English
Related papers

Related papers: Execution Integrity with In-Place Encryption

200 papers

In this paper, we introduce a formal notion of partial compliance, called Attack-resistance, of a computer program running together with a defense mechanism w.r.t a non-exploitability specification. In our setting, a program may contain…

Cryptography and Security · Computer Science 2015-06-15 Vijay Ganesh , Sebastian Banescu , Martín Ochoa

Injection attacks have been a major threat to web applications. Despite the significant effort in thwarting injection attacks, protection against injection attacks remains challenging due to the sophisticated attacks that exploit the…

Cryptography and Security · Computer Science 2021-09-20 Meng Wang , Chijung Jung , Ali Ahad , Yonghwi Kwon

Defense techniques such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) were the early role models preventing primitive code injection and return-oriented programming (ROP) attacks. Notably, these techniques…

Cryptography and Security · Computer Science 2019-09-23 Christopher Jelesnianski , Jinwoo Yom , Changwoo Min , Yeongjin Jang

Recently, code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (JOP), have emerged as a new class of ingenious security threatens. Attackers can utilize CRAs to hijack the control flow of…

Cryptography and Security · Computer Science 2018-09-20 Jiliang Zhang , Binhang Qi , Gang Qu

In this paper, coded slotted ALOHA (CSA) is introduced as a powerful random access scheme to the MAC frame. In CSA, the burst a generic user wishes to transmit in the MAC frame is first split into segments, and these segments are then…

Information Theory · Computer Science 2016-11-18 Enrico Paolini , Gianluigi Liva , Marco Chiani

We consider the problem of provably securing a given control loop implementation in the presence of adversarial interventions on data exchange between plant and controller. Such interventions can be thwarted using continuously operating…

Cryptography and Security · Computer Science 2024-08-05 Sunandan Adhikary , Ipsita Koley , Sumana Ghosh , Saurav Kumar Ghosh , Soumyajit Dey , Debdeep Mukhopadhyay

Rising device use and third-party IP integration in semiconductors raise security concerns. Unauthorized access, fault injection, and privacy invasion are potential threats from untrusted actors. Different security techniques have been…

Cryptography and Security · Computer Science 2023-11-20 Geraldine Shirley Nicholas , Dhruvakumar Vikas Aklekar , Bhavin Thakar , Fareena Saqib

Growing code bases of modern applications have led to a steady increase in the number of vulnerabilities. Control-Flow Integrity (CFI) is one promising mitigation that is more and more widely deployed and prevents numerous exploits. CFI…

Cryptography and Security · Computer Science 2022-03-01 Claudio Canella , Sebastian Dorn , Daniel Gruss , Michael Schwarz

The increased capabilities of modern real-time systems (RTS) expose them to various security threats. Recently, frameworks that integrate security tasks without perturbing the real-time tasks have been proposed, but they only target single…

Cryptography and Security · Computer Science 2017-11-15 Monowar Hasan , Sibin Mohan , Rodolfo Pellizzoni , Rakesh B. Bobba

Address Space Layout Randomization (ASLR) is a crucial defense mechanism employed by modern operating systems to mitigate exploitation by randomizing processes' memory layouts. However, the stark reality is that real-world implementations…

Cryptography and Security · Computer Science 2024-08-30 Lorenzo Binosi , Gregorio Barzasi , Michele Carminati , Stefano Zanero , Mario Polino

Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computations from potentially compromised system software. However, recent research has shown that SGX is vulnerable to branch-shadowing…

Cryptography and Security · Computer Science 2018-10-04 Shohreh Hosseinzadeh , Hans Liljestrand , Ville Leppänen , Andrew Paverd

Trusted execution environments (TEEs) protect the integrity and confidentiality of running code and its associated data. Nevertheless, TEEs' integrity protection does not extend to the state saved on disk. Furthermore, modern cloud-native…

Cryptography and Security · Computer Science 2024-08-16 Ardhi Putra Pratama Hartono , Andrey Brito , Christof Fetzer

Existing logic-locking attacks are known to successfully decrypt functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are…

Cryptography and Security · Computer Science 2021-02-18 Seetal Potluri , Aydin Aysu , Akash Kumar

Many cybersecurity attacks rely on analyzing a binary executable to find exploitable sections of code. Code obfuscation is used to prevent attackers from reverse engineering these executables. In this work, we focus on control flow…

Cryptography and Security · Computer Science 2019-08-28 Novak Boskov , Mihailo Isakov , Michel A. Kinsy

RISC-V is an open instruction set architecture recently developed for embedded real-time systems. To achieve a lasting security on these systems and design efficient countermeasures, a better understanding of vulnerabilities to novel and…

Cryptography and Security · Computer Science 2022-11-30 Olivier Gilles , Franck Viguier , Nikolai Kosmatov , Daniel Gracia Pérez

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

Just-in-time return-oriented programming (JIT-ROP) is a powerful memory corruption attack that bypasses various forms of code randomization. Execute-only memory (XOM) can potentially prevent these attacks, but requires source code. In…

Cryptography and Security · Computer Science 2020-07-08 Jannik Pewny , Philipp Koppe , Lucas Davi , Thorsten Holz

Application size and complexity are the underlying cause of numerous security vulnerabilities in code. In order to mitigate the risks arising from such vulnerabilities, various techniques have been proposed to isolate the execution of…

Cryptography and Security · Computer Science 2017-06-12 Ahmad Atamli-Reineh , Andrew Martin

RISC-V is a recently developed open instruction set architecture gaining a lot of attention. To achieve a lasting security on these systems and design efficient countermeasures, a better understanding of vulnerabilities to novel and…

Cryptography and Security · Computer Science 2023-07-25 Loïc Buckwell , Olivier Gilles , Daniel Gracia Pérez , Nikolai Kosmatov

Modern high-performance as well as power-constrained System-on-Chips (SoC) are increasingly using hardware accelerated encryption engines to secure computation, memory access, and communication operations. The electromagnetic (EM) emission…

Cryptography and Security · Computer Science 2018-02-27 Monodeep Kar , Arvind Singh , Sanu Mathew , Santosh Ghosh , Anand Rajan , Vivek De , Raheem Beyah , Saibal Mukhopadhyay
‹ Prev 1 2 3 10 Next ›