English
Related papers

Related papers: SIGDROP: Signature-based ROP Detection using Hardw…

200 papers

Hardware intellectual property (IP) in the globalized integrated circuit (IC) supply chain is exposed to a wide range of confidentiality and integrity attacks by untrusted third-party entities. Existing IP-level countermeasures, such as…

Cryptography and Security · Computer Science 2026-04-07 Aritra Dasgupta , Sudipta Paria , Swarup Bhunia

Malware detection using Hardware Performance Counters (HPCs) offers a promising, low-overhead approach for monitoring program behavior. However, a fundamental architectural constraint, that only a limited number of hardware events can be…

Cryptography and Security · Computer Science 2026-02-10 Eli Propp , Seyed Majid Zahedi

Website fingerprinting attack is an extensively studied technique used in a web browser to analyze traffic patterns and thus infer confidential information about users. Several website fingerprinting attacks based on machine learning and…

Cryptography and Security · Computer Science 2023-02-28 Guodong Huang , Chuan Ma , Ming Ding , Yuwen Qian , Chunpeng Ge , Liming Fang , Zhe Liu

Defense techniques such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) were the early role models preventing primitive code injection and return-oriented programming (ROP) attacks. Notably, these techniques…

Cryptography and Security · Computer Science 2019-09-23 Christopher Jelesnianski , Jinwoo Yom , Changwoo Min , Yeongjin Jang

Safety is essential for deploying Deep Reinforcement Learning (DRL) algorithms in real-world scenarios. Recently, verification approaches have been proposed to allow quantifying the number of violations of a DRL policy over input-output…

Artificial Intelligence · Computer Science 2023-02-15 Luca Marzari , Enrico Marchesini , Alessandro Farinelli

Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow…

Cryptography and Security · Computer Science 2019-03-26 Long Cheng , Hans Liljestrand , Thomas Nyman , Yu Tsung Lee , Danfeng Yao , Trent Jaeger , N. Asokan

Modern society is getting accustomed to the Internet of Things (IoT) and Cyber-Physical Systems (CPS) for a variety of applications that involves security-critical user data and information transfers. In the lower end of the spectrum, these…

Cryptography and Security · Computer Science 2023-05-08 Avani Dave Nilanjan Banerjee Chintan Patel

Modern microcontroller software is often written in C/C++ and suffers from control-flow hijacking vulnerabilities. Previous mitigations suffer from high performance and memory overheads and require either the presence of memory protection…

Cryptography and Security · Computer Science 2024-09-02 Isaac Richter , Jie Zhou , John Criswell

Advanced persistent threat (APT) attacks remain difficult to detect due to their stealth, adaptability, and use of legitimate system components. Provenance-based intrusion detection systems (PIDS) offer a promising defense by capturing…

Cryptography and Security · Computer Science 2026-05-11 Robin Buchta , Carsten Kleiner , Felix Heine , Gabi Dreo Rodosek

This work evaluates how well hardware-based approaches detect stack buffer overflow (SBO) attacks in RISC-V systems. We conducted simulations on the PULP platform and examined micro-architecture events using semi-supervised anomaly…

Cryptography and Security · Computer Science 2024-06-18 Cristiano Pegoraro Chenet , Ziteng Zhang , Alessandro Savino , Stefano Di Carlo

Dynamic program analysis is invaluable for malware detection, debugging, and performance profiling. However, software-based instrumentation incurs high overhead and can be evaded by anti-analysis techniques. In this paper, we propose…

Cryptography and Security · Computer Science 2025-10-21 Changyu Zhao , Yohan Beugin , Jean-Charles Noirot Ferrand , Quinn Burke , Guancheng Li , Patrick McDaniel

Run-time attacks against programs written in memory-unsafe programming languages (e.g., C and C++) remain a prominent threat against computer systems. The prevalence of techniques like return-oriented programming (ROP) in attacking…

Cryptography and Security · Computer Science 2019-05-27 Hans Liljestrand , Thomas Nyman , Kui Wang , Carlos Chinea Perez , Jan-Erik Ekberg , N. Asokan

PCBs are the core components for the devices ranging from the consumer electronics to military applications. Due to the accessibility of the PCBs, they are vulnerable to the attacks such as probing, eavesdropping, and reverse engineering.…

Cryptography and Security · Computer Science 2019-04-23 Zimu Guo , Xiaolin Xu , Mark M. Tehranipoor , Domenic Forte

RowHammer vulnerabilities pose a significant threat to modern DRAM-based systems, where rapid activation of DRAM rows can induce bit-flips in neighboring rows. To mitigate this, state-of-the-art host-side RowHammer mitigations typically…

Cryptography and Security · Computer Science 2025-05-16 Jeonghyun Woo , Prashant J. Nair

This paper shows how the Xtensa architecture can be attacked with Return-Oriented-Programming (ROP). The presented techniques include possibilities for both supported Application Binary Interfaces (ABIs). Especially for the windowed ABI a…

Cryptography and Security · Computer Science 2022-01-19 Kai Lehniger , Marcin J. Aftowicz , Peter Langendörfer , Zoya Dyka

The wide-spread adoption of system defenses such as the randomization of code, stack, and heap raises the bar for code-reuse attacks. Thus, attackers utilize a scripting engine in target programs like a web browser to prepare the code-reuse…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Philipp Koppe , Thorsten Holz

Android malware still represents the most significant threat to mobile systems. While Machine Learning systems are increasingly used to identify these threats, past studies have revealed that attackers can bypass these detection mechanisms…

Cryptography and Security · Computer Science 2024-01-01 Diego Soi , Davide Maiorca , Giorgio Giacinto , Harel Berger

Return Oriented programming was surfaced first a decade ago, and was built to overcome the buffer exploit defense mechanisms like ASLR, DEP (or W^ X) by method of reusing the system code in the form of gadgets which are stitched together to…

Cryptography and Security · Computer Science 2017-06-28 Sunil Kumar Sathyanarayan , Dr. Makan Pourzandi , Katayoun Aliyari

Software connected to the Internet is an attractive target for attackers: as soon as a security flaw is known, services may be taken under attack. In contrast, software developers release updates to add further features and fix flaws in…

Cryptography and Security · Computer Science 2019-12-23 Christian A. Gorke , Frederik Armknecht

RISC-V is a recently developed open instruction set architecture gaining a lot of attention. To achieve a lasting security on these systems and design efficient countermeasures, a better understanding of vulnerabilities to novel and…

Cryptography and Security · Computer Science 2023-07-25 Loïc Buckwell , Olivier Gilles , Daniel Gracia Pérez , Nikolai Kosmatov