English
Related papers

Related papers: Automatic Heap Layout Manipulation for Exploitatio…

200 papers

Heap exploitation techniques to abuse the metadata of allocators have been widely studied since they are application independent and can be used in restricted environments that corrupt only metadata. Although prior work has found several…

Cryptography and Security · Computer Science 2019-03-05 Insu Yun , Dhaval Kapil , Taesoo Kim

The inability to relocate objects in unmanaged languages brings with it a menagerie of problems. Perhaps the most impactful is memory fragmentation, which has long plagued applications such as databases and web servers. These issues either…

Programming Languages · Computer Science 2024-05-02 Nick Wanninger , Tommy McMichen , Simone Campanoni , Peter Dinda

Heap security has been a major concern since the past two decades. Recently many methods have been proposed to secure heap i.e. to avoid heap overrun and attacks. The paper describes a method suggested to secure heap at the operating system…

Cryptography and Security · Computer Science 2012-06-08 Arundhati Walia , Syed i. Ahson

The detection of BGP prefix hijacking attacks has been the focus of research for more than a decade. However, state-of-the-art techniques fall short of detecting more elaborate types of attack. To study such attacks, we devise a novel…

Networking and Internet Architecture · Computer Science 2016-07-04 Johann Schlamp , Ralph Holz , Quentin Jacquemart , Georg Carle , Ernst W. Biersack

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

Heap layout randomization renders a good portion of heap vulnerabilities unexploitable. However, some remnants of the vulnerabilities are still exploitable even under the randomized layout. According to our analysis, such heap exploits…

Cryptography and Security · Computer Science 2018-08-09 Daehee Jang , Jonghwan Kim , Minjoon Park , Yunjong Jung , Hojoon Lee , Brent Byunghoon Kang

The heap is a critical and widely used component of many applications. Due to its dynamic nature, combined with the complexity of heap management algorithms, it is also a frequent target for security exploits. To enhance the heap's…

Cryptography and Security · Computer Science 2024-06-06 Zhenpeng Lin , Zheng Yu , Ziyi Guo , Simone Campanoni , Peter Dinda , Xinyu Xing

Effective query recovery attacks against Searchable Symmetric Encryption (SSE) schemes typically rely on auxiliary ground-truth information about the queries or dataset. Query recovery is also possible under the weaker statistical auxiliary…

Cryptography and Security · Computer Science 2022-06-01 Simon Oya , Florian Kerschbaum

With the dramatic increase in the amount of the text-based data which commonly contains misspellings and other errors, querying such data with flexible search patterns becomes more and more commonplace. Relational databases support the LIKE…

Databases · Computer Science 2020-02-05 Mehmet Aytimur , Ali Cakmak

Mining large graphs for information is becoming an increasingly important workload due to the plethora of graph structured data becoming available. An aspect of graph algorithms that has hitherto not received much interest is the effect of…

Data Structures and Algorithms · Computer Science 2012-03-27 Amitabha Roy

The process of data analysis, especially in GUI-based analytics systems, is highly exploratory. The user iteratively refines a workflow multiple times before arriving at the final workflow. In such an exploratory setting, it is valuable to…

Distributed, Parallel, and Cluster Computing · Computer Science 2022-08-30 Avinash Kumar , Sadeem Alsudais , Shengquan Ni , Zuozhi Wang , Yicong Huang , Chen Li

Large Language Models (LLMs) enable a new ecosystem with many downstream applications, called LLM applications, with different natural language processing tasks. The functionality and performance of an LLM application highly depend on its…

Cryptography and Security · Computer Science 2025-06-16 Bo Hui , Haolin Yuan , Neil Gong , Philippe Burlina , Yinzhi Cao

In software development, the prevalence of unsafe languages such as C and C++ introduces potential vulnerabilities, especially within the heap, a pivotal component for dynamic memory allocation. Despite its significance, heap management…

Cryptography and Security · Computer Science 2024-09-24 Zheng Yu , Ganxiang Yang , Xinyu Xing

We introduce a new dynamic analysis technique to discover invariants in separation logic for heap-manipulating programs. First, we use a debugger to obtain rich program execution traces at locations of interest on sample inputs. These…

Programming Languages · Computer Science 2019-07-02 Ton Chanh Le , Guolong Zheng , ThanhVu Nguyen

Addressing the challenge of balancing security and efficiency when deploying machine learning systems in untrusted environments, such as federated learning, remains a critical concern. A promising strategy to tackle this issue involves…

Cryptography and Security · Computer Science 2023-12-29 Dongfang Zhao

Shared library hijacking attacks in the Linux ecosystem, including embedded Linux, are a significant concern. It fundamentally exploits the dynamic linker's library-resolution semantics rather than modifying trusted libraries directly.…

Cryptography and Security · Computer Science 2026-05-27 Can Ozkan , Dave Singelee

Agent hijacking, highlighted by OWASP as a critical threat to the Large Language Model (LLM) ecosystem, enables adversaries to manipulate execution by injecting malicious instructions into retrieved content. Most existing attacks rely on…

Artificial Intelligence · Computer Science 2026-02-20 Xinhao Deng , Jiaqing Wu , Miao Chen , Yue Xiao , Ke Xu , Qi Li

We investigate the decidability of automatic program verification for programs that manipulate heaps, and in particular, decision procedures for proving memory safety for them. We extend recent work that identified a decidable subclass of…

Programming Languages · Computer Science 2020-01-01 Umang Mathur , Adithya Murali , Paul Krogmeier , P. Madhusudan , Mahesh Viswanathan

We introduce BLADE, a new approach to automatically and efficiently eliminate speculative leaks from cryptographic code. BLADE is built on the insight that to stop leaks via speculation, it suffices to $\textit{cut}$ the dataflow from…

Cryptography and Security · Computer Science 2020-12-08 Marco Vassena , Craig Disselkoen , Klaus V. Gleissenthall , Sunjay Cauligi , Rami Gökhan Kici , Ranjit Jhala , Dean Tullsen , Deian Stefan

This paper presents a novel set of algorithms for heap abstraction, identifying logically related regions of the heap. The targeted regions include objects that are part of the same component structure (recursive data structure). The result…

Logic in Computer Science · Computer Science 2012-12-21 Mohamed A. El-Zawawy
‹ Prev 1 2 3 10 Next ›