fragmentation. In…

Systems and Control · Computer Science 2016-03-21 Sean Weerakkody , Bruno Sinopoli , Soummya Kar , Anupam Datta

Memory safety bugs remain in the top ranks of security vulnerabilities, even after decades of research on their detection and prevention. Various mitigations have been proposed for C/C++, ranging from language dialects to instrumentation.…

Cryptography and Security · Computer Science 2023-05-12 Konrad Hohentanner , Philipp Zieris , Julian Horsch