English
Related papers

Related papers: GANDALF: A fine-grained hardware-software co-desig…

200 papers

Code-reuse attacks have become a kind of common attack method, in which attackers use the existing code in the program to hijack the control flow. Most existing defenses focus on control flow integrity (CFI), code randomization, and…

Cryptography and Security · Computer Science 2023-03-23 Xiaoqi Song , Wenjie Lv , Haipeng Qu , Lingyun Ying

Data exfiltration attacks have led to huge data breaches. Recently, the Equifax attack affected 147M users and a third-party library - Apache Struts - was alleged to be responsible for it. These attacks often exploit the fact that sensitive…

Cryptography and Security · Computer Science 2019-07-09 Qi Zhang , Zehra Sura , Ashish Kundu , Gong Su , Arun Iyengar , Ling Liu

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent the leakage of data or the diversion of control flow. However, for server…

Cryptography and Security · Computer Science 2018-11-26 Manuel Rigger , Daniel Pekarek , Hanspeter Mössenböck

WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a…

Cryptography and Security · Computer Science 2026-04-07 Weiqi Feng

With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such…

Cryptography and Security · Computer Science 2023-01-13 Robert Schilling , Pascal Nasahl , Martin Unterguggenberger , Stefan Mangard

We introduce a new timing side-channel attack on Intel CPU processors. Our Frontal attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observe…

Cryptography and Security · Computer Science 2021-06-08 Ivan Puddu , Moritz Schneider , Miro Haller , Srdjan Čapkun

Since buffer overflow has long been a frequently occurring, high-risk vulnerability, various methods have been developed to support spatial memory safety and prevent buffer overflow. However, every proposed method, although effective in…

Cryptography and Security · Computer Science 2023-02-15 Seong-Kyun Mok , Eun-Sun Cho

Memory spatial errors, i.e., buffer overflow vulnerabilities, have been a well-known issue in computer security for a long time and remain one of the root causes of exploitable vulnerabilities. Most of the existing mitigation tools adopt a…

Cryptography and Security · Computer Science 2020-04-07 Dongwei Chen , Daliang Xu , Dong Tong , Kang Sun , Xuetao Guan , Chun Yang , Xu Cheng

RowHammer is a major read disturbance mechanism in DRAM where repeatedly accessing (hammering) a row of DRAM cells (DRAM row) induces bitflips in other physically nearby DRAM rows. RowHammer solutions perform preventive actions (e.g.,…

We present a preliminary study of buffer overflow vulnerabilities in CUDA software running on GPUs. We show how an attacker can overrun a buffer to corrupt sensitive data or steer the execution flow by overwriting function pointers, e.g.,…

Cryptography and Security · Computer Science 2015-06-30 Andrea Miele

With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…

Cryptography and Security · Computer Science 2019-08-14 Michael Flanders

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

A stack overflow occurs when a program or process tries to store more data in a buffer (or stack) than it was intended to hold. If the affected program is running with special privileges or accepts data from untrusted network hosts (e.g. a…

Cryptography and Security · Computer Science 2019-11-07 Md. Masudur Rahman , B M Mainul Hossain

Intel software guard extensions (SGX) aims to provide an isolated execution environment, known as an enclave, for a user-level process to maximize its confidentiality and integrity. In this paper, we study how uninitialized data inside a…

Cryptography and Security · Computer Science 2017-10-26 Sangho Lee , Taesoo Kim

Binary program analysis represents a fundamental pillar of modern system security. Fine-grained methodologies like dynamic taint analysis still suffer from deployment complexity and performance overhead despite significant progress.…

Software Engineering · Computer Science 2026-02-04 Zhangbo Long , Letian Sha , Jiaye Pan , Haiping Huang , Dongpeng Xu , Yifei Huang , Fu Xiao

A software vulnerability could be exploited without any visible symptoms. When no source code is available, although such silent program executions could cause very serious damage, the general problem of analyzing silent yet harmful…

Cryptography and Security · Computer Science 2021-02-23 Zhilong Wang , Li Yu , Suhang Wang , Peng Liu

FPGA-based hardware accelerators are becoming increasingly popular due to their versatility, customizability, energy efficiency, constant latency, and scalability. FPGAs can be tailored to specific algorithms, enabling efficient hardware…

Cryptography and Security · Computer Science 2024-05-24 Bharadwaj Madabhushi , Sandip Kundu , Daniel Holcomb

We propose a new defense mechanism against adversarial attacks inspired by an optical co-processor, providing robustness without compromising natural accuracy in both white-box and black-box settings. This hardware co-processor performs a…

Computer Vision and Pattern Recognition · Computer Science 2022-10-03 Alessandro Cappelli , Ruben Ohana , Julien Launay , Laurent Meunier , Iacopo Poli , Florent Krzakala