English
Related papers

Related papers: Control-Flow Integrity: Precision, Security, and P…

200 papers

Microcontroller-based embedded systems are vital in daily life, but are especially vulnerable to control-flow hijacking attacks due to hardware and software constraints. Control-Flow Attestation (CFA) aims to precisely attest the execution…

Cryptography and Security · Computer Science 2025-01-22 Md Armanuzzaman , Engin Kirda , Ziming Zhao

In a software system it is possible to quantify the amount of information that is leaked or corrupted by analysing the flows of information present in the source code. In a cyber-physical system, information flows are not only present at…

Cryptography and Security · Computer Science 2017-08-17 Eric Rothstein Morris , Carlos G. Murguia , Martín Ochoa

Current compilers implement security features and optimizations that require nontrivial semantic reasoning about pointers and memory allocation: the program after the insertion of the security feature, or after applying the optimization,…

Logic in Computer Science · Computer Science 2023-12-14 David Monniaux

Maintaining the security of control systems in the presence of integrity attacks is a significant challenge. In literature, several possible attacks against control systems have been formulated including replay, false data injection, and…

Systems and Control · Computer Science 2017-06-27 Sean Weerakkody , Bruno Sinopoli

Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache…

Cryptography and Security · Computer Science 2025-05-09 MD Mahady Hassan , Shanto Roy , Reza Rahaeimehr

This position paper argues that securing LLM agents requires first defining an end-to-end correctness property that specifies when an agent's execution faithfully reflects the user's intent. Modern LLM agents operate over an…

Cryptography and Security · Computer Science 2026-05-19 Wenjie Qu , Ming Xu , Peiran Wang , Shengfang Zhai , Jiaheng Zhang , Dawn Song

Cyber-Physical Systems (CPS) integrate sensing, communication, computation, and control to support critical infrastructure, including smart grids, industrial automation, and control systems. In the electrical utility domain, various…

Cryptography and Security · Computer Science 2026-05-28 Abile Jean , Kuniyilh S

Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often…

Continuous integration (CI) has become a ubiquitous practice in modern software development, with major code hosting services offering free automation on popular platforms. CI offers major benefits, as it enables detecting bugs in code…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-04-03 Todd Gamblin , Daniel S. Katz

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent the leakage of data or the diversion of control flow. However, for server…

Cryptography and Security · Computer Science 2018-11-26 Manuel Rigger , Daniel Pekarek , Hanspeter Mössenböck

In the last two decades, the evolving cyber-threat landscape has brought to center stage the contentious tradeoffs between the security and performance of modern microprocessors. The guarantees provided by the hardware to ensure no…

Cryptography and Security · Computer Science 2023-05-26 Nikhilesh Singh , Vinod Ganesan , Chester Rebeiro

Trusted Execution Environments (TEEs) allow the secure execution of code on remote systems without the need to trust their operators. They use static attestation as a central mechanism for establishing trust, allowing remote parties to…

Cryptography and Security · Computer Science 2026-04-01 Claudius Pott , Luca Wilke , Jan Wichelmann , Thomas Eisenbarth

Information flow security ensures that the secret data manipulated by a program does not influence its observable output. Proving information flow security is especially challenging for concurrent programs, where operations on secret data…

Cryptography and Security · Computer Science 2023-04-12 Marco Eilers , Thibault Dardinier , Peter Müller

Error-bounded lossy compression is becoming more and more important to today's extreme-scale HPC applications because of the ever-increasing volume of data generated because it has been widely used in in-situ visualization, data stream…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-11-24 Baodi Shan , Aabid Shamji , Jiannan Tian , Guanpeng Li , Dingwen Tao

Verifying integrity of software execution in low-end micro-controller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low…

Cryptography and Security · Computer Science 2021-03-25 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Gene Tsudik

The continuous integration and continuous deployment (CI/CD) pipelines are widely adopted on Internet hosting platforms, such as GitHub. With the popularity, the CI/CD pipeline faces various security threats. However, current CI/CD…

Cryptography and Security · Computer Science 2024-02-01 Ziyue Pan , Wenbo Shen , Xingkai Wang , Yutian Yang , Rui Chang , Yao Liu , Chengwei Liu , Yang Liu , Kui Ren

Memory-safety attacks have been one of the most critical threats against computing systems. Although a wide-range of defense techniques have been developed against these attacks, the existing mitigation strategies have several limitations.…

Cryptography and Security · Computer Science 2019-09-20 Eyasu Getahun Chekole , Unnikrishnan Cheramangalath , Sudipta Chattopadhyay , Martin Ochoa , Guo Huaqun

CPU caches introduce variations into the execution time of programs that can be exploited by adversaries to recover private information about users or cryptographic keys. Establishing the security of countermeasures against this threat…

Cryptography and Security · Computer Science 2017-05-12 Goran Doychev , Boris Köpf

This paper studies the problem of reasoning about flow security properties in virtualised computing networks with mobility from perspective of formal language. We propose a distributed process algebra CSP_{4v} with security labelled…

Cryptography and Security · Computer Science 2020-04-14 Chunyan Mu

Memory corruption attacks remain the primary threat for computer security. Information flow tracking or taint analysis has been proven to be effective against most memory corruption attacks. However, there are two shortcomings with current…

Cryptography and Security · Computer Science 2015-03-13 Pankaj Kohli