English
Related papers

Related papers: Bunshin: Compositing Security Mechanisms through D…

200 papers

N-Variant Execution (NVX) systems utilize software diversity techniques for enhancing software security. The general idea is to run multiple different variants of the same program alongside each other while monitoring their run-time…

Cryptography and Security · Computer Science 2019-03-12 Alexios Voulimeneas , Dokyung Song , Fabian Parzefall , Yeoul Na , Per Larsen , Michael Franz , Stijn Volckaert

Tamper-resistance is a fundamental software security research area. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, to our best knowledge, none of them can…

Cryptography and Security · Computer Science 2015-06-10 Hui Xu , Yangfan Zhou , Michael R. Lyu

Multi-variant execution (MVX) systems amplify the effectiveness of software diversity techniques. The key idea is to run multiple diversified program variants in lockstep while providing them with the same input and monitoring their…

Cryptography and Security · Computer Science 2020-11-05 Alexios Voulimeneas , Dokyung Song , Per Larsen , Michael Franz , Stijn Volckaert

Modern software deployment process produces software that is uniform, and hence vulnerable to large-scale code-reuse attacks. Compiler-based diversification improves the resilience and security of software systems by automatically…

Cryptography and Security · Computer Science 2020-07-20 Rodothea Myrsini Tsoupidi , Roberto Castañeda Lozano , Benoit Baudry

Software patching is a common method of removing vulnerabilities in software components to make IT systems more secure. However, there are many cases where software patching is not possible due to the critical nature of the application,…

Cryptography and Security · Computer Science 2021-06-03 Stjepan Groš , Ivan Kovačević , Ivan Dujmić , Matej Petrinović

Diversity can significantly increase the resilience of systems, by reducing the prevalence of shared vulnerabilities and making vulnerabilities harder to exploit. Work on software diversity for security typically creates variants of a…

Cryptography and Security · Computer Science 2019-07-23 Scott D. Stoller , Yanhong A. Liu

Fault attacks consist in changing the program behavior by injecting faults at run-time in order to break some expected security properties. Applications are hardened against fault attack adding countermeasures. According to the state of the…

Cryptography and Security · Computer Science 2023-03-06 Etienne Boespflug , Abderrahmane Bouguern , Laurent Mounier , Marie-Laure Potet

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. Following prior work, we advocate using secure program partitioning to synthesize cryptographic…

Cryptography and Security · Computer Science 2024-01-10 Coşku Acay , Joshua Gancher , Rolph Recto , Andrew C. Myers

An established trend in software engineering insists on using components (sometimes also called services or packages) to encapsulate a set of related functionalities or data. By defining interfaces specifying what functionalities they…

Software Engineering · Computer Science 2015-07-29 Daniel Ricardo dos Santos , Silvio Ranise , Serena Elisa Ponta

Sphinx, a hardware-software co-design architecture for binary code and runtime obfuscation. The Sphinx architecture uses binary code diversification and self-reconfigurable processing elements to maintain application functionality while…

Cryptography and Security · Computer Science 2018-02-14 Michel A. Kinsy , Donato Kava , Alan Ehret , Miguel Mark

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Software diversity protects against a modern-day exploits such as code-reuse attacks. When an attacker designs a code-reuse attack on an example executable, it relies on replicating the target environment. With software diversity, the…

Programming Languages · Computer Science 2013-12-16 Michael Stewart

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

In typical software, many comparisons and subsequent branch operations are highly critical in terms of security. Examples include password checks, signature checks, secure boot, and user privilege checks. For embedded devices, these…

Cryptography and Security · Computer Science 2018-03-23 Robert Schilling , Mario Werner , Stefan Mangard

We propose a novel approach to improving software security called Cryptographic Path Hardening, which is aimed at hiding security vulnerabilities in software from attackers through the use of provably secure and obfuscated cryptographic…

Software Engineering · Computer Science 2012-02-03 Vijay Ganesh , Michael Carbin , Martin Rinard

The sustained popularity of the cloud and cloud-related services accelerate the evolution of virtualization-enabling technologies. Modern off-the-shelf computers are already equipped with specialized hardware that enables a hypervisor to…

Software Engineering · Computer Science 2014-05-23 Francesco Gadaleta , Nick Nikiforakis , Jan Tobias Muhlberg , Wouter Joosen

In scientific computing and data science disciplines, it is often necessary to share application workflows and repeat results. Current tools containerize application workflows, and share the resulting container for repeating results. These…

Databases · Computer Science 2022-02-18 Naga Nithin Manne , Shilvi Satpati , Tanu Malik , Amitabha Bagchi , Ashish Gehani , Amitabh Chaudhary

As collaborative learning allows joint training of a model using multiple sources of data, the security problem has been a central concern. Malicious users can upload poisoned data to prevent the model's convergence or inject hidden…

Cryptography and Security · Computer Science 2021-01-21 Ximing Qiao , Yuhua Bai , Siping Hu , Ang Li , Yiran Chen , Hai Li

In typical embedded applications, the precise execution time of the program does not matter, and it is sufficient to meet a real-time deadline. However, modern applications in information security have become much more time-sensitive, due…

Cryptography and Security · Computer Science 2020-05-07 Pantea Kiaei , Patrick Schaumont

A timely software update is vital to combat the increasing security vulnerabilities. However, some software vendors may secretly patch their vulnerabilities without creating CVE entries or even describing the security issue in their change…

Cryptography and Security · Computer Science 2023-12-14 Xu He , Shu Wang , Pengbin Feng , Xinda Wang , Shiyu Sun , Qi Li , Kun Sun
‹ Prev 1 2 3 10 Next ›